azurermVirtualMachineScaleSetPacketCapture

Configures Network Packet Capturing against a Virtual Machine Scale Set using a Network Watcher.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
  this,
  "example_1",
  {
    address_space: ["10.0.0.0/16"],
    location: azurermResourceGroupExample.location,
    name: "example-vn",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermNetworkWatcherExample = new azurerm.networkWatcher.NetworkWatcher(
  this,
  "example_2",
  {
    location: azurermResourceGroupExample.location,
    name: "example-nw",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermNetworkWatcherExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_3", {
  address_prefixes: ["10.0.2.0/24"],
  name: "internal",
  resource_group_name: azurermResourceGroupExample.name,
  virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermLinuxVirtualMachineScaleSetExample =
  new azurerm.linuxVirtualMachineScaleSet.LinuxVirtualMachineScaleSet(
    this,
    "example_4",
    {
      admin_password: "P@ssword1234!",
      admin_username: "adminuser",
      computer_name_prefix: "my-linux-computer-name-prefix",
      disable_password_authentication: false,
      instances: 4,
      location: azurermResourceGroupExample.location,
      name: "example-vmss",
      network_interface: [
        {
          ip_configuration: [
            {
              name: "internal",
              primary: true,
              subnet_id: azurermSubnetExample.id,
            },
          ],
          name: "example",
          primary: true,
        },
      ],
      os_disk: [
        {
          caching: "ReadWrite",
          storage_account_type: "Standard_LRS",
        },
      ],
      resource_group_name: azurermResourceGroupExample.name,
      sku: "Standard_F2",
      source_image_reference: [
        {
          offer: "UbuntuServer",
          publisher: "Canonical",
          sku: "16.04-LTS",
          version: "latest",
        },
      ],
      upgrade_mode: "Automatic",
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLinuxVirtualMachineScaleSetExample.overrideLogicalId("example");
const azurermVirtualMachineScaleSetExtensionExample =
  new azurerm.virtualMachineScaleSetExtension.VirtualMachineScaleSetExtension(
    this,
    "example_5",
    {
      auto_upgrade_minor_version: true,
      automatic_upgrade_enabled: true,
      name: "network-watcher",
      publisher: "Microsoft.Azure.NetworkWatcher",
      type: "NetworkWatcherAgentLinux",
      type_handler_version: "1.4",
      virtual_machine_scale_set_id:
        azurermLinuxVirtualMachineScaleSetExample.id,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineScaleSetExtensionExample.overrideLogicalId("example");
const azurermVirtualMachineScaleSetPacketCaptureExample =
  new azurerm.virtualMachineScaleSetPacketCapture.VirtualMachineScaleSetPacketCapture(
    this,
    "example_6",
    {
      depends_on: [`\${${azurermVirtualMachineScaleSetExtensionExample.fqn}}`],
      machine_scope: [
        {
          exclude_instance_ids: ["1"],
          include_instance_ids: ["0"],
        },
      ],
      name: "example-pc",
      network_watcher_id: azurermNetworkWatcherExample.id,
      storage_location: [
        {
          file_path: "/var/captures/packet.cap",
        },
      ],
      virtual_machine_scale_set_id:
        azurermLinuxVirtualMachineScaleSetExample.id,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualMachineScaleSetPacketCaptureExample.overrideLogicalId("example");

\~> NOTE: This Resource requires that the Network Watcher Extension is installed on the Virtual Machine Scale Set before capturing can be enabled which can be installed via the azurermVirtualMachineScaleSetExtension resource.

Argument Reference

The following arguments are supported:

name - (Required) The name to use for this Network Packet Capture. Changing this forces a new resource to be created.
networkWatcherId - (Required) The resource ID of the Network Watcher. Changing this forces a new resource to be created.
virtualMachineScaleSetId - (Required) The resource ID of the Virtual Machine Scale Set to capture packets from. Changing this forces a new resource to be created.
maximumBytesPerPacket - (Optional) The number of bytes captured per packet. The remaining bytes are truncated. Defaults to 0 (Entire Packet Captured). Changing this forces a new resource to be created.
maximumBytesPerSession - (Optional) Maximum size of the capture in Bytes. Defaults to 1073741824 (1GB). Changing this forces a new resource to be created.
maximumCaptureDurationInSeconds - (Optional) The maximum duration of the capture session in seconds. Defaults to 18000 (5 hours). Changing this forces a new resource to be created.
storageLocation - (Required) A storageLocation block as defined below. Changing this forces a new resource to be created.
filter - (Optional) One or more filter blocks as defined below. Changing this forces a new resource to be created.
machineScope - (Optional) A machineScope block as defined below. Changing this forces a new resource to be created.

A storageLocation block contains:

filePath - (Optional) A valid local path on the targeting VM. Must include the name of the capture file (*.cap). For Linux virtual machine it must start with /var/captures.
storageAccountId - (Optional) The ID of the storage account to save the packet capture session

\~> NOTE: At least one of filePath or storageAccountId must be specified.

A filter block contains:

localIpAddress - (Optional) The local IP Address to be filtered on. Specify 127001 for a single address entry, 12700112700255 for a range and 127001;127005 for multiple entries. Multiple ranges and mixing ranges with multiple entries are currently not supported. Changing this forces a new resource to be created.
localPort - (Optional) The local port to be filtered on. Specify 80 for single port entry, 8085 for a range and 80;443; for multiple entries. Multiple ranges and mixing ranges with multiple entries are currently not supported. Changing this forces a new resource to be created.
protocol - (Required) The Protocol to be filtered on. Possible values include any, tcp and udp. Changing this forces a new resource to be created.
remoteIpAddress - (Optional) The remote IP Address to be filtered on. Specify 127001 for a single address entry, 12700112700255 for a range and 127001;127005 for multiple entries. Multiple ranges and mixing ranges with multiple entries are currently not supported. Changing this forces a new resource to be created.
remotePort - (Optional) The remote port to be filtered on. Specify 80 for single port entry, 8085 for a range and 80;443; for multiple entries. Multiple ranges and mixing ranges with multiple entries are currently not supported. Changing this forces a new resource to be created.

A machineScope block contains:

excludeInstanceIds - (Optional) A list of Virtual Machine Scale Set instance IDs which should be excluded from running Packet Capture, e.g. ["0", "2"]. Changing this forces a new resource to be created.
includeInstanceIds - (Optional) A list of Virtual Machine Scale Set instance IDs which should be included for Packet Capture, e.g. ["1", "3"]. Changing this forces a new resource to be created.

Attributes Reference

The following attributes are exported:

id - The Virtual Machine Scale Set Packet Capture ID.
storageLocation - (Required) A storageLocation block as defined below.

A storageLocation block contains:

storagePath - The URI of the storage path where the packet capture sessions are saved to.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

create - (Defaults to 30 minutes) Used when creating the Virtual Machine Scale Set Packet Capture.
read - (Defaults to 5 minutes) Used when retrieving the Virtual Machine Scale Set Packet Capture.
delete - (Defaults to 30 minutes) Used when deleting the Virtual Machine Scale Set Packet Capture.

Import

Virtual Machine Scale Set Packet Captures can be imported using the resourceId, e.g.

terraform import azurerm_virtual_machine_scale_set_packet_capture.capture1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/networkWatchers/watcher1/packetCaptures/capture1