# Resource Group resource "random_pet" "rg_name" { separator = "-" } resource "azurerm_resource_group" "rg" { location = var.resource_group_location name = "${var.resource_group_name_prefix}-${random_pet.rg_name.id}" } # Random String for unique naming resource "random_string" "name" { length = 8 special = false upper = false lower = true numeric = false } # Virtual Network resource "azurerm_virtual_network" "vnet" { name = "vnet-${random_string.name.result}" address_space = var.address_space location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name } # Subnet resource "azurerm_subnet" "subnet" { name = "subnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.vnet.name address_prefixes = var.address_prefixes } # Private DNS Zone resource "azurerm_private_dns_zone" "dns_zone" { name = var.private_dns_zone_name resource_group_name = azurerm_resource_group.rg.name } # Private DNS Zone Virtual Network Link resource "azurerm_private_dns_zone_virtual_network_link" "dsn_vnet_link" { name = "dns-vnet-link-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name private_dns_zone_name = azurerm_private_dns_zone.dns_zone.name virtual_network_id = azurerm_virtual_network.vnet.id } # Random Passwords for VMs resource "random_password" "vm1_admin_password" { length = 16 special = true } resource "random_password" "vm2_admin_password" { length = 16 special = true } # Network Interfaces resource "azurerm_network_interface" "nic1" { name = "nic1-${random_string.name.result}" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "internal" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" } } resource "azurerm_network_interface" "nic2" { name = "nic2-${random_string.name.result}" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "internal" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" } } # Windows Virtual Machines resource "azurerm_windows_virtual_machine" "vm1" { name = "vm1-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location size = "Standard_F2" admin_username = var.admin_username admin_password = random_password.vm1_admin_password.result network_interface_ids = [ azurerm_network_interface.nic1.id, ] os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServer" sku = "2019-Datacenter" version = "latest" } # Make idempotent vm_agent_platform_updates_enabled = true } resource "azurerm_windows_virtual_machine" "vm2" { name = "vm2-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location size = "Standard_F2" admin_username = var.admin_username admin_password = random_password.vm1_admin_password.result network_interface_ids = [ azurerm_network_interface.nic2.id, ] os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServer" sku = "2019-Datacenter" version = "latest" } # Make idempotent vm_agent_platform_updates_enabled = true } # Private DNS A Record resource "azurerm_private_dns_a_record" "pdar" { name = "test" zone_name = azurerm_private_dns_zone.dns_zone.name resource_group_name = azurerm_resource_group.rg.name ttl = 300 records = [azurerm_windows_virtual_machine.vm1.private_ip_address] } # Network Security Group resource "azurerm_network_security_group" "nsg" { name = "nsg-${random_string.name.result}" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name } # Network Security Rule resource "azurerm_network_security_rule" "nsr_icmp" { name = "Allow-ICMP" priority = 100 direction = "Inbound" access = "Allow" protocol = "Icmp" source_port_range = "*" destination_port_range = "*" source_address_prefix = "*" destination_address_prefix = "*" resource_group_name = azurerm_resource_group.rg.name network_security_group_name = azurerm_network_security_group.nsg.name }