demo-terraform/windows-ad/main.tf

85 lines
2.0 KiB
Terraform
Raw Normal View History

2024-11-14 18:14:50 +00:00
resource "aws_key_pair" "key" {
key_name = "my-key" # Replace with your key name
public_key = file("~/.ssh/my-key.pub") # Replace with the path to your public key
}
resource "aws_security_group" "ad_sg" {
name = "ad_security_group"
description = "Allow RDP and necessary AD ports"
ingress {
from_port = 3389
to_port = 3389
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Required ports for Active Directory
ingress {
from_port = 135
to_port = 135
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 389
to_port = 389
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 445
to_port = 445
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 1024
to_port = 65535
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
2024-11-14 18:47:08 +00:00
data "template_file" "init" {
template = "${file("populate_ad/run.ps1.tpl")}"
vars = {
forest_mode = ""
domain_mode = ""
domain_name = "${aws_instance.some.private_ip}"
domain_netbios_name = ""
safe_mode_password = ""
domain_admin_password = ""
}
}
2024-11-14 18:14:50 +00:00
resource "aws_instance" "windows_ad_server" {
ami = "ami-0d8f6eb4f641ef691" # Change to a Windows Server AMI in your region
instance_type = "t3.medium"
key_name = aws_key_pair.key.key_name
vpc_security_group_ids = [aws_security_group.ad_sg.id]
associate_public_ip_address = true
2024-11-14 18:47:08 +00:00
user_data = ${data.template_file.init.rendered}
2024-11-14 18:14:50 +00:00
# Wait until instance status is ready before proceeding
provisioner "local-exec" {
command = "echo 'Instance is booting and configuration script is being executed'"
}
}
output "instance_id" {
value = aws_instance.windows_ad_server.id
}
output "instance_ip" {
value = aws_instance.windows_ad_server.public_ip
}