azure-machine-scaleset-auth¶
Ensure Azure linux scale set does not use basic authentication
Examples¶
Insecure Example
resource "azurerm_virtual_machine_scale_set" "example" {
name = "mytestscaleset-1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
storage_profile_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_profile_os_disk {
name = ""
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name_prefix = "testvm"
admin_username = "myadmin"
}
os_profile_linux_config {
disable_password_authentication = false # (default value is false)
ssh_keys {
path = "/home/myadmin/.ssh/authorized_keys"
key_data = file("~/.ssh/demo_key.pub")
}
}
}
Secure Example
resource "azurerm_virtual_machine_scale_set" "example" {
name = "mytestscaleset-1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
storage_profile_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_profile_os_disk {
name = ""
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name_prefix = "testvm"
admin_username = "myadmin"
}
os_profile_linux_config {
disable_password_authentication = true
ssh_keys {
path = "/home/myadmin/.ssh/authorized_keys"
key_data = file("~/.ssh/demo_key.pub")
}
}
}