resource "azurerm_resource_group" "rg" { name = "${var.prefix}-ephemeral-rg" location = var.location } resource "azurerm_virtual_network" "vnet" { name = "${var.prefix}-vnet" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location address_space = var.vnet_address_space } resource "azurerm_public_ip" "pip" { name = "${var.prefix}-pip" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location allocation_method = "Static" sku = "Standard" } resource "azurerm_subnet" "workload_subnet" { name = "${var.prefix}-workload-subnet" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.vnet.name address_prefixes = var.workload_subnet_address_prefixes } resource "azurerm_network_interface" "vm_nic" { name = "${var.prefix}-vm-nic" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "internal" subnet_id = azurerm_subnet.workload_subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.pip.id } } resource "random_password" "admin_password" { length = 16 special = false } resource "azurerm_windows_virtual_machine" "vm" { name = "${var.prefix}-winvm" computer_name = var.prefix resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location size = var.vm_size priority = var.vm_priority eviction_policy = var.vm_priority == "Spot" ? "Deallocate" : null admin_username = var.vm_admin_username admin_password = random_password.admin_password.result network_interface_ids = [ azurerm_network_interface.vm_nic.id ] os_disk { caching = "ReadWrite" storage_account_type = "Premium_LRS" } source_image_reference { publisher = "MicrosoftWindowsDesktop" offer = "Windows-10" sku = "win10-22h2-pro" version = "latest" } } resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" { managed_disk_id = var.datadisk_id virtual_machine_id = azurerm_windows_virtual_machine.vm.id lun = var.datadisk_lun caching = "ReadWrite" } resource "azurerm_virtual_machine_extension" "provision_software" { name = "provision-software" virtual_machine_id = azurerm_windows_virtual_machine.vm.id publisher = "Microsoft.Compute" type = "CustomScriptExtension" type_handler_version = "1.10" depends_on = [azurerm_virtual_machine_data_disk_attachment.data_disk_attachment] protected_settings = <