azurermVirtualMachineExtension

Manages a Virtual Machine Extension to provide post deployment configuration and run automated tasks.

\~> NOTE: Custom Script Extensions for Linux & Windows require that the commandToExecute returns a 0 exit code to be classified as successfully deployed. You can achieve this by appending exit0 to the end of your commandToExecute.

-> NOTE: Custom Script Extensions require that the Azure Virtual Machine Guest Agent is running on the Virtual Machine.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
  this,
  "example_1",
  {
    account_replication_type: "LRS",
    account_tier: "Standard",
    location: azurermResourceGroupExample.location,
    name: "accsa",
    resource_group_name: azurermResourceGroupExample.name,
    tags: {
      environment: "staging",
    },
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermStorageContainerExample =
  new azurerm.storageContainer.StorageContainer(this, "example_2", {
    container_access_type: "private",
    name: "vhds",
    storage_account_name: azurermStorageAccountExample.name,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageContainerExample.overrideLogicalId("example");
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
  this,
  "example_3",
  {
    address_space: ["10.0.0.0/16"],
    location: azurermResourceGroupExample.location,
    name: "acctvn",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_4", {
  address_prefixes: ["10.0.2.0/24"],
  name: "acctsub",
  resource_group_name: azurermResourceGroupExample.name,
  virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermNetworkInterfaceExample =
  new azurerm.networkInterface.NetworkInterface(this, "example_5", {
    ip_configuration: [
      {
        name: "testconfiguration1",
        private_ip_address_allocation: "Dynamic",
        subnet_id: azurermSubnetExample.id,
      },
    ],
    location: azurermResourceGroupExample.location,
    name: "acctni",
    resource_group_name: azurermResourceGroupExample.name,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkInterfaceExample.overrideLogicalId("example");
const azurermVirtualMachineExample = new azurerm.virtualMachine.VirtualMachine(
  this,
  "example_6",
  {
    location: azurermResourceGroupExample.location,
    name: "acctvm",
    network_interface_ids: [azurermNetworkInterfaceExample.id],
    os_profile: [
      {
        admin_password: "Password1234!",
        admin_username: "testadmin",
        computer_name: "hostname",
      },
    ],
    os_profile_linux_config: [
      {
        disable_password_authentication: false,
      },
    ],
    resource_group_name: azurermResourceGroupExample.name,
    storage_image_reference: [
      {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
      },
    ],
    storage_os_disk: [
      {
        caching: "ReadWrite",
        create_option: "FromImage",
        name: "myosdisk1",
        vhd_uri: `\${${azurermStorageAccountExample.primaryBlobEndpoint}}\${${azurermStorageContainerExample.name}}/myosdisk1.vhd`,
      },
    ],
    tags: {
      environment: "staging",
    },
    vm_size: "Standard_F2",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExample.overrideLogicalId("example");
const azurermVirtualMachineExtensionExample =
  new azurerm.virtualMachineExtension.VirtualMachineExtension(
    this,
    "example_7",
    {
      name: "hostname",
      publisher: "Microsoft.Azure.Extensions",
      settings: ' {\n  "commandToExecute": "hostname && uptime"\n }\n',
      tags: {
        environment: "Production",
      },
      type: "CustomScript",
      type_handler_version: "2.0",
      virtual_machine_id: azurermVirtualMachineExample.id,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineExtensionExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

name - (Required) The name of the virtual machine extension peering. Changing this forces a new resource to be created.
virtualMachineId - (Required) The ID of the Virtual Machine. Changing this forces a new resource to be created
publisher - (Required) The publisher of the extension, available publishers can be found by using the Azure CLI. Changing this forces a new resource to be created.
type - (Required) The type of extension, available types for a publisher can be found using the Azure CLI.

\~> Note: The publisher and type of Virtual Machine Extensions can be found using the Azure CLI, via:

az vm extension image list --location westus -o table

typeHandlerVersion - (Required) Specifies the version of the extension to use, available versions can be found using the Azure CLI.
autoUpgradeMinorVersion - (Optional) Specifies if the platform deploys the latest minor version update to the typeHandlerVersion specified.
automaticUpgradeEnabled - (Optional) Should the Extension be automatically updated whenever the Publisher releases a new version of this VM Extension?
settings - (Optional) The settings passed to the extension, these are specified as a JSON object in a string.

\~> Please Note: Certain VM Extensions require that the keys in the settings block are case sensitive. If you're seeing unhelpful errors, please ensure the keys are consistent with how Azure is expecting them (for instance, for the jsonAdDomainExtension extension, the keys are expected to be in titleCase.)

failureSuppressionEnabled - (Optional) Should failures from the extension be suppressed? Possible values are true or false. Defaults to false.

-> NOTE: Operational failures such as not connecting to the VM will not be suppressed regardless of the failureSuppressionEnabled value.

protectedSettings - (Optional) The protected_settings passed to the extension, like settings, these are specified as a JSON object in a string.

\~> Please Note: Certain VM Extensions require that the keys in the protectedSettings block are case sensitive. If you're seeing unhelpful errors, please ensure the keys are consistent with how Azure is expecting them (for instance, for the jsonAdDomainExtension extension, the keys are expected to be in titleCase.)

protectedSettingsFromKeyVault - (Optional) A protectedSettingsFromKeyVault block as defined below.

\~> Note: protectedSettingsFromKeyVault cannot be used with protectedSettings

tags - (Optional) A mapping of tags to assign to the resource.

A protectedSettingsFromKeyVault block supports the following:

secretUrl - (Required) The URL to the Key Vault Secret which stores the protected settings.
sourceVaultId - (Required) The ID of the source Key Vault.

Attributes Reference

The following attributes are exported:

id - The ID of the Virtual Machine Extension.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 30 minutes) Used when creating the Virtual Machine Extension.
update - (Defaults to 30 minutes) Used when updating the Virtual Machine Extension.
read - (Defaults to 5 minutes) Used when retrieving the Virtual Machine Extension.
delete - (Defaults to 30 minutes) Used when deleting the Virtual Machine Extension.

Import

Virtual Machine Extensions can be imported using the resourceId, e.g.

terraform import azurerm_virtual_machine_extension.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Compute/virtualMachines/myVM/extensions/extensionName