https://learn.microsoft.com/ja-jp/azure/application-gateway/quick-create-terraform
cat <<-'EOF' > providers.tf
terraform {
required_version = ">=1.2"
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.0"
}
random = {
source = "hashicorp/random"
version = "~> 3.0"
}
}
}
provider "azurerm" {
features {}
}
EOF
cat <<-'EOF' > main.tf
resource "azurerm_resource_group" "rg9999999" {
name = "rg9999999"
location = "japaneast"
}
resource "azurerm_virtual_network" "vnet01" {
name = "vnet01"
resource_group_name = azurerm_resource_group.rg9999999.name
location = azurerm_resource_group.rg9999999.location
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "subnet01" {
name = "subnet01"
resource_group_name = azurerm_resource_group.rg9999999.name
virtual_network_name = azurerm_virtual_network.vnet01.name
address_prefixes = ["10.0.0.0/24"]
}
resource "azurerm_subnet" "subnet02" {
name = "subnet02"
resource_group_name = azurerm_resource_group.rg9999999.name
virtual_network_name = azurerm_virtual_network.vnet01.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_public_ip" "pip01" {
name = "pip01"
resource_group_name = azurerm_resource_group.rg9999999.name
location = azurerm_resource_group.rg9999999.location
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_network_interface" "nic" {
count = 2
name = "nic${count.index+1}"
location = azurerm_resource_group.rg9999999.location
resource_group_name = azurerm_resource_group.rg9999999.name
ip_configuration {
name = "nicipconfig${count.index+1}"
subnet_id = azurerm_subnet.subnet02.id
private_ip_address_allocation = "Dynamic"
}
}
resource "random_password" "password" {
length = 16
special = true
lower = true
upper = true
numeric = true
}
resource "azurerm_windows_virtual_machine" "vm" {
count = 2
name = "vm${count.index+1}"
resource_group_name = azurerm_resource_group.rg9999999.name
location = azurerm_resource_group.rg9999999.location
size = "Standard_DS1_v2"
admin_username = "azureuser"
admin_password = random_password.password.result
network_interface_ids = [
azurerm_network_interface.nic[count.index].id,
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2019-Datacenter"
version = "latest"
}
}
resource "azurerm_virtual_machine_extension" "vmext" {
count = 2
name = "vmext${count.index+1}-ext"
virtual_machine_id = azurerm_windows_virtual_machine.vm[count.index].id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.10"
settings = <<SETTINGS
{
"commandToExecute": "powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"
}
SETTINGS
}
resource "azurerm_application_gateway" "ag01" {
name = "ag01"
resource_group_name = azurerm_resource_group.rg9999999.name
location = azurerm_resource_group.rg9999999.location
sku {
name = "Standard_v2"
tier = "Standard_v2"
capacity = 1
}
gateway_ip_configuration {
name = "ag01ipconfig"
subnet_id = azurerm_subnet.subnet01.id
}
frontend_port {
name = "fp01"
port = 80
}
frontend_ip_configuration {
name = "fic01"
public_ip_address_id = azurerm_public_ip.pip01.id
}
http_listener {
name = "lis01"
frontend_ip_configuration_name = "fic01"
frontend_port_name = "fp01"
protocol = "Http"
}
backend_address_pool {
name = "bap01"
}
backend_http_settings {
name = "bhs01"
cookie_based_affinity = "Disabled"
port = 80
protocol = "Http"
request_timeout = 60
}
request_routing_rule {
name = "rrr01"
rule_type = "Basic"
http_listener_name = "lis01"
backend_address_pool_name = "bap01"
backend_http_settings_name = "bhs01"
priority = 1
}
}
resource "azurerm_network_interface_application_gateway_backend_address_pool_association" "nicbap01" {
count = 2
network_interface_id = azurerm_network_interface.nic[count.index].id
ip_configuration_name = "nicipconfig${count.index+1}"
backend_address_pool_id = one(azurerm_application_gateway.ag01.backend_address_pool).id
}
EOF
cat <<-'EOF' > outputs.tf
output "gateway_frontend_ip" {
value = "http://${azurerm_public_ip.pip01.ip_address}"
}
EOF
terraform init -upgrade
terraform fmt
terraform -version
terraform plan -out main.tfplan
terraform apply main.tfplan
echo $(terraform output -raw gateway_frontend_ip)
terraform plan -destroy -out main.destroy.tfplan
terraform apply main.destroy.tfplan
az group list
az group delete \
--name NetworkWatcherRG \
--yes