Solution

backend.tf

@@ -0,0 +1,8 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "mate-azure-task-12"
+    storage_account_name = "tfstate144"
+    container_name       = "tfstate"
+    key                  = "terraform.tfstate"
+  }
+}

main.tf

@@ -0,0 +1,41 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "3.105.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "main" {
+  name     = var.resource_group_name
+  location = var.location
+}
+
+module "compute" {
+  source              = "./modules/compute"
+  resource_group_name = azurerm_resource_group.main.name
+  vm_name             = var.vm_name
+  location            = azurerm_resource_group.main.location
+  subnet_id           = module.network.subnet_id
+  public_ip_id        = module.network.public_ip_address
+  ssh_key             = var.ssh_key
+}
+
+module "network" {
+  source              = "./modules/network"
+  resource_group_name = azurerm_resource_group.main.name
+  location            = azurerm_resource_group.main.location
+  dns_label_prefix    = var.dns_label
+}
+
+module "storage" {
+  source               = "./modules/storage"
+  resource_group_name  = azurerm_resource_group.main.name
+  location             = azurerm_resource_group.main.location
+  storage_account_name = var.storage_account_name
+}

modules/compute/main.tf

@@ -0,0 +1,83 @@
+resource "azurerm_network_interface" "main" {
+  name                = "${var.vm_name}-nic"
+  location            = var.location
+  resource_group_name = var.resource_group_name
+
+  ip_configuration {
+    name                          = "internal"
+    subnet_id                     = var.subnet_id
+    private_ip_address_allocation = "Dynamic"
+    public_ip_address_id          = azurerm_public_ip.linuxboxpip.id
+  }
+}
+
+resource "azurerm_public_ip" "linuxboxpip" {
+  name                = "linuxboxpip"
+  location            = var.location
+  resource_group_name = var.resource_group_name
+  allocation_method   = "Static"
+  sku                 = "Standard"
+}
+
+resource "azurerm_virtual_machine" "main" {
+  name                             = "matebox"
+  location                         = var.location
+  resource_group_name              = var.resource_group_name
+  network_interface_ids            = [azurerm_network_interface.main.id]
+  vm_size                          = "Standard_B1s"
+  delete_os_disk_on_termination    = true
+  delete_data_disks_on_termination = true
+
+  os_profile {
+    computer_name  = "todoappserver"
+    admin_username = "adminuser"
+  }
+
+  os_profile_linux_config {
+    disable_password_authentication = true
+
+    ssh_keys {
+    path     = "/home/adminuser/.ssh/authorized_keys"
+    key_data = var.ssh_key
+    }
+  }
+
+  storage_image_reference {
+    publisher = "Canonical"
+    offer     = "0001-com-ubuntu-server-jammy"
+    sku       = "22_04-lts"
+    version   = "latest"
+  }
+
+  storage_os_disk {
+    name              = "myosdisk1"
+    caching           = "ReadWrite"
+    create_option     = "FromImage"
+    managed_disk_type = "Standard_LRS"
+  }
+
+  tags = {
+    environment = "staging"
+  }
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "azurerm_virtual_machine_extension" "CustomScript" {
+  name                       = "CustomScript"
+  virtual_machine_id         = azurerm_virtual_machine.main.id
+  publisher                  = "Microsoft.Azure.Extensions"
+  type                       = "CustomScript"
+  type_handler_version       = "2.0"
+  auto_upgrade_minor_version = true
+
+  settings = <<SETTINGS
+{
+  "fileUris": ["https://lvkzxjncklvjn.blob.core.windows.net/task-artifacts/install-app.sh"],
+  "commandToExecute": "bash install-app.sh",
+  "skipDos2Unix": true
+}
+SETTINGS
+}

modules/compute/outputs.tf

@@ -0,0 +1,14 @@
+output "network_interface_id" {
+  description = "The ID of the network interface."
+  value       = azurerm_network_interface.main.id
+}
+
+output "virtual_machine_id" {
+  description = "The ID of the virtual machine."
+  value       = azurerm_virtual_machine.main.id
+}
+
+output "vm_extension_id" {
+  description = "The ID of the VM extension."
+  value       = azurerm_virtual_machine_extension.CustomScript.id
+}

modules/compute/variables.tf

@@ -0,0 +1,29 @@
+variable "vm_name" {
+  description = "The name of the virtual machine."
+  type        = string
+}
+
+variable "subnet_id" {
+  description = "The ID of the subnet."
+  type        = string
+}
+
+variable "public_ip_id" {
+  description = "The ID of the public IP address."
+  type        = string
+}
+
+variable "ssh_key" {
+  description = "The SSH public key for authentication."
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group."
+  type        = string
+}
+
+variable "location" {
+  description = "The location where resources will be created."
+  type        = string
+}

modules/network/main.tf

@@ -0,0 +1,43 @@
+resource "azurerm_virtual_network" "main" {
+  name                = "vnet"
+  address_space       = ["10.0.0.0/16"]
+  location            = var.location
+  resource_group_name = var.resource_group_name
+}
+
+resource "azurerm_subnet" "internal" {
+  name                 = "default"
+  resource_group_name  = var.resource_group_name
+  virtual_network_name = azurerm_virtual_network.main.name
+  address_prefixes     = ["10.0.0.0/24"]
+}
+
+resource "azurerm_network_security_group" "default-nsg" {
+  name                = "default-nsg"
+  location            = var.location
+  resource_group_name = var.resource_group_name
+
+  security_rule {
+      name                       = "TaskRule"
+      priority                   = 100
+      direction                  = "Inbound"
+      access                     = "Allow"
+      protocol                   = "Tcp"
+      source_port_range          = "*"
+      destination_port_range     = "*"
+      source_address_prefix      = "*"
+      destination_address_prefix = "*"
+    }
+  }
+resource "azurerm_public_ip" "linuxboxpip" {
+  name                = "linuxboxpip"
+  resource_group_name = var.resource_group_name
+  location            = var.location
+  allocation_method   = "Dynamic"
+  domain_name_label = "${var.dns_label_prefix}${random_integer.random.result}"
+}
+
+resource "random_integer" "random" {
+  min = 1000
+  max = 9999
+}

modules/network/outputs.tf

@@ -0,0 +1,29 @@
+output "vnet_id" {
+  description = "The ID of the virtual network."
+  value       = azurerm_virtual_network.main.id
+}
+
+output "network_security_group_id" {
+  description = "The ID of the network security group."
+  value       = azurerm_network_security_group.default-nsg.id
+}
+
+output "public_ip_id" {
+  description = "The ID of the public IP address."
+  value       = azurerm_public_ip.linuxboxpip.id
+}
+
+output "public_ip_address" {
+  description = "The public IP address value."
+  value       = azurerm_public_ip.linuxboxpip.ip_address
+}
+
+output "public_ip_fqdn" {
+  description = "The fully qualified domain name (FQDN) of the public IP address."
+  value       = azurerm_public_ip.linuxboxpip.fqdn
+}
+
+output "subnet_id" {
+  description = "The ID of the subnet."
+  value = azurerm_subnet.internal.id
+}

modules/network/variables.tf

@@ -0,0 +1,15 @@
+variable "resource_group_name" {
+  description = "The name of the resource group."
+  type        = string
+}
+
+variable "location" {
+  description = "The location where resources will be created."
+  type        = string
+}
+
+variable "dns_label_prefix" {
+  description = "The prefix for the DNS label."
+  type        = string
+  default     = "matetask"
+}

modules/storage/main.tf

@@ -0,0 +1,13 @@
+resource "azurerm_storage_account" "storage_account" {
+  name                     = var.storage_account_name
+  resource_group_name      = var.resource_group_name
+  location                 = var.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+}
+
+resource "azurerm_storage_container" "task_artifacts" {
+  name                  = "task-artifacts"
+  storage_account_name  = azurerm_storage_account.storage_account.name
+  container_access_type = "private"
+}

modules/storage/outputs.tf

@@ -0,0 +1,9 @@
+output "storage_account_name" {
+  value       = azurerm_storage_account.storage_account.name
+  description = "The name of the storage account."
+}
+
+output "storage_container_name" {
+  value       = azurerm_storage_container.task_artifacts.name
+  description = "The name of the storage container."
+}

modules/storage/variables.tf

@@ -0,0 +1,14 @@
+variable "resource_group_name" {
+  description = "The name of the resource group."
+  type        = string
+}
+
+variable "storage_account_name" {
+  description = "The name of the storage account."
+  type        = string
+}
+
+variable "location" {
+  description = "The location where resources will be created."
+  type        = string
+}

outputs.tf

@@ -0,0 +1,34 @@
+output "virtual_network_id" {
+  description = "The ID of the virtual network."
+  value       = module.network.vnet_id
+}
+
+output "subnet_id" {
+  description = "The ID of the subnet."
+  value       = module.network.subnet_id
+}
+
+output "network_security_group_id" {
+  description = "The ID of the network security group."
+  value       = module.network.network_security_group_id
+}
+
+output "public_ip_address" {
+  description = "The public IP address."
+  value       = module.network.public_ip_address
+}
+
+output "virtual_machine_id" {
+  description = "The ID of the virtual machine."
+  value       = module.compute.virtual_machine_id
+}
+
+output "vm_extension_id" {
+  description = "The ID of the VM extension."
+  value       = module.compute.vm_extension_id
+}
+
+output "network_interface_id" {
+  description = "The ID of the network interface."
+  value       = module.compute.network_interface_id
+}

terraform.tfvars

@@ -0,0 +1,3 @@
+ssh_key = <<EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjSa8xOgez5hycgVIbUnCA4Sf+pYofWWSc0H5fGM8ahdhzQ+RxvncmkMhda14lRU5tjTjVtbNKiw+9sZsUpkMcGKH+UEUGIOwXN9NKnZPMGvzByWQragaqAj5vanlDaTdiUYgqD/Ydvhy3zI5ax+PuNr1MQBOZ5bgwlR6fWT71NvY/XQt4cEDE/03ypjwAg57scK6hUsWfYk9iIF9V78d09PyOjIiTi5sVqUFkOtvy02Okqpuvjhtsr7W4gySu46ftKosXJTkYqCkxP7PmWuiOsBWrRAx6ZOvv/IY+CofrMOUUiRMKH9tXD/4mTjlkMwYtVQ4WEZkXLZOo2aVNri0usERnPjEkDmRxEV3YqHxTDhPWZBFnK59QLyPoEpy3HXS1H3Fe3xBVPSMJTzzPwrFo090Lovm8QYveBScLARh1WNGY4PiZFX/tOuadamb7LXNKeSA1MCVKK64D6H9MQ6CK9/NpQYeGXtGfl7TtJkqoIVg+1tgMwqx7JK27KaQG7nu3zY22oFgpqeBxady95JuGWm7mtrEQKv6kJhtByVTZ7xdcqJ62/sn1hcSfGpGsIcLn8tjdr6Ry0o6xSfvRC6iIEzubmCHiUyf/BIH9c1Ab1PgfLA4A8ecPUtAx9rvwvOyM3x2iKsTcmahV/gE6wt8wl0+n4BY9epwNdlUADmvNQQ== [email protected]
+EOF

variables.tf

@@ -0,0 +1,51 @@
+variable "location" {
+  default = "uksouth"
+}
+
+variable "resource_group_name" {
+  default = "mate-azure-task-12"
+}
+
+variable "storage_account_name" {
+  default = "tfstate144"
+}
+
+variable "virtual_network_name" {
+  default = "vnet"
+}
+
+variable "vnet_address_prefix" {
+  default = "10.0.0.0/16"
+}
+
+variable "subnet_name" {
+  default = "default"
+}
+
+variable "subnet_address_prefix" {
+  default = "10.0.0.0/24"
+}
+
+variable "network_security_group_name" {
+  default = "defaultnsg"
+}
+
+variable "public_ip_address_name" {
+  default = "linuxboxpip"
+}
+
+variable "vm_name" {
+  default = "matebox"
+}
+
+variable "vm_size" {
+  default = "Standard_B1s"
+}
+
+variable "ssh_key" {
+  default     = "~/.ssh/id_rsa.pub"
+}
+
+variable "dns_label" {
+  default = "matetask"
+}