» azurerm_virtual_machine

Manages a Virtual Machine.

» Example Usage (from an Azure Platform Image)

This example provisions a Virtual Machine with Managed Disks. Other examples of the azurerm_virtual_machine resource can be found in the ./examples/virtual-machines directory within the Github Repository

variable "prefix" {
  default = "tfvmex"
}

resource "azurerm_resource_group" "main" {
  name     = "${var.prefix}-resources"
  location = "West US 2"
}

resource "azurerm_virtual_network" "main" {
  name                = "${var.prefix}-network"
  address_space       = ["10.0.0.0/16"]
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${azurerm_resource_group.main.name}"
}

resource "azurerm_subnet" "internal" {
  name                 = "internal"
  resource_group_name  = "${azurerm_resource_group.main.name}"
  virtual_network_name = "${azurerm_virtual_network.main.name}"
  address_prefix       = "10.0.2.0/24"
}

resource "azurerm_network_interface" "main" {
  name                = "${var.prefix}-nic"
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${azurerm_resource_group.main.name}"

  ip_configuration {
    name                          = "testconfiguration1"
    subnet_id                     = "${azurerm_subnet.internal.id}"
    private_ip_address_allocation = "dynamic"
  }
}

resource "azurerm_virtual_machine" "main" {
  name                  = "${var.prefix}-vm"
  location              = "${azurerm_resource_group.main.location}"
  resource_group_name   = "${azurerm_resource_group.main.name}"
  network_interface_ids = ["${azurerm_network_interface.main.id}"]
  vm_size               = "Standard_DS1_v2"

  # Uncomment this line to delete the OS disk automatically when deleting the VM
  # delete_os_disk_on_termination = true

  # Uncomment this line to delete the data disks automatically when deleting the VM
  # delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  }

  storage_os_disk {
    name              = "myosdisk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }

  os_profile {
    computer_name  = "hostname"
    admin_username = "testadmin"
    admin_password = "Password1234!"
  }

  os_profile_linux_config {
    disable_password_authentication = false
  }

  tags {
    environment = "staging"
  }
}

» Argument Reference

The following arguments are supported:

  • name - (Required) Specifies the name of the Virtual Machine. Changing this forces a new resource to be created.

  • resource_group_name - (Required) Specifies the name of the Resource Group in which the Virtual Machine should exist. Changing this forces a new resource to be created.

  • location - (Required) Specifies the Azure Region where the Virtual Machine exists. Changing this forces a new resource to be created.

  • network_interface_ids - (Required) A list of Network Interface ID's which should be associated with the Virtual Machine.

  • os_profile_linux_config - (Required, when a Linux machine) A os_profile_linux_config block.

  • os_profile_windows_config - (Required, when a Windows machine) A os_profile_windows_config block.

  • vm_size - (Required) Specifies the size of the Virtual Machine.


  • availability_set_id - (Optional) The ID of the Availability Set in which the Virtual Machine should exist. Changing this forces a new resource to be created.

  • boot_diagnostics - (Optional) A boot_diagnostics block.

  • delete_os_disk_on_termination - (Optional) Should the OS Disk (either the Managed Disk / VHD Blob) be deleted when the Virtual Machine is destroyed? Defaults to false.

  • delete_data_disks_on_termination - (Optional) Should the Data Disks (either the Managed Disks / VHD Blobs) be deleted when the Virtual Machine is destroyed? Defaults to false.

  • identity - (Optional) A identity block.

  • license_type - (Optional) Specifies the BYOL Type for this Virtual Machine. This is only applicable to Windows Virtual Machines. Possible values are Windows_Client and Windows_Server.

  • os_profile - (Optional) An os_profile block. Required when create_option in the storage_os_disk block is set to FromImage.

  • os_profile_secrets - (Optional) One or more os_profile_secrets blocks.

  • plan - (Optional) A plan block.

  • primary_network_interface_id - (Optional) The ID of the Network Interface (which must be attached to the Virtual Machine) which should be the Primary Network Interface for this Virtual Machine.

  • storage_data_disk - (Optional) One or more storage_data_disk blocks.

  • storage_image_reference - (Optional) A storage_image_reference block.

  • storage_os_disk - (Required) A storage_os_disk block.

  • tags - (Optional) A mapping of tags to assign to the Virtual Machine.

  • zones - (Optional) A list of a single item of the Availability Zone which the Virtual Machine should be allocated in.

For more information on the different example configurations, please check out the Azure documentation


A additional_unattend_config block supports the following:

  • pass - (Required) Specifies the name of the pass that the content applies to. The only allowable value is oobeSystem.

  • component - (Required) Specifies the name of the component to configure with the added content. The only allowable value is Microsoft-Windows-Shell-Setup.

  • setting_name - (Required) Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon.

  • content - (Optional) Specifies the base-64 encoded XML formatted content that is added to the unattend.xml file for the specified path and component.


A boot_diagnostics block supports the following:

  • enabled - (Required) Should Boot Diagnostics be enabled for this Virtual Machine?

  • storage_uri - (Required) The Storage Account's Blob Endpoint which should hold the virtual machine's diagnostic files.


A identity block supports the following:

  • type - (Required) The Managed Service Identity Type of this Virtual Machine. Possible values are SystemAssigned (where Azure will generate a Service Principal for you) and UserAssigned (where you can specify the Service Principal ID's) to be used by this Virtual Machine using the identity_ids field.
  • identity_ids - (Optional) Specifies a list of user managed identity ids to be assigned to the VM. Required if type is UserAssigned.

A os_profile block supports the following:

  • computer_name - (Required) Specifies the name of the Virtual Machine.

  • admin_username - (Required) Specifies the name of the local administrator account.

  • admin_password - (Required for Windows, Optional for Linux) The password associated with the local administrator account.

  • custom_data - (Optional) Specifies custom data to supply to the machine. On Linux-based systems, this can be used as a cloud-init script. On other systems, this will be copied as a file on disk. Internally, Terraform will base64 encode this value before sending it to the API. The maximum length of the binary array is 65535 bytes.

A os_profile_linux_config block supports the following:

  • disable_password_authentication - (Required) Specifies whether password authentication should be disabled. If set to false, an admin_password must be specified.

  • ssh_keys - (Optional) One or more ssh_keys blocks. This field is required if disable_password_authentication is set to true.


A os_profile_secrets block supports the following:


A os_profile_windows_config block supports the following:

  • provision_vm_agent - (Optional) Should the Azure Virtual Machine Guest Agent be installed on this Virtual Machine? Defaults to false.

A plan block supports the following:

  • name - (Required) Specifies the name of the image from the marketplace.

  • publisher - (Required) Specifies the publisher of the image.

  • product - (Required) Specifies the product of the image from the marketplace.


A ssh_keys block supports the following:

  • key_data - (Required) The Public SSH Key which should be written to the path defined above.
  • path - (Required) The path of the destination file on the virtual machine

A storage_image_reference block supports the following:

This block provisions the Virtual Machine from one of two sources: an Azure Platform Image (e.g. Ubuntu/Windows Server) or a Custom Image.

To provision from an Azure Platform Image, the following fields are applicable:

  • publisher - (Required) Specifies the publisher of the image used to create the virtual machine. Changing this forces a new resource to be created.

  • offer - (Required) Specifies the offer of the image used to create the virtual machine. Changing this forces a new resource to be created.

  • sku - (Required) Specifies the SKU of the image used to create the virtual machine. Changing this forces a new resource to be created.

  • version - (Optional) Specifies the version of the image used to create the virtual machine. Changing this forces a new resource to be created.

To provision a Custom Image, the following fields are applicable:

  • id - (Required) Specifies the ID of the Custom Image which the Virtual Machine should be created from. Changing this forces a new resource to be created.

A storage_data_disk block supports the following:

  • name - (Required) The name of the Data Disk.

  • caching - (Optional) Specifies the caching requirements for the Data Disk. Possible values include None, ReadOnly and ReadWrite.

  • create_option - (Required) Specifies how the data disk should be created. Possible values are Attach, FromImage and Empty.

  • disk_size_gb - (Required) Specifies the size of the data disk in gigabytes.

  • lun - (Required) Specifies the logical unit number of the data disk. This needs to be unique within all the Data Disks on the Virtual Machine.

  • write_accelerator_enabled - (Optional) Specifies if Write Accelerator is enabled on the disk. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. Defaults to false.

The following properties apply when using Managed Disks:

  • managed_disk_type - (Optional) Specifies the type of managed disk to create. Possible values are either Standard_LRS, StandardSSD_LRS or Premium_LRS.

  • managed_disk_id - (Optional) Specifies the ID of an Existing Managed Disk which should be attached to this Virtual Machine. When this field is set create_option must be set to Attach.

The following properties apply when using Unmanaged Disks:

  • vhd_uri - (Optional) Specifies the URI of the VHD file backing this Unmanaged Data Disk. Changing this forces a new resource to be created.

A storage_os_disk block supports the following:

  • name - (Required) Specifies the name of the OS Disk.

  • create_option - (Required) Specifies how the OS Disk should be created. Possible values are Attach (managed disks only) and FromImage.

  • caching - (Optional) Specifies the caching requirements for the OS Disk. Possible values include None, ReadOnly and ReadWrite.

  • disk_size_gb - (Optional) Specifies the size of the OS Disk in gigabytes.

  • image_uri - (Optional) Specifies the Image URI in the format publisherName:offer:skus:version. This field can also specify the VHD uri of a custom VM image to clone. When cloning a Custom (Unmanaged) Disk Image the os_type field must be set.

  • os_type - (Optional) Specifies the Operating System on the OS Disk. Possible values are Linux and Windows.

  • write_accelerator_enabled - (Optional) Specifies if Write Accelerator is enabled on the disk. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. Defaults to false.

The following properties apply when using Managed Disks:

  • managed_disk_id - (Optional) Specifies the ID of an existing Managed Disk which should be attached as the OS Disk of this Virtual Machine. If this is set then the create_option must be set to Attach.

  • managed_disk_type - (Optional) Specifies the type of Managed Disk which should be created. Possible values are Standard_LRS, StandardSSD_LRS or Premium_LRS.

The following properties apply when using Unmanaged Disks:

  • vhd_uri - (Optional) Specifies the URI of the VHD file backing this Unmanaged OS Disk. Changing this forces a new resource to be created.

A vault_certificates block supports the following:

  • certificate_url - (Required) The ID of the Key Vault Secret. Stored secret is the Base64 encoding of a JSON Object that which is encoded in UTF-8 of which the contents need to be:
{
  "data":"<Base64-encoded-certificate>",
  "dataType":"pfx",
  "password":"<pfx-file-password>"
}
  • certificate_store - (Required, on windows machines) Specifies the certificate store on the Virtual Machine where the certificate should be added to, such as My.

A winrm block supports the following:

  • protocol - (Required) Specifies the protocol of listener. Possible values are HTTP or HTTPS.

  • certificate_url - (Optional) The ID of the Key Vault Secret which contains the encrypted Certificate which should be installed on the Virtual Machine. This certificate must also be specified in the vault_certificates block within the os_profile_secrets block.

» Attributes Reference

The following attributes are exported:

  • id - The ID of the Virtual Machine.

» Import

Virtual Machines can be imported using the resource id, e.g.

terraform import azurerm_virtual_machine.test /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/microsoft.compute/virtualMachines/machine1