TERRAFORM

• terraform AWS
• terraform azure

• Terraform cli
• Terraform state
• terraform variables
• terraform data source
• terraform modules

• Terraform workspace

• 0.12: https://www.terraform.io/docs/configuration/index.html
• 0.11: https://www.terraform.io/docs/configuration-0-11/interpolation.html: interpolación (referenciar variables, atributos de recursos, llamar funciones)

• volcar información a fichero:

  resource "local_file" "foo" {
      content  = "${tls_private_key.vm_adwriter.private_key_pem}"
      filename = "${path.cwd}/vm_adwriter.key"
  }

• desencriptar password windows:

  output "ec2_password" { 
    value = "${rsadecrypt(aws_instance.vm_adwriter.password_data, file("${path.cwd}/vm_adwriter.key"))}"
  }

• usando var.aws_region como índice del mapa para seleccionar la imagen adecuada en función de la región

terraform.tfvars

aws_region = "eu-west-3" # París

main.tf

variable "aws_region" {
  type = "string"
}
 
variable "amis-aws-windows2016base" {
  # Windows_Server-2016-English-Full-Base-2019.02.13
  type = "map"
 
  default = {
    us-east-1 = "ami-0bf148826ef491d16" # Virigina
    eu-west-3 = "ami-0e3f0a08a6950f3e2" # París
  }
}

resource "aws_instance" "bastion_ad" {
  ami             = "${lookup(var.amis-aws-windows2016base, var.aws_region)}"
  instance_type   = "t2.micro"
  ...
}

variable "virtual_network_rule_ids" {
  type = list(map(string))
  default = [
    { id = "x.x.x.x" },{ id = "y.y.y.y" }
  ]
}
 
}
resource "..." {
 
  dynamic "virtual_network_rule" {
    for_each = var.virtual_network_rule_ids
 
    content {
      id = virtual_network_rule.value["id"] # etiqueta dynamic + value + key
    }
  }
}

• casos de uso

• POC estructura AD
• terraform win-instance