Skip to content

Instantly share code, notes, and snippets.

@varnav

varnav/windows_winrm_http.tf

Last active January 4, 2024 15:58
Show Gist options
  • Save varnav/8bdcd8bb1d6f1e7ef76ca63c52727850 to your computer and use it in GitHub Desktop.
Save varnav/8bdcd8bb1d6f1e7ef76ca63c52727850 to your computer and use it in GitHub Desktop.
Download ZIP
Windows VM with HTTPS WinRM Terraform
Raw
windows_winrm_http.tf
resource "azurerm_key_vault_certificate" "main" {
name = "${terraform.workspace}-winrmcert"
key_vault_id = var.key_vault_id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
lifetime_action {
action {
action_type = "AutoRenew"
}
trigger {
days_before_expiry = 30
}
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject = "CN=${terraform.workspace}"
validity_in_months = 48
}
}
}
resource "azurerm_windows_virtual_machine" "main" {
# Put other stuff here
secret {
certificate {
store = "My"
url = azurerm_key_vault_certificate.main.secret_id
}
key_vault_id = azurerm_key_vault_certificate.main.key_vault_id
}
winrm_listener {
protocol = "Https" # Case sensitive
certificate_url = azurerm_key_vault_certificate.main.secret_id
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment