Terraform on Azure: executing powershell script for Windows VM from local file with variables as arguments

scatterbits

Background

I deploy a Windows Server VM using Terraform from Azure Cloud Shell. I have a tf file that successfully deploys the VM but I can't run a PowerShell script.

Requirements

I need the VM to run a post deployment PowerShell script that promotes it to a domain controller.
The PS script needs to be local to Azure Cloud Shell where Terraform is running to avoid using a storage account.
I need to be able to specify arguments to the PS script derived from resources/data (e.g. password defined earlier in the tf file)

This is what I try to do:

resource "azurerm_virtual_machine_extension" "dcpromo_script" {
  name                 = "dcpromo_script"
  virtual_machine_id   = azurerm_windows_virtual_machine.vm.id
  publisher            = "Microsoft.Azure.Extensions"
  type                 = "CustomScript"
  type_handler_version = "2.0"

 protected_settings = <<PROT
    {
        "script": "${base64encode(file("dcpromo.ps1"))}"
    }
    PROT

}

dcpromo.ps1 simplified contents for troubleshooting:

"hello"

However I get the following error message:

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azurerm_virtual_machine_extension.dcpromo_script: Creating...
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [10s elapsed]
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [20s elapsed]
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [30s elapsed]
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [40s elapsed]
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [50s elapsed]
azurerm_virtual_machine_extension.dcpromo_script: Still creating... [1m0s elapsed]

Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'dcpromo_script'. Error message: \"Extension '' of Handler 'Microsoft.Azure.Extensions.CustomScript' version '1.0' faulted due to exception during extension processing\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionCSELinuxTroubleshoot "

  on windows_server.tf line 77, in resource "azurerm_virtual_machine_extension" "dcpromo_script":
  77: resource "azurerm_virtual_machine_extension" "dcpromo_script" {

Can anyone help explain what I'm doing wrong? Thanks in advance

scatterbits

This resolved my issue: https://stackoverflow.com/a/60276573/1630260

This is how I used a variable as an argument:

${azurerm_windows_virtual_machine.vm.admin_password}

Complete line:

"commandToExecute": "powershell -command \"[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${base64encode(data.template_file.tf.rendered)}')) | Out-File -filepath dcpromo.ps1\" && powershell -ExecutionPolicy Unrestricted -File dcpromo.ps1 ${azurerm_windows_virtual_machine.vm.admin_password} domain.com"

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at2021-02-15

Comments

0 comments