Terraform 脚本 Windows 模块设置帐户锁定策略和最小密码长度 Azure
Terraform script Windows Module set account lockout policy & minimum password length Azure
我正在处理 Azure Terraform 脚本,最近在 windows 启动时安装了 windows 模块,默认情况下没有设置帐户锁定策略和最小密码长度策略,有什么办法可以在 windows 模块中的 terraform 脚本中定义。
谢谢
resource "azurerm_virtual_machine_extension" "vm" {
name = var.vm_hostname
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Azure.Extensions"
type = "CustomScript"
type_handler_version = "2.0"
settings = <<SETTINGS
{
"commandToExecute": "net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
我收到错误消息。
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [10s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [20s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [30s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [40s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [50s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [1m0s elapsed]
Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension '`HOSTNAME'. Error message: \"Extension '' of Handler 'Microsoft.Azure.Extensions.CustomScript' version '1.0' faulted due to exception during extension processing\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionCSELinuxTroubleshoot "
on ..\..\modules\windowsservers\main.tf line 194, in resource "azurerm_virtual_machine_extension" "vm":
194: resource "azurerm_virtual_machine_extension" "vm" {
如果要在创建时配置Windows VM,可以使用cloud-init with the PowerShell script. In terraform, you can use the custom_data. And if you do not care when to configure, you can use the VM extension to do the things you want after creating the VM with resource azurerm_virtual_machine_extension.
resource "azurerm_virtual_machine_extension" "vm" {
name = "${var.vm_hostname}-${count.index}"
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.9"
settings = <<SETTINGS
{
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
这是解决我的问题的代码,我一直犯的这个错误是使用了错误的扩展名,该扩展名是 Linux 正确的扩展名,代码粘贴在这里。
我正在处理 Azure Terraform 脚本,最近在 windows 启动时安装了 windows 模块,默认情况下没有设置帐户锁定策略和最小密码长度策略,有什么办法可以在 windows 模块中的 terraform 脚本中定义。 谢谢
resource "azurerm_virtual_machine_extension" "vm" {
name = var.vm_hostname
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Azure.Extensions"
type = "CustomScript"
type_handler_version = "2.0"
settings = <<SETTINGS
{
"commandToExecute": "net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
我收到错误消息。
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [10s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [20s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [30s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [40s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [50s elapsed]
module.windowsservers.azurerm_virtual_machine_extension.vm[0]: Still creating... [1m0s elapsed]
Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension '`HOSTNAME'. Error message: \"Extension '' of Handler 'Microsoft.Azure.Extensions.CustomScript' version '1.0' faulted due to exception during extension processing\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionCSELinuxTroubleshoot "
on ..\..\modules\windowsservers\main.tf line 194, in resource "azurerm_virtual_machine_extension" "vm":
194: resource "azurerm_virtual_machine_extension" "vm" {
如果要在创建时配置Windows VM,可以使用cloud-init with the PowerShell script. In terraform, you can use the custom_data. And if you do not care when to configure, you can use the VM extension to do the things you want after creating the VM with resource azurerm_virtual_machine_extension.
resource "azurerm_virtual_machine_extension" "vm" {
name = "${var.vm_hostname}-${count.index}"
count = (var.is_windows_image || contains(list(var.vm_os_simple, var.vm_os_offer), "WindowsServer")) ? var.nb_instances : 0
virtual_machine_id = azurerm_virtual_machine.vm-windows[count.index].id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.9"
settings = <<SETTINGS
{
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -Command net accounts /minpwlen:8 && net accounts /maxpwage:45 && net accounts /minpwage:0 && net accounts /lockoutduration:30 && net accounts /lockoutthreshold:3 "
}
SETTINGS
}
这是解决我的问题的代码,我一直犯的这个错误是使用了错误的扩展名,该扩展名是 Linux 正确的扩展名,代码粘贴在这里。