/
configuration.tfvars
137 lines (113 loc) · 3.84 KB
/
configuration.tfvars
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
global_settings = {
default_region = "region1"
regions = {
region1 = "southeastasia"
}
}
resource_groups = {
vm_region1 = {
name = "example-virtual-machine-rg3"
}
}
# Virtual machines
virtual_machines = {
# Configuration to deploy a bastion host linux virtual machine
example_vm1 = {
resource_group_key = "vm_region1"
provision_vm_agent = true
# when boot_diagnostics_storage_account_key is empty string "", boot diagnostics will be put on azure managed storage
# when boot_diagnostics_storage_account_key is a non-empty string, it needs to point to the key of a user managed storage defined in diagnostic_storage_accounts
# if boot_diagnostics_storage_account_key is not defined, but global_settings.resource_defaults.virtual_machines.use_azmanaged_storage_for_boot_diagnostics is true, boot diagnostics will be put on azure managed storage
boot_diagnostics_storage_account_key = "bootdiag_region1"
os_type = "windows"
# the auto-generated ssh key in keyvault secret. Secret name being {VM name}-ssh-public and {VM name}-ssh-private
keyvault_key = "example_vm_rg1"
# Define the number of networking cards to attach the virtual machine
networking_interfaces = {
nic0 = {
# Value of the keys from networking.tfvars
vnet_key = "vnet_region1"
subnet_key = "example"
name = "0"
enable_ip_forwarding = false
internal_dns_name_label = "nic0"
public_ip_address_key = "example_vm_pip1_rg1"
}
}
virtual_machine_settings = {
windows = {
name = "example_vm2"
size = "Standard_F2"
admin_username = "adminuser"
# Spot VM to save money
priority = "Spot"
eviction_policy = "Deallocate"
patch_mode = "AutomaticByOS"
# When you want to load the file from the folder in the custom_data always use the relative path from the caf_solution in landing zones
custom_data = "../../examples/compute/virtual_machine/101-single-windows-vm/scripts/custom.ps1"
# Value of the nic keys to attach the VM. The first one in the list is the default nic
network_interface_keys = ["nic0"]
os_disk = {
name = "example_vm1-os"
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference = {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2019-Datacenter"
version = "latest"
}
}
}
}
}
diagnostic_storage_accounts = {
# Stores boot diagnostic for region1
bootdiag_region1 = {
name = "bootrg1"
resource_group_key = "vm_region1"
account_kind = "StorageV2"
account_tier = "Standard"
account_replication_type = "LRS"
access_tier = "Cool"
}
}
keyvaults = {
example_vm_rg1 = {
name = "vmsecrets"
resource_group_key = "vm_region1"
sku_name = "standard"
creation_policies = {
logged_in_user = {
secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"]
}
}
}
}
vnets = {
vnet_region1 = {
resource_group_key = "vm_region1"
vnet = {
name = "virtual_machines"
address_space = ["10.100.100.0/24"]
}
specialsubnets = {}
subnets = {
example = {
name = "examples"
cidr = ["10.100.100.0/29"]
}
}
}
}
public_ip_addresses = {
example_vm_pip1_rg1 = {
name = "example_vm_pip1"
resource_group_key = "vm_region1"
sku = "Standard"
allocation_method = "Static"
ip_version = "IPv4"
idle_timeout_in_minutes = "4"
}
}