From 69a6682831dc95202c0f91aed8f21d847c5a9b70 Mon Sep 17 00:00:00 2001 From: Mark Gray Date: Sat, 19 Oct 2019 13:06:31 -0700 Subject: [PATCH] Tweaked TF code examples to ensure they work and flow --- Terraform/01 - Basics/Code/provider.tf | 3 +- Terraform/01 - Basics/Code/vnet.tf | 6 ++- Terraform/02 - Variables/Code/nic.tf | 10 ++--- Terraform/02 - Variables/Code/provider.tf | 3 +- .../02 - Variables/Code/terraform.tfvars | 2 + Terraform/02 - Variables/Code/variables.tf | 8 ++-- Terraform/02 - Variables/Code/vm.tf | 14 ++++-- Terraform/02 - Variables/Code/vnet.tf | 15 +++++++ Terraform/03 - Helpers/code/nic.tf | 13 ++++++ Terraform/03 - Helpers/code/provider.tf | 4 ++ Terraform/03 - Helpers/code/terraform.tfvars | 30 +++++++++++++ Terraform/03 - Helpers/code/variables.tf | 24 +++++++++++ Terraform/03 - Helpers/code/vm.tf | 34 +++++++++++++++ Terraform/03 - Helpers/code/vnet.tf | 43 +++++++++++++++++++ Terraform/04 - Security/Code - Part 2/nic.tf | 2 +- Terraform/04 - Security/Code - Part 2/vnet.tf | 2 +- 16 files changed, 193 insertions(+), 20 deletions(-) create mode 100644 Terraform/02 - Variables/Code/terraform.tfvars create mode 100644 Terraform/02 - Variables/Code/vnet.tf create mode 100644 Terraform/03 - Helpers/code/nic.tf create mode 100644 Terraform/03 - Helpers/code/provider.tf create mode 100644 Terraform/03 - Helpers/code/terraform.tfvars create mode 100644 Terraform/03 - Helpers/code/variables.tf create mode 100644 Terraform/03 - Helpers/code/vm.tf create mode 100644 Terraform/03 - Helpers/code/vnet.tf diff --git a/Terraform/01 - Basics/Code/provider.tf b/Terraform/01 - Basics/Code/provider.tf index b0e2929..10601b4 100644 --- a/Terraform/01 - Basics/Code/provider.tf +++ b/Terraform/01 - Basics/Code/provider.tf @@ -1,5 +1,4 @@ # Configure the Azure Provider provider "azurerm" { - # whilst the `version` attribute is optional, we recommend pinning to a given version of the Provider - version = "=1.34.0" + version = "~>1.35.0" } \ No newline at end of file diff --git a/Terraform/01 - Basics/Code/vnet.tf b/Terraform/01 - Basics/Code/vnet.tf index 3dfdfbe..d4766e7 100644 --- a/Terraform/01 - Basics/Code/vnet.tf +++ b/Terraform/01 - Basics/Code/vnet.tf @@ -1,3 +1,4 @@ +# Configure Vnet and Subnet resource "azurerm_virtual_network" "predayvnet" { name = "tfignitepreday" location = "East US 2" @@ -5,6 +6,7 @@ resource "azurerm_virtual_network" "predayvnet" { address_space = ["10.0.0.0/16"] subnet { - name = "subnet1" + name = "default" address_prefix = "10.0.1.0/24" - } \ No newline at end of file + } +} \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/nic.tf b/Terraform/02 - Variables/Code/nic.tf index 6144dc3..d93c033 100644 --- a/Terraform/02 - Variables/Code/nic.tf +++ b/Terraform/02 - Variables/Code/nic.tf @@ -1,12 +1,12 @@ -#Configure Network Interface -resource "azurerm_network_interface" "example" { +#Configure Network Interface# Configure Network Interface +resource "azurerm_network_interface" "predaynic" { name = "tfignitepredaynic" - location = "var.location" - resource_group_name = "var.my_resource_group" + location = var.location + resource_group_name = var.rg ip_configuration { name = "tfpredaynicconfig" - subnet_id = "azurerm_subnet.predayvnet.subnets[0]}" + subnet_id = azurerm_subnet.predaysubnet.id private_ip_address_allocation = "Dynamic" } } \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/provider.tf b/Terraform/02 - Variables/Code/provider.tf index b0e2929..10601b4 100644 --- a/Terraform/02 - Variables/Code/provider.tf +++ b/Terraform/02 - Variables/Code/provider.tf @@ -1,5 +1,4 @@ # Configure the Azure Provider provider "azurerm" { - # whilst the `version` attribute is optional, we recommend pinning to a given version of the Provider - version = "=1.34.0" + version = "~>1.35.0" } \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/terraform.tfvars b/Terraform/02 - Variables/Code/terraform.tfvars new file mode 100644 index 0000000..715cb0b --- /dev/null +++ b/Terraform/02 - Variables/Code/terraform.tfvars @@ -0,0 +1,2 @@ +rg = "" ## Enter the resource group pre-created in your lab +location = "" ## Enter the azure region for your resources \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/variables.tf b/Terraform/02 - Variables/Code/variables.tf index 930b4ca..35ea764 100644 --- a/Terraform/02 - Variables/Code/variables.tf +++ b/Terraform/02 - Variables/Code/variables.tf @@ -1,9 +1,9 @@ -variable "my_resource_group" { - description = "Resource group to put resources into" - default = "<<>>" +variable "rg" { + type = "string" + description = "Name of Lab resource group to provision resources to." } variable "location" { + type = "string" description = "Azure region to put resources in" - default = "East US" } \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/vm.tf b/Terraform/02 - Variables/Code/vm.tf index 6ad46ad..e28d4a4 100644 --- a/Terraform/02 - Variables/Code/vm.tf +++ b/Terraform/02 - Variables/Code/vm.tf @@ -1,8 +1,10 @@ -resource "azurerm_virtual_machine" "example" { +# Configure Virtual Machine +resource "azurerm_virtual_machine" "predayvm" { name = "tfignitepredayvm" - location = "var.location" - resource_group_name = "var.my_resource_group" + location = var.location + resource_group_name = var.rg vm_size = "Standard_DS1_v2" + network_interface_ids = [azurerm_network_interface.predaynic.id] storage_image_reference { publisher = "Canonical" @@ -10,15 +12,21 @@ resource "azurerm_virtual_machine" "example" { sku = "16.04-LTS" version = "latest" } + storage_os_disk { name = "myosdisk1" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" } + os_profile { computer_name = "hostname" admin_username = "testadmin" admin_password = "Password1234!" } + + os_profile_linux_config { + disable_password_authentication = false + } } \ No newline at end of file diff --git a/Terraform/02 - Variables/Code/vnet.tf b/Terraform/02 - Variables/Code/vnet.tf new file mode 100644 index 0000000..9e30a74 --- /dev/null +++ b/Terraform/02 - Variables/Code/vnet.tf @@ -0,0 +1,15 @@ +# Configure Vnet -- pull subnet out to its own resource to demonstrate references / dependencies +resource "azurerm_virtual_network" "predayvnet" { + name = "tfignitepreday" + location = var.location + resource_group_name = var.rg + address_space = ["10.0.0.0/16"] +} + +# Configure Subnet +resource "azurerm_subnet" "predaysubnet" { + name = "default" + resource_group_name = var.rg + virtual_network_name = azurerm_virtual_network.predayvnet.name + address_prefix = "10.0.1.0/24" +} \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/nic.tf b/Terraform/03 - Helpers/code/nic.tf new file mode 100644 index 0000000..8b44857 --- /dev/null +++ b/Terraform/03 - Helpers/code/nic.tf @@ -0,0 +1,13 @@ +#Configure Network Interface# Configure Network Interface +resource "azurerm_network_interface" "predaynic" { + name = "tfignitepredaynic" + location = var.location + resource_group_name = var.rg + + ip_configuration { + name = "tfpredaynicconfig" + subnet_id = azurerm_subnet.predaysubnet.id + private_ip_address_allocation = "Dynamic" + } + tags = var.tags +} \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/provider.tf b/Terraform/03 - Helpers/code/provider.tf new file mode 100644 index 0000000..10601b4 --- /dev/null +++ b/Terraform/03 - Helpers/code/provider.tf @@ -0,0 +1,4 @@ +# Configure the Azure Provider +provider "azurerm" { + version = "~>1.35.0" +} \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/terraform.tfvars b/Terraform/03 - Helpers/code/terraform.tfvars new file mode 100644 index 0000000..6a97c5f --- /dev/null +++ b/Terraform/03 - Helpers/code/terraform.tfvars @@ -0,0 +1,30 @@ +rg = "" ## Enter the resource group pre-created in your lab +location = "" ## Enter the azure region for your resources +securityGroupRules = [ + { + name = "DNS" + priority = 100 + protocol = "*" + destinationPortRange = "53" + }, + { + name = "HTTPS" + priority = 150 + protocol = "tcp" + destinationPortRange = "443" + }, + { + name = "WHOIS" + priority = 200 + protocol = "tcp" + destinationPortRange = "43" + }, + ] + +tags = { + event = "Ignite" + year = "2019" + session_id = "PRE04" + iac_tool = "terraform" + lab = "4" + } \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/variables.tf b/Terraform/03 - Helpers/code/variables.tf new file mode 100644 index 0000000..68a41ea --- /dev/null +++ b/Terraform/03 - Helpers/code/variables.tf @@ -0,0 +1,24 @@ +variable "rg" { + type = "string" + description = "Name of Lab resource group to provision resources to." +} + +variable "location" { + type = "string" + description = "Azure region to put resources in" +} + +variable "securityGroupRules" { + type = list(object({ + name = string + priority = number + protocol = string + destinationPortRange = string + })) + description = "List of security group rules" +} + +variable "tags" { + type = map(string) + description = "tags to be used with all resources in the lab" +} \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/vm.tf b/Terraform/03 - Helpers/code/vm.tf new file mode 100644 index 0000000..aa85efa --- /dev/null +++ b/Terraform/03 - Helpers/code/vm.tf @@ -0,0 +1,34 @@ +# Configure Virtual Machine +resource "azurerm_virtual_machine" "predayvm" { + name = "tfignitepredayvm" + location = var.location + resource_group_name = var.rg + vm_size = "Standard_DS1_v2" + network_interface_ids = [azurerm_network_interface.predaynic.id] + + storage_image_reference { + publisher = "Canonical" + offer = "UbuntuServer" + sku = "16.04-LTS" + version = "latest" + } + + storage_os_disk { + name = "myosdisk1" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + os_profile { + computer_name = "hostname" + admin_username = "testadmin" + admin_password = "Password1234!" + } + + os_profile_linux_config { + disable_password_authentication = false + } + + tags = var.tags +} \ No newline at end of file diff --git a/Terraform/03 - Helpers/code/vnet.tf b/Terraform/03 - Helpers/code/vnet.tf new file mode 100644 index 0000000..a620d68 --- /dev/null +++ b/Terraform/03 - Helpers/code/vnet.tf @@ -0,0 +1,43 @@ +# Configure Vnet -- pull subnet out to its own resource to demonstrate references / dependencies +resource "azurerm_virtual_network" "predayvnet" { + name = "tfignitepreday" + location = var.location + resource_group_name = var.rg + address_space = ["10.0.0.0/16"] + tags = var.tags +} + +# Configure Subnet +resource "azurerm_subnet" "predaysubnet" { + name = "default" + resource_group_name = var.rg + virtual_network_name = azurerm_virtual_network.predayvnet.name + address_prefix = "10.0.1.0/24" +} + +resource "azurerm_network_security_group" "predaysg" { + name = "default-rules" + location = var.location + resource_group_name = var.rg + + dynamic "security_rule" { + for_each = var.securityGroupRules + + content { + name = lower(security_rule.value.name) + priority = security_rule.value.priority + direction = "Inbound" + access = "Allow" + protocol = title(security_rule.value.protocol) + source_port_range = "*" + destination_port_range = security_rule.value.destinationPortRange + source_address_prefix = "*" + destination_address_prefix = "VirtualNetwork" + } + } +} + +resource "azurerm_subnet_network_security_group_association" "preday" { + subnet_id = azurerm_subnet.predaysubnet.id + network_security_group_id = azurerm_network_security_group.predaysg.id +} \ No newline at end of file diff --git a/Terraform/04 - Security/Code - Part 2/nic.tf b/Terraform/04 - Security/Code - Part 2/nic.tf index 9114d40..7d4def5 100644 --- a/Terraform/04 - Security/Code - Part 2/nic.tf +++ b/Terraform/04 - Security/Code - Part 2/nic.tf @@ -1,5 +1,5 @@ # Configure Network Interface -resource "azurerm_network_interface" "tf_pre-day" { +resource "azurerm_network_interface" "predaynic" { name = "tfignitepredaynic" location = var.location resource_group_name = var.rg diff --git a/Terraform/04 - Security/Code - Part 2/vnet.tf b/Terraform/04 - Security/Code - Part 2/vnet.tf index 424cc58..465d8f4 100644 --- a/Terraform/04 - Security/Code - Part 2/vnet.tf +++ b/Terraform/04 - Security/Code - Part 2/vnet.tf @@ -1,4 +1,4 @@ -# Configure VNet and Subnet +# Configure VNet resource "azurerm_virtual_network" "predayvnet" { name = "tfignitepreday" location = var.location