Create a virtual machine.
NOTE: Data Disks can be attached either directly on the
azurerm_virtual_machineresource, or using theazurerm_virtual_machine_data_disk_attachmentresource - but the two cannot be used together. If both are used against the same Virtual Machine, spurious changes will occur.
resource "azurerm_resource_group" "test" { name = "acctestRG" location = "West US 2" } resource "azurerm_virtual_network" "test" { name = "acctvn" address_space = ["10.0.0.0/16"] location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" } resource "azurerm_subnet" "test" { name = "acctsub" resource_group_name = "${azurerm_resource_group.test.name}" virtual_network_name = "${azurerm_virtual_network.test.name}" address_prefix = "10.0.2.0/24" } resource "azurerm_network_interface" "test" { name = "acctni" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" ip_configuration { name = "testconfiguration1" subnet_id = "${azurerm_subnet.test.id}" private_ip_address_allocation = "dynamic" } } resource "azurerm_managed_disk" "test" { name = "datadisk_existing" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" storage_account_type = "Standard_LRS" create_option = "Empty" disk_size_gb = "1023" } resource "azurerm_virtual_machine" "test" { name = "acctvm" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" network_interface_ids = ["${azurerm_network_interface.test.id}"] vm_size = "Standard_DS1_v2" # Uncomment this line to delete the OS disk automatically when deleting the VM # delete_os_disk_on_termination = true # Uncomment this line to delete the data disks automatically when deleting the VM # delete_data_disks_on_termination = true storage_image_reference { publisher = "Canonical" offer = "UbuntuServer" sku = "16.04-LTS" version = "latest" } storage_os_disk { name = "myosdisk1" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" } # Optional data disks storage_data_disk { name = "datadisk_new" managed_disk_type = "Standard_LRS" create_option = "Empty" lun = 0 disk_size_gb = "1023" } storage_data_disk { name = "${azurerm_managed_disk.test.name}" managed_disk_id = "${azurerm_managed_disk.test.id}" create_option = "Attach" lun = 1 disk_size_gb = "${azurerm_managed_disk.test.disk_size_gb}" } os_profile { computer_name = "hostname" admin_username = "testadmin" admin_password = "Password1234!" } os_profile_linux_config { disable_password_authentication = false } tags { environment = "staging" } }
#Assume that custom image has been already created in the 'customimage' resource group data "azurerm_resource_group" "image" { name = "customimage" } data "azurerm_image" "image" { name = "myCustomImage" resource_group_name = "${data.azurerm_resource_group.image.name}" } resource "azurerm_resource_group" "test" { name = "acctestRG" location = "West US 2" } resource "azurerm_virtual_network" "test" { name = "acctvn" address_space = ["10.0.0.0/16"] location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" } resource "azurerm_subnet" "test" { name = "acctsub" resource_group_name = "${azurerm_resource_group.test.name}" virtual_network_name = "${azurerm_virtual_network.test.name}" address_prefix = "10.0.2.0/24" } resource "azurerm_network_interface" "test" { name = "acctni" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" ip_configuration { name = "testconfiguration1" subnet_id = "${azurerm_subnet.test.id}" private_ip_address_allocation = "dynamic" } } resource "azurerm_managed_disk" "test" { name = "datadisk_existing" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" storage_account_type = "Standard_LRS" create_option = "Empty" disk_size_gb = "1023" } resource "azurerm_virtual_machine" "test" { name = "acctvm" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" network_interface_ids = ["${azurerm_network_interface.test.id}"] vm_size = "Standard_DS1_v2" # Uncomment this line to delete the OS disk automatically when deleting the VM # delete_os_disk_on_termination = true # Uncomment this line to delete the data disks automatically when deleting the VM # delete_data_disks_on_termination = true storage_image_reference { id="${data.azurerm_image.image.id}" } storage_os_disk { name = "myosdisk1" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" } # Optional data disks storage_data_disk { name = "datadisk_new" managed_disk_type = "Standard_LRS" create_option = "Empty" lun = 0 disk_size_gb = "1023" } storage_data_disk { name = "${azurerm_managed_disk.test.name}" managed_disk_id = "${azurerm_managed_disk.test.id}" create_option = "Attach" lun = 1 disk_size_gb = "${azurerm_managed_disk.test.disk_size_gb}" } os_profile { computer_name = "hostname" admin_username = "testadmin" admin_password = "Password1234!" } os_profile_linux_config { disable_password_authentication = false } tags { environment = "staging" } }
resource "azurerm_resource_group" "test" { name = "acctestRG" location = "West US" } resource "azurerm_virtual_network" "test" { name = "acctvn" address_space = ["10.0.0.0/16"] location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" } resource "azurerm_subnet" "test" { name = "acctsub" resource_group_name = "${azurerm_resource_group.test.name}" virtual_network_name = "${azurerm_virtual_network.test.name}" address_prefix = "10.0.2.0/24" } resource "azurerm_network_interface" "test" { name = "acctni" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" ip_configuration { name = "testconfiguration1" subnet_id = "${azurerm_subnet.test.id}" private_ip_address_allocation = "dynamic" } } resource "azurerm_storage_account" "test" { name = "accsa" resource_group_name = "${azurerm_resource_group.test.name}" location = "${azurerm_resource_group.test.location}" account_tier = "Standard" account_replication_type = "LRS" tags { environment = "staging" } } resource "azurerm_storage_container" "test" { name = "vhds" resource_group_name = "${azurerm_resource_group.test.name}" storage_account_name = "${azurerm_storage_account.test.name}" container_access_type = "private" } resource "azurerm_virtual_machine" "test" { name = "acctvm" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" network_interface_ids = ["${azurerm_network_interface.test.id}"] vm_size = "Standard_F2" # Uncomment this line to delete the OS disk automatically when deleting the VM # delete_os_disk_on_termination = true # Uncomment this line to delete the data disks automatically when deleting the VM # delete_data_disks_on_termination = true storage_image_reference { publisher = "Canonical" offer = "UbuntuServer" sku = "16.04-LTS" version = "latest" } storage_os_disk { name = "myosdisk1" vhd_uri = "${azurerm_storage_account.test.primary_blob_endpoint}${azurerm_storage_container.test.name}/myosdisk1.vhd" caching = "ReadWrite" create_option = "FromImage" } # Optional data disks storage_data_disk { name = "datadisk0" vhd_uri = "${azurerm_storage_account.test.primary_blob_endpoint}${azurerm_storage_container.test.name}/datadisk0.vhd" disk_size_gb = "1023" create_option = "Empty" lun = 0 } os_profile { computer_name = "hostname" admin_username = "testadmin" admin_password = "Password1234!" } os_profile_linux_config { disable_password_authentication = false } tags { environment = "staging" } }
The following arguments are supported:
name - (Required) Specifies the name of the virtual machine resource. Changing this forces a new resource to be created. resource_group_name - (Required) The name of the resource group in which to create the virtual machine. location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. plan - (Optional) A plan block as documented below. availability_set_id - (Optional) The Id of the Availability Set in which to create the virtual machine boot_diagnostics - (Optional) A boot diagnostics profile block as referenced below. vm_size - (Required) Specifies the size of the virtual machine. storage_image_reference - (Optional) A Storage Image Reference block as documented below. storage_os_disk - (Required) A Storage OS Disk block as referenced below. delete_os_disk_on_termination - (Optional) Flag to enable deletion of the OS disk VHD blob or managed disk when the VM is deleted, defaults to false storage_data_disk - (Optional) A list of Storage Data disk blocks as referenced below. Please Note: Data Disks can also be attached either using this block or the
azurerm_virtual_machine_data_disk_attachmentresource - but not both.
delete_data_disks_on_termination - (Optional) Flag to enable deletion of storage data disk VHD blobs or managed disks when the VM is deleted, defaults to false os_profile - (Optional) An OS Profile block as documented below. Required when create_option in the storage_os_disk block is set to FromImage. identity - (Optional) An identity block as documented below.
license_type - (Optional, when a Windows machine) Specifies the Windows OS license type. If supplied, the only allowed values are Windows_Client and Windows_Server.
os_profile_windows_config - (Required, when a Windows machine) A Windows config block as documented below.
os_profile_linux_config - (Required, when a Linux machine) A Linux config block as documented below.
os_profile_secrets - (Optional) A collection of Secret blocks as documented below.
network_interface_ids - (Required) Specifies the list of resource IDs for the network interfaces associated with the virtual machine.
primary_network_interface_id - (Optional) Specifies the resource ID for the primary network interface associated with the virtual machine.
tags - (Optional) A mapping of tags to assign to the resource.
zones - (Optional) A collection containing the availability zone to allocate the Virtual Machine in.
Please Note: Availability Zones are in Preview and only supported in several regions at this time - as such you must be opted into the Preview to use this functionality. You can opt into the Availability Zones Preview in the Azure Portal.
For more information on the different example configurations, please check out the azure documentation
Plan supports the following:
name - (Required) Specifies the name of the image from the marketplace. publisher - (Required) Specifies the publisher of the image. product - (Required) Specifies the product of the image from the marketplace. boot_diagnostics supports the following:
enabled: (Required) Whether to enable boot diagnostics for the virtual machine. storage_uri: (Required) Blob endpoint for the storage account to hold the virtual machine's diagnostic files. This must be the root of a storage account, and not a storage container. storage_image_reference supports the following:
id - (Optional) Specifies the ID of the (custom) image to use to create the virtual machine, for example: resource "azurerm_image" "test" { name = "test" ... } resource "azurerm_virtual_machine" "test" { name = "test" ... storage_image_reference { id = "${azurerm_image.test.id}" } ...
publisher - (Required, when not using image resource) Specifies the publisher of the image used to create the virtual machine. Changing this forces a new resource to be created. offer - (Required, when not using image resource) Specifies the offer of the image used to create the virtual machine. Changing this forces a new resource to be created. sku - (Required, when not using image resource) Specifies the SKU of the image used to create the virtual machine. Changing this forces a new resource to be created. version - (Optional) Specifies the version of the image used to create the virtual machine. Changing this forces a new resource to be created. storage_os_disk supports the following:
name - (Required) Specifies the disk name. vhd_uri - (Optional) Specifies the vhd uri. Changing this forces a new resource to be created. Cannot be used with managed disks. managed_disk_type - (Optional) Specifies the type of managed disk to create. Value you must be either Standard_LRS or Premium_LRS. Cannot be used when vhd_uri is specified. managed_disk_id - (Optional) Specifies an existing managed disk to use by id. Can only be used when create_option is Attach. Cannot be used when vhd_uri is specified. create_option - (Required) Specifies how the virtual machine should be created. Possible values are Attach (managed disks only) and FromImage. caching - (Optional) Specifies the caching requirements. image_uri - (Optional) Specifies the image_uri in the form publisherName:offer:skus:version. image_uri can also specify the VHD uri of a custom VM image to clone. When cloning a custom disk image the os_type documented below becomes required. os_type - (Optional) Specifies the operating system Type, valid values are windows, linux. disk_size_gb - (Optional) Specifies the size of the os disk in gigabytes. write_accelerator_enabled - (Optional) Specifies if Write Accelerator is enabled on the disk. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. Defaults to false. storage_data_disk supports the following:
name - (Required) Specifies the name of the data disk. vhd_uri - (Optional) Specifies the uri of the location in storage where the vhd for the virtual machine should be placed. Cannot be used with managed disks. managed_disk_type - (Optional) Specifies the type of managed disk to create. Value you must be either Standard_LRS or Premium_LRS. Cannot be used when vhd_uri is specified. managed_disk_id - (Optional) Specifies an existing managed disk to use by id. Can only be used when create_option is Attach. Cannot be used when vhd_uri is specified. create_option - (Required) Specifies how the data disk should be created. Possible values are Attach, FromImage and Empty. disk_size_gb - (Required) Specifies the size of the data disk in gigabytes. caching - (Optional) Specifies the caching requirements. lun - (Required) Specifies the logical unit number of the data disk. write_accelerator_enabled - (Optional) Specifies if Write Accelerator is enabled on the disk. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. Defaults to false. os_profile supports the following:
computer_name - (Required) Specifies the name of the virtual machine. admin_username - (Required) Specifies the name of the administrator account. admin_password - (Required for Windows, Optional for Linux) Specifies the password of the administrator account. custom_data - (Optional) Specifies custom data to supply to the machine. On linux-based systems, this can be used as a cloud-init script. On other systems, this will be copied as a file on disk. Internally, Terraform will base64 encode this value before sending it to the API. The maximum length of the binary array is 65535 bytes. NOTE:
admin_passwordmust be between 6-72 characters long and must satisfy at least 3 of password complexity requirements from the following: 1. Contains an uppercase character 2. Contains a lowercase character 3. Contains a numeric digit 4. Contains a special character
identity supports the following:
type - (Required) Specifies the identity type of the virtual machine. The only allowable value is SystemAssigned. To enable Managed Service Identity the virtual machine extension "ManagedIdentityExtensionForWindows" or "ManagedIdentityExtensionForLinux" must also be added to the virtual machine. The Principal ID can be retrieved after the virtual machine has been created, e.g. resource "azurerm_virtual_machine" "test" { name = "test" identity = { type = "SystemAssigned" } } resource "azurerm_virtual_machine_extension" "test" { name = "test" resource_group_name = "${azurerm_resource_group.test.name}" location = "${azurerm_resource_group.test.location}" virtual_machine_name = "${azurerm_virtual_machine.test.name}" publisher = "Microsoft.ManagedIdentity" type = "ManagedIdentityExtensionForWindows" type_handler_version = "1.0" settings = <<SETTINGS { "port": 50342 } SETTINGS } output "principal_id" { value = "${lookup(azurerm_virtual_machine.test.identity[0], "principal_id")}" }
os_profile_windows_config supports the following:
provision_vm_agent - (Optional) This value defaults to false. enable_automatic_upgrades - (Optional) This value defaults to false. timezone - (Optional) Specifies the time zone of the virtual machine, the possible values are defined here. Defaults to "". winrm - (Optional) A collection of WinRM configuration blocks as documented below. additional_unattend_config - (Optional) An Additional Unattended Config block as documented below. winrm supports the following:
protocol - (Required) Specifies the protocol of listener certificate_url - (Optional) Specifies URL of the certificate with which new Virtual Machines is provisioned. additional_unattend_config supports the following:
pass - (Required) Specifies the name of the pass that the content applies to. The only allowable value is oobeSystem. component - (Required) Specifies the name of the component to configure with the added content. The only allowable value is Microsoft-Windows-Shell-Setup. setting_name - (Required) Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. content - (Optional) Specifies the base-64 encoded XML formatted content that is added to the unattend.xml file for the specified path and component. os_profile_linux_config supports the following:
disable_password_authentication - (Required) Specifies whether password authentication should be disabled. If set to false, an admin_password must be specified. ssh_keys - (Optional) Specifies a collection of path and key_data to be placed on the virtual machine. The path attribute sets the path of the destination file on the virtual machine, and the key_data-attribute sets the content of the destination file. An example of a working configuration (<user> needs to be replaced with the actual username): hcl
ssh_keys {
key_data = "${file("/home/<user>/.ssh/authorized_keys")}"
path = "/home/<user>/.ssh/authorized_keys"
}
~> Note: Please note that the only allowed path is /home/<username>/.ssh/authorized_keys due to a limitation of Azure. os_profile_secrets supports the following:
source_vault_id - (Required) Specifies the key vault to use. vault_certificates - (Required) A collection of Vault Certificates as documented below vault_certificates support the following:
certificate_url - (Required) Specifies the URI of the key vault secrets in the format of https://<vaultEndpoint>/secrets/<secretName>/<secretVersion>. Stored secret is the Base64 encoding of a JSON Object that which is encoded in UTF-8 of which the contents need to be { "data":"<Base64-encoded-certificate>", "dataType":"pfx", "password":"<pfx-file-password>" }
certificate_store - (Required, on windows machines) Specifies the certificate store on the Virtual Machine where the certificate should be added to. The following attributes are exported:
id - The virtual machine ID. Virtual Machines can be imported using the resource id, e.g.
terraform import azurerm_virtual_machine.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/microsoft.compute/virtualMachines/machine1
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/azurerm/r/virtual_machine.html