{Terraform} VPC/Azure

Terraform

 

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs

https://qiita.com/duelist2020jp/items/6b78adae9a242f3c5935

 


-- 1. macにTerraformインストール

brew tap hashicorp/tap
brew install hashicorp/tap/terraform
brew update
brew upgrade hashicorp/tap/terraform
terraform -help
terraform -version


-- 2. Azureログイン

az login --use-device-code
az account show

az version

az configure --list-defaults
az configure --defaults location=japaneast
az configure --list-defaults

 

az group list
az upgrade

 

-- 3. tfファイル作成

vim main.tf

# We strongly recommend using the required_providers block to set the
# Azure Provider source and version being used
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.0.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "rg9999999" {
  name     = "rg9999999"
  location = "Japan East"
}


resource "azurerm_virtual_network" "vnet01" {
  name                = "vnet01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location
  address_space       = ["10.2.0.0/16"]


  tags = {
    environment = "dev"
  }

}

resource "azurerm_subnet" "subnet01"{
  name = "subnet01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  virtual_network_name = azurerm_virtual_network.vnet01.name
  address_prefixes = ["10.2.1.0/24"]
}


resource "azurerm_network_security_group" "nsg01" {
  name                = "nsg01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location

}

resource "azurerm_network_security_rule" "nsgr01" {
  name                        = "nsgr01"
  priority                    = 100
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "Tcp"
  source_port_range           = "*"
  destination_port_range      = "22"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = azurerm_resource_group.rg9999999.name
  network_security_group_name = azurerm_network_security_group.nsg01.name
}


resource "azurerm_subnet_network_security_group_association" "nsg01_subnet01"{
    network_security_group_id = azurerm_network_security_group.nsg01.id
    subnet_id = azurerm_subnet.subnet01.id
}

 

-- 4. terraform 実行


terraform init

terraform plan
terraform apply

terraform state list


-- 5. Azureクリーンアップ

terraform destroy


az group list

az group delete \
--name NetworkWatcherRG \
--yes