Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- provider "azurerm" {
- client_id = "${var.azurerm_client_id}"
- client_secret = "${var.azurerm_client_secret}"
- subscription_id = "${var.azurerm_subscription_id}"
- tenant_id = "${var.azurerm_tenant_id}"
- }
- // Resource Group name & Location
- resource "azurerm_resource_group" "Prod_RG" {
- name = "${var.Customer_Name}RG"
- location = "${var.azurerm_location}"
- }
- // Public IP for Web01
- resource "azurerm_public_ip" "Prod_PublicIP_Web01" {
- name = "${var.azurerm_prefix}-publicip-web-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- public_ip_address_allocation = "static"
- }
- // Public IP for DB01
- resource "azurerm_public_ip" "Prod_PublicIP_DB01" {
- name = "${var.azurerm_prefix}-publicip-db-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- public_ip_address_allocation = "static"
- }
- // Virtual Network
- resource "azurerm_virtual_network" "Prod_VirtualNetwork" {
- name = "Woodside-virtual-network"
- address_space = ["10.1.0.0/16"]
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- }
- // Network Interface Web01
- resource "azurerm_network_interface" "Prod_netint_web01" {
- count = "1"
- name = "${var.azurerm_prefix}-netint-web-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- enable_ip_forwarding = "True"
- network_security_group_id = "${azurerm_network_security_group.Prod_nsg_Webservers.id}"
- ip_configuration {
- name = "${var.azurerm_prefix}-ip-web01"
- subnet_id = "${azurerm_subnet.Prod_subnet.id}"
- private_ip_address_allocation = "dynamic"
- public_ip_address_id = "${azurerm_public_ip.Prod_PublicIP_Web01.id}"
- }
- }
- // Network Interface DB01
- resource "azurerm_network_interface" "Prod_netint_db01" {
- count = "1"
- name = "${var.azurerm_prefix}-netint-db-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- enable_ip_forwarding = "True"
- network_security_group_id = "${azurerm_network_security_group.Prod_nsg_DBservers.id}"
- ip_configuration {
- name = "${var.azurerm_prefix}-ip-db01"
- subnet_id = "${azurerm_subnet.Prod_subnet.id}"
- private_ip_address_allocation = "dynamic"
- public_ip_address_id = "${azurerm_public_ip.Prod_PublicIP_DB01.id}"
- }
- }
- // Subnet configurtion
- resource "azurerm_subnet" "Prod_subnet" {
- name = "${var.azurerm_prefix}-subnet"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- virtual_network_name = "woodside-virtual-network"
- address_prefix = "10.1.12.0/24"
- }
- // Network Security group for Web Servers
- resource "azurerm_network_security_group" "Prod_nsg_Webservers" {
- name = "${var.azurerm_prefix}-nsg-web-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- }
- // Network Security group for DB Servers
- resource "azurerm_network_security_group" "Prod_nsg_DBservers" {
- name = "${var.azurerm_prefix}-nsg-db-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- }
- // Azure Virtual Machine - Web 01 - Standard F2
- resource "azurerm_virtual_machine" "Prod_VM_Web01" {
- count = "1"
- name = "${var.azurerm_prefix}-vm-web-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_interface_ids = ["${azurerm_network_interface.Prod_netint_web01.id}"]
- vm_size = "Standard_F2"
- storage_image_reference {
- publisher = "MicrosoftWindowsServer"
- offer = "WindowsServer"
- sku = "2016-DataCenter"
- version = "latest"
- }
- storage_os_disk {
- name = "${var.azurerm_prefix}-osdisk-web-01"
- caching = "ReadWrite"
- create_option = "FromImage"
- managed_disk_type = "Standard_LRS"
- disk_size_gb = "128"
- }
- storage_data_disk {
- name = "${var.azurerm_prefix}-datadisk01-web-01"
- disk_size_gb = "128"
- create_option = "Empty"
- managed_disk_type = "Standard_LRS"
- lun = 0
- }
- storage_data_disk {
- name = "${var.azurerm_prefix}-datadisk02-web-01"
- disk_size_gb = "128"
- create_option = "Empty"
- managed_disk_type = "Standard_LRS"
- lun = 1
- }
- delete_os_disk_on_termination = true
- delete_data_disks_on_termination = true
- os_profile {
- computer_name = "prod-web-01"
- admin_username = "${var.azurerm_vm_username}"
- admin_password = "${var.azurerm_vm_admin_password}"
- }
- }
- // Azure Virtual Machine - DB01 - Standard_DS11_v2
- resource "azurerm_virtual_machine" "Prod_VM_DB01" {
- count = "1"
- name = "${var.azurerm_prefix}-vm-db-01"
- location = "${var.azurerm_location}"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_interface_ids = ["${azurerm_network_interface.Prod_netint_db01.id}"]
- vm_size = "Standard_DS11_v2"
- storage_image_reference {
- publisher = "MicrosoftSQLServer"
- offer = "SQL2016SP1-WS2016"
- sku = "Web"
- version = "latest"
- }
- storage_os_disk {
- name = "${var.azurerm_prefix}-osdisk-db-01"
- caching = "ReadWrite"
- create_option = "FromImage"
- managed_disk_type = "Premium_LRS"
- disk_size_gb = "128"
- }
- storage_data_disk {
- name = "${var.azurerm_prefix}-datadisk01-db-01"
- disk_size_gb = "128"
- create_option = "Empty"
- managed_disk_type = "Premium_LRS"
- lun = 0
- }
- storage_data_disk {
- name = "${var.azurerm_prefix}-datadisk02-db-01"
- disk_size_gb = "512"
- create_option = "Empty"
- managed_disk_type = "Standard_LRS"
- lun = 1
- }
- delete_os_disk_on_termination = true
- delete_data_disks_on_termination = true
- os_profile {
- computer_name = "prod-db-01"
- admin_username = "${var.azurerm_vm_username}"
- admin_password = "${var.azurerm_vm_admin_password}"
- }
- }
- // Network Security group rule for RDP inbound to Web01
- resource "azurerm_network_security_rule" "Prod_nsgrule_RDP_Web01" {
- name = "Web-RDP-IN"
- priority = 200
- direction = "Inbound"
- access = "Allow"
- protocol = "Tcp"
- source_port_range = "3389"
- destination_port_range = "3389"
- source_address_prefix = "62.253.79.194"
- destination_address_prefix = "10.1.12.5"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_security_group_name = "${var.azurerm_prefix}-nsg-web-01"
- }
- // Network Security group rule for web/80 inbound to Web01
- resource "azurerm_network_security_rule" "Prod_nsgrule_http_Web01" {
- name = "Web-HTTP-IN"
- priority = 100
- direction = "Inbound"
- access = "Allow"
- protocol = "Tcp"
- source_port_range = "80"
- destination_port_range = "80"
- source_address_prefix = "*"
- destination_address_prefix = "10.1.12.5"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_security_group_name = "${var.azurerm_prefix}-nsg-web-01"
- }
- // Network Security group rule for Octopus Deploy inbound to Web01
- resource "azurerm_network_security_rule" "Prod_nsgrule_octopus_Web01" {
- name = "Web-Octo-IN"
- priority = 110
- direction = "Inbound"
- access = "Allow"
- protocol = "Tcp"
- source_port_range = "10933"
- destination_port_range = "10933"
- source_address_prefix = "83.138.171.64"
- destination_address_prefix = "10.1.12.5"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_security_group_name = "${var.azurerm_prefix}-nsg-web-01"
- }
- // Network Security group rule for Octopus Deploy inbound to DB01
- resource "azurerm_network_security_rule" "Prod_nsgrule_octopus_DB01" {
- name = "DB-Octo-IN"
- priority = 120
- direction = "Inbound"
- access = "Allow"
- protocol = "Tcp"
- source_port_range = "10933"
- destination_port_range = "10933"
- source_address_prefix = "83.138.171.64"
- destination_address_prefix = "10.1.12.4"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_security_group_name = "${var.azurerm_prefix}-nsg-db-01"
- }
- // Network Security group rule for RDP inbound to DB01
- resource "azurerm_network_security_rule" "Prod_nsgrule_RDP_DB01" {
- name = "DB-RDP-IN"
- priority = 220
- direction = "Inbound"
- access = "Allow"
- protocol = "Tcp"
- source_port_range = "3389"
- destination_port_range = "3389"
- source_address_prefix = "62.253.79.194"
- destination_address_prefix = "10.1.12.4"
- resource_group_name = "${azurerm_resource_group.Prod_RG.name}"
- network_security_group_name = "${var.azurerm_prefix}-nsg-db-01"
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement