azurermVirtualMachineScaleSet

Manages a virtual machine scale set.

Disclaimers

!> Note: The azurermVirtualMachineScaleSet resource has been deprecated in favour of the azurermLinuxVirtualMachineScaleSet and azurermWindowsVirtualMachineScaleSet resources. Whilst this will continue to be available throughout the 2.x and 3.x releases however is in a feature-frozen state to maintain compatibility - new functionality will instead be added to the azurermLinuxVirtualMachineScaleSet and azurermWindowsVirtualMachineScaleSet resources and the azurermVirtualMachineScaleSet resource will be removed in the future.

\~> NOTE: All arguments including the administrator login and password will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage with Managed Disks (Recommended)

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
  this,
  "example_1",
  {
    address_space: ["10.0.0.0/16"],
    location: azurermResourceGroupExample.location,
    name: "acctvn",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermPublicIpExample = new azurerm.publicIp.PublicIp(
  this,
  "example_2",
  {
    allocation_method: "Static",
    domain_name_label: azurermResourceGroupExample.name,
    location: azurermResourceGroupExample.location,
    name: "test",
    resource_group_name: azurermResourceGroupExample.name,
    tags: {
      environment: "staging",
    },
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPublicIpExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_3", {
  address_prefixes: ["10.0.2.0/24"],
  name: "acctsub",
  resource_group_name: azurermResourceGroupExample.name,
  virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermLbExample = new azurerm.lb.Lb(this, "example_4", {
  frontend_ip_configuration: [
    {
      name: "PublicIPAddress",
      public_ip_address_id: azurermPublicIpExample.id,
    },
  ],
  location: azurermResourceGroupExample.location,
  name: "test",
  resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLbExample.overrideLogicalId("example");
const azurermLbBackendAddressPoolBpepool =
  new azurerm.lbBackendAddressPool.LbBackendAddressPool(this, "bpepool", {
    loadbalancer_id: azurermLbExample.id,
    name: "BackEndAddressPool",
    resource_group_name: azurermResourceGroupExample.name,
  });
const azurermLbNatPoolLbnatpool = new azurerm.lbNatPool.LbNatPool(
  this,
  "lbnatpool",
  {
    backend_port: 22,
    frontend_ip_configuration_name: "PublicIPAddress",
    frontend_port_end: 50119,
    frontend_port_start: 50000,
    loadbalancer_id: azurermLbExample.id,
    name: "ssh",
    protocol: "Tcp",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
const azurermLbProbeExample = new azurerm.lbProbe.LbProbe(this, "example_7", {
  loadbalancer_id: azurermLbExample.id,
  name: "http-probe",
  port: 8080,
  protocol: "Http",
  request_path: "/health",
  resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLbProbeExample.overrideLogicalId("example");
const azurermVirtualMachineScaleSetExample =
  new azurerm.virtualMachineScaleSet.VirtualMachineScaleSet(this, "example_8", {
    automatic_os_upgrade: true,
    health_probe_id: azurermLbProbeExample.id,
    location: azurermResourceGroupExample.location,
    name: "mytestscaleset-1",
    network_profile: [
      {
        ip_configuration: [
          {
            load_balancer_backend_address_pool_ids: [
              azurermLbBackendAddressPoolBpepool.id,
            ],
            load_balancer_inbound_nat_rules_ids: [azurermLbNatPoolLbnatpool.id],
            name: "TestIPConfiguration",
            primary: true,
            subnet_id: azurermSubnetExample.id,
          },
        ],
        name: "terraformnetworkprofile",
        primary: true,
      },
    ],
    os_profile: [
      {
        admin_username: "myadmin",
        computer_name_prefix: "testvm",
      },
    ],
    os_profile_linux_config: [
      {
        disable_password_authentication: true,
        ssh_keys: [
          {
            key_data: '${file("~/.ssh/demo_key.pub")}',
            path: "/home/myadmin/.ssh/authorized_keys",
          },
        ],
      },
    ],
    resource_group_name: azurermResourceGroupExample.name,
    rolling_upgrade_policy: [
      {
        max_batch_instance_percent: 20,
        max_unhealthy_instance_percent: 20,
        max_unhealthy_upgraded_instance_percent: 5,
        pause_time_between_batches: "PT0S",
      },
    ],
    sku: [
      {
        capacity: 2,
        name: "Standard_F2",
        tier: "Standard",
      },
    ],
    storage_profile_data_disk: [
      {
        caching: "ReadWrite",
        create_option: "Empty",
        disk_size_gb: 10,
        lun: 0,
      },
    ],
    storage_profile_image_reference: [
      {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
      },
    ],
    storage_profile_os_disk: [
      {
        caching: "ReadWrite",
        create_option: "FromImage",
        managed_disk_type: "Standard_LRS",
        name: "",
      },
    ],
    tags: {
      environment: "staging",
    },
    upgrade_policy_mode: "Rolling",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineScaleSetExample.overrideLogicalId("example");

Example Usage with Unmanaged Disks

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
  this,
  "example_1",
  {
    account_replication_type: "LRS",
    account_tier: "Standard",
    location: azurermResourceGroupExample.location,
    name: "accsa",
    resource_group_name: azurermResourceGroupExample.name,
    tags: {
      environment: "staging",
    },
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermStorageContainerExample =
  new azurerm.storageContainer.StorageContainer(this, "example_2", {
    container_access_type: "private",
    name: "vhds",
    storage_account_name: azurermStorageAccountExample.name,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageContainerExample.overrideLogicalId("example");
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
  this,
  "example_3",
  {
    address_space: ["10.0.0.0/16"],
    location: azurermResourceGroupExample.location,
    name: "acctvn",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_4", {
  address_prefixes: ["10.0.2.0/24"],
  name: "acctsub",
  resource_group_name: azurermResourceGroupExample.name,
  virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermVirtualMachineScaleSetExample =
  new azurerm.virtualMachineScaleSet.VirtualMachineScaleSet(this, "example_5", {
    location: azurermResourceGroupExample.location,
    name: "mytestscaleset-1",
    network_profile: [
      {
        ip_configuration: [
          {
            name: "TestIPConfiguration",
            primary: true,
            subnet_id: azurermSubnetExample.id,
          },
        ],
        name: "TestNetworkProfile",
        primary: true,
      },
    ],
    os_profile: [
      {
        admin_username: "myadmin",
        computer_name_prefix: "testvm",
      },
    ],
    os_profile_linux_config: [
      {
        disable_password_authentication: true,
        ssh_keys: [
          {
            key_data: '${file("~/.ssh/demo_key.pub")}',
            path: "/home/myadmin/.ssh/authorized_keys",
          },
        ],
      },
    ],
    resource_group_name: azurermResourceGroupExample.name,
    sku: [
      {
        capacity: 2,
        name: "Standard_F2",
        tier: "Standard",
      },
    ],
    storage_profile_image_reference: [
      {
        offer: "UbuntuServer",
        publisher: "Canonical",
        sku: "16.04-LTS",
        version: "latest",
      },
    ],
    storage_profile_os_disk: [
      {
        caching: "ReadWrite",
        create_option: "FromImage",
        name: "osDiskProfile",
        vhd_containers: [
          `\${${azurermStorageAccountExample.primaryBlobEndpoint}}\${${azurermStorageContainerExample.name}}`,
        ],
      },
    ],
    upgrade_policy_mode: "Manual",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineScaleSetExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

name - (Required) Specifies the name of the virtual machine scale set resource. Changing this forces a new resource to be created.
resourceGroupName - (Required) The name of the resource group in which to create the virtual machine scale set. Changing this forces a new resource to be created.
location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
networkProfile - (Required) A collection of network profile block as documented below.
osProfile - (Required) A Virtual Machine OS Profile block as documented below.
osProfileWindowsConfig - (Optional) A Windows config block as documented below.
osProfileLinuxConfig - (Optional) A Linux config block as documented below.
proximityPlacementGroupId - (Optional) The ID of the Proximity Placement Group to which this Virtual Machine should be assigned. Changing this forces a new resource to be created
sku - (Required) A SKU block as documented below.
storageProfileOsDisk - (Required) A storage profile os disk block as documented below
upgradePolicyMode - (Required) Specifies the mode of an upgrade to virtual machines in the scale set. Possible values, rolling, manual, or automatic. When choosing rolling, you will need to set a health probe.
identity - (Optional) An identity block as defined below.

automaticOsUpgrade - (Optional) Automatic OS patches can be applied by Azure to your scaleset. This is particularly useful when upgradePolicyMode is set to rolling. Defaults to false.
bootDiagnostics - (Optional) A boot diagnostics profile block as referenced below.
extension - (Optional) Can be specified multiple times to add extension profiles to the scale set. Each extension block supports the fields documented below.
evictionPolicy - (Optional) Specifies the eviction policy for Virtual Machines in this Scale Set. Possible values are deallocate and delete. Changing this forces a new resource to be created.

-> NOTE: evictionPolicy can only be set when priority is set to low.

healthProbeId - (Optional) Specifies the identifier for the load balancer health probe. Required when using rolling as your upgradePolicyMode.
licenseType - (Optional) (Optional, when a Windows machine) Specifies the Windows OS license type. If supplied, the only allowed values are windowsClient and windowsServer.
osProfileSecrets - (Optional) A collection of Secret blocks as documented below.
overprovision - (Optional) Specifies whether the virtual machine scale set should be overprovisioned. Defaults to true.
plan - (Optional) A plan block as documented below.
priority - (Optional) Specifies the priority for the Virtual Machines in the Scale Set. Possible values are low and regular. Changing this forces a new resource to be created.
rollingUpgradePolicy - (Optional) A rollingUpgradePolicy block as defined below. This is only applicable when the upgradePolicyMode is rolling.
singlePlacementGroup - (Optional) Specifies whether the scale set is limited to a single placement group with a maximum size of 100 virtual machines. If set to false, managed disks must be used. Default is true. Changing this forces a new resource to be created. See documentation for more information.
storageProfileDataDisk - (Optional) A storage profile data disk block as documented below
storageProfileImageReference - (Optional) A storage profile image reference block as documented below.
tags - (Optional) A mapping of tags to assign to the resource.
zones - (Optional) A collection of availability zones to spread the Virtual Machines over. Changing this forces a new resource to be created.

-> Please Note: Availability Zones are only supported in several regions at this time.

The sku block supports the following:

name - (Required) Specifies the size of virtual machines in a scale set.
tier - (Optional) Specifies the tier of virtual machines in a scale set. Possible values, standard or basic.
capacity - (Required) Specifies the number of virtual machines in the scale set.

The rollingUpgradePolicy block supports the following:

maxBatchInstancePercent - (Optional) The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability. Defaults to 20.
maxUnhealthyInstancePercent - (Optional) The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. Defaults to 20.
maxUnhealthyUpgradedInstancePercent - (Optional) The maximum percentage of upgraded virtual machine instances that can be found to be in an unhealthy state. This check will happen after each batch is upgraded. If this percentage is ever exceeded, the rolling update aborts. Defaults to 20.
pauseTimeBetweenBatches - (Optional) The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format for duration (https://en.wikipedia.org/wiki/ISO_8601#Durations). Defaults to 0 seconds represented as pt0S.

The identity block supports the following:

type - (Required) Specifies the identity type to be assigned to the scale set. Allowable values are systemAssigned and userAssigned. For the systemAssigned identity the scale set's Service Principal ID (SPN) can be retrieved after the scale set has been created. See documentation for more information. Possible values are systemAssigned, userAssigned and systemAssigned,UserAssigned.
identityIds - (Optional) Specifies a list of user managed identity ids to be assigned to the VMSS. Required if type is userAssigned.

import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermVirtualMachineScaleSetExample =
  new azurerm.virtualMachineScaleSet.VirtualMachineScaleSet(this, "example", {
    extension: [
      {
        name: "MSILinuxExtension",
        publisher: "Microsoft.ManagedIdentity",
        settings: '{"port": 50342}',
        type: "ManagedIdentityExtensionForLinux",
        type_handler_version: "1.0",
      },
    ],
    identity: [
      {
        type: "SystemAssigned",
      },
    ],
    location: "${azurerm_resource_group.example.location}",
    name: "vm-scaleset",
    resource_group_name: "${azurerm_resource_group.example.name}",
    sku: [
      {
        capacity: "${var.instance_count}",
        name: "${var.vm_sku}",
        tier: "Standard",
      },
    ],
  });
new cdktf.TerraformOutput(this, "principal_id", {
  value: `\${${azurermVirtualMachineScaleSetExample.identity.fqn}[0].principal_id}`,
});

The osProfile block supports the following:

computerNamePrefix - (Required) Specifies the computer name prefix for all of the virtual machines in the scale set. Computer name prefixes must be 1 to 9 characters long for windows images and 1 - 58 for Linux. Changing this forces a new resource to be created.
adminUsername - (Required) Specifies the administrator account name to use for all the instances of virtual machines in the scale set.
adminPassword - (Optional) Specifies the administrator password to use for all the instances of virtual machines in a scale set.
customData - (Optional) Specifies custom data to supply to the machine. On Linux-based systems, this can be used as a cloud-init script. On other systems, this will be copied as a file on disk. Internally, Terraform will base64 encode this value before sending it to the API. The maximum length of the binary array is 65535 bytes.

The osProfileSecrets block supports the following:

sourceVaultId - (Required) Specifies the key vault to use.
vaultCertificates - (Optional) (Required, on Windows machines) One or more vaultCertificates blocks as defined below.

A vaultCertificates block support the following:

certificateUrl - (Required) It is the Base64 encoding of a JSON Object that which is encoded in UTF-8 of which the contents need to be data, dataType and password.
certificateStore - (Optional) (Required, on windows machines) Specifies the certificate store on the Virtual Machine where the certificate should be added to.

The osProfileWindowsConfig block supports the following:

provisionVmAgent - (Optional) Indicates whether virtual machine agent should be provisioned on the virtual machines in the scale set.
enableAutomaticUpgrades - (Optional) Indicates whether virtual machines in the scale set are enabled for automatic updates.
winrm - (Optional) A collection of WinRM configuration blocks as documented below.
additionalUnattendConfig - (Optional) An Additional Unattended Config block as documented below.

The winrm block supports the following:

protocol - (Required) Specifies the protocol of listener
certificateUrl - (Optional) Specifies URL of the certificate with which new Virtual Machines is provisioned.

The additionalUnattendConfig block supports the following:

pass - (Required) Specifies the name of the pass that the content applies to. The only allowable value is oobeSystem.
component - (Required) Specifies the name of the component to configure with the added content. The only allowable value is microsoftWindowsShellSetup.
settingName - (Required) Specifies the name of the setting to which the content applies. Possible values are: firstLogonCommands and autoLogon.
content - (Required) Specifies the base-64 encoded XML formatted content that is added to the unattend.xml file for the specified path and component.

The osProfileLinuxConfig block supports the following:

disablePasswordAuthentication - (Optional) Specifies whether password authentication should be disabled. Defaults to false. Changing this forces a new resource to be created.
sshKeys - (Optional) One or more sshKeys blocks as defined below.

\~> Note: Please note that the only allowed path is /home/<username>/Ssh/authorizedKeys due to a limitation of Azure.

\~> NOTE: At least one sshKeys block is required if disablePasswordAuthentication is set to true.

The networkProfile block supports the following:

name - (Required) Specifies the name of the network interface configuration.
primary - (Required) Indicates whether network interfaces created from the network interface configuration will be the primary NIC of the VM.
ipConfiguration - (Required) An ip_configuration block as documented below.
acceleratedNetworking - (Optional) Specifies whether to enable accelerated networking or not.
dnsSettings - (Optional) A dns_settings block as documented below.
ipForwarding - (Optional) Whether IP forwarding is enabled on this NIC. Defaults to false.
networkSecurityGroupId - (Optional) Specifies the identifier for the network security group.

The dnsSettings block supports the following:

dnsServers - (Required) Specifies an array of DNS servers.

The ipConfiguration block supports the following:

name - (Required) Specifies name of the IP configuration.
subnetId - (Required) Specifies the identifier of the subnet.
applicationGatewayBackendAddressPoolIds - (Optional) Specifies an array of references to backend address pools of application gateways. A scale set can reference backend address pools of multiple application gateways. Multiple scale sets can use the same application gateway.
loadBalancerBackendAddressPoolIds - (Optional) Specifies an array of references to backend address pools of load balancers. A scale set can reference backend address pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer.

-> NOTE: When using this field you'll also need to configure a Rule for the Load Balancer, and use a dependsOn between this resource and the Load Balancer Rule.

loadBalancerInboundNatRulesIds - (Optional) Specifies an array of references to inbound NAT pools for load balancers. A scale set can reference inbound NAT pools of one public and one internal load balancer. Multiple scale sets cannot use the same load balancer.

-> NOTE: When using this field you'll also need to configure a Rule for the Load Balancer, and use a dependsOn between this resource and the Load Balancer Rule.

primary - (Required) Specifies if this ip_configuration is the primary one.
applicationSecurityGroupIds - (Optional) Specifies up to 20 application security group IDs.
publicIpAddressConfiguration - (Optional) Describes a virtual machines scale set IP Configuration's PublicIPAddress configuration. The public_ip_address_configuration is documented below.

The publicIpAddressConfiguration block supports the following:

name - (Required) The name of the public IP address configuration
idleTimeout - (Required) The idle timeout in minutes. This value must be between 4 and 30.
domainNameLabel - (Required) The domain name label for the DNS settings.

A sshKeys block supports the following:

keyData - (Optional) The Public SSH Key which should be written to the path defined above.

\~> Note: Azure only supports RSA SSH2 key signatures of at least 2048 bits in length

-> NOTE: Rather than defining this in-line you can source this from a local file using the file function - for example keyData =File("~/Ssh/idRsaPub").

path - (Required) The path of the destination file on the virtual machine

-> NOTE: Due to a limitation in the Azure VM Agent the only allowed path is /home/{username}/Ssh/authorizedKeys.

The storageProfileOsDisk block supports the following:

name - (Optional) Specifies the disk name. Must be specified when using unmanaged disk ('managed_disk_type' property not set).
vhdContainers - (Optional) Specifies the VHD URI. Cannot be used when image or managedDiskType is specified.
managedDiskType - (Optional) Specifies the type of managed disk to create. Value you must be either standardLrs, standardSsdLrs or premiumLrs. Cannot be used when vhdContainers or image is specified.
createOption - (Required) Specifies how the virtual machine should be created. The only possible option is fromImage.
caching - (Optional) Specifies the caching requirements. Possible values include: none (default), readOnly, readWrite.
image - (Optional) Specifies the blob URI for user image. A virtual machine scale set creates an os disk in the same container as the user image. Updating the osDisk image causes the existing disk to be deleted and a new one created with the new image. If the VM scale set is in Manual upgrade mode then the virtual machines are not updated until they have manualUpgrade applied to them. When setting this field osType needs to be specified. Cannot be used when vhdContainers, managedDiskType or storageProfileImageReference are specified.
osType - (Optional) Specifies the operating system Type, valid values are windows, Linux.

The storageProfileDataDisk block supports the following:

lun - (Required) Specifies the Logical Unit Number of the disk in each virtual machine in the scale set.
createOption - (Required) Specifies how the data disk should be created. The only possible options are fromImage and empty.
caching - (Optional) Specifies the caching requirements. Possible values include: none (default), readOnly, readWrite.
diskSizeGb - (Optional) Specifies the size of the disk in GB. This element is required when creating an empty disk.
managedDiskType - (Optional) Specifies the type of managed disk to create. Value must be either standardLrs, standardSsdLrs or premiumLrs.

The storageProfileImageReference block supports the following:

id - (Optional) Specifies the ID of the (custom) image to use to create the virtual machine scale set, as in the example below.
publisher - (Optional) Specifies the publisher of the image used to create the virtual machines.
offer - (Optional) Specifies the offer of the image used to create the virtual machines.
sku - (Optional) Specifies the SKU of the image used to create the virtual machines.
version - (Optional) Specifies the version of the image used to create the virtual machines.

The bootDiagnostics block supports the following:

enabled - (Optional) Whether to enable boot diagnostics for the virtual machine. Defaults to true.
storageUri - (Required) Blob endpoint for the storage account to hold the virtual machine's diagnostic files. This must be the root of a storage account, and not a storage container.

The extension block supports the following:

name - (Required) Specifies the name of the extension.
publisher - (Required) The publisher of the extension, available publishers can be found by using the Azure CLI.
type - (Required) The type of extension, available types for a publisher can be found using the Azure CLI.
typeHandlerVersion - (Required) Specifies the version of the extension to use, available versions can be found using the Azure CLI.
autoUpgradeMinorVersion - (Optional) Specifies whether or not to use the latest minor version available.
provisionAfterExtensions - (Optional) Specifies a dependency array of extensions required to be executed before, the array stores the name of each extension.
settings - (Optional) The settings passed to the extension, these are specified as a JSON object in a string.
protectedSettings - (Optional) The protected_settings passed to the extension, like settings, these are specified as a JSON object in a string.

The plan block supports the following:

name - (Required) Specifies the name of the image from the marketplace.
publisher - (Required) Specifies the publisher of the image.
product - (Required) Specifies the product of the image from the marketplace.

Example of storage_profile_image_reference with id

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermImageExample = new azurerm.image.Image(this, "example", {
  name: "test",
});
const azurermVirtualMachineScaleSetExample =
  new azurerm.virtualMachineScaleSet.VirtualMachineScaleSet(this, "example_1", {
    name: "test",
    storage_profile_image_reference: [
      {
        id: azurermImageExample.id,
      },
    ],
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineScaleSetExample.overrideLogicalId("example");

Attributes Reference

The following attributes are exported:

id - The virtual machine scale set ID.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 60 minutes) Used when creating the Virtual Machine Scale Set.
update - (Defaults to 60 minutes) Used when updating the Virtual Machine Scale Set.
read - (Defaults to 5 minutes) Used when retrieving the Virtual Machine Scale Set.
delete - (Defaults to 60 minutes) Used when deleting the Virtual Machine Scale Set.

Import

Virtual Machine Scale Sets can be imported using the resourceId, e.g.

terraform import azurerm_virtual_machine_scale_set.scaleset1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Compute/virtualMachineScaleSets/scaleset1