Setting Up Virtual Machines (VMs) Using GitHub and Terraform - vishnupk001/CloudCore-SOC-Build-with-M365 GitHub Wiki
After completing the Azure Sentinel setup, the next step involved creating virtual machines (VMs) in Azure using Terraform, while utilizing GitHub for version control and integration. This approach followed the same structured method used for setting up Sentinel.
1. GitHub for Version Control and VM Setup
To start the VM deployment process, a new GitHub repository was created to store the Terraform configuration files specifically for VM creation. This repository maintained the scripts defining the infrastructure, including the VM specifications, network settings, and security configurations.
Visual Studio was used to edit these configuration files, making it easier to manage changes and updates. Once the repository was prepared, it was connected to Terraform, similar to how the Azure Sentinel setup was managed. This integration ensured that updates pushed to the GitHub repository would automatically synchronize with the Terraform workspace.
2. Terraform for Automating VM Deployment
With the GitHub repository ready, Terraform was configured to interact with Azure using the existing app registration, which provided the required permissions for resource management.
Following the same methodology used for Azure Sentinel, Terraform was configured to work with Azure through the previously set up application registration. This configuration allowed Terraform to authenticate and manage resources within the Azure environment.
The Terraform workspace was then connected to the new GitHub repository, enabling automatic retrieval of VM configuration files. This integration ensured that any updates made to the configuration files in GitHub would be consistently applied during deployment.
Next, variables were added to enable secure connection to Azure through the registered application. The variables defined were as follows:
| Variable Name | Description | Sensitive |
|---|---|---|
subscription_id |
Azure Subscription ID | Yes |
tenant_id |
Azure Tenant ID | Yes |
client_id |
Azure Client | No |
client_secret |
Azure Client Secret | Yes |
admin_username |
VM Administrator username | No |
admin_password |
VM Administrator password (16+ chars) | Yes |
These variables ensured secure and automated authentication while deploying VMs, allowing Terraform to access and manage Azure resources efficiently.
The Terraform workspace was used to execute the VM deployment by running the configured plan. After linking the workspace to the GitHub repository, the "Run" option was selected within the Terraform workspace, triggering the automated deployment process. This method ensured that the VM, along with the virtual network, public IP, and storage, was created as defined in the script, maintaining consistency and accuracy.
3. Verifying the VM:
After deployment, the VM can be accessed via SSH or RDP using the credentials provided. The Azure portal is also used to confirm the VM's status, configuration, and connectivity.
This method of using Terraform with GitHub ensures that the VM deployment process is automated, consistent, and securely managed.
