'Azure + Terraform + Grabbing a variable and passing it along

Hopefully someone can push me in the right direction.

I have a Terraform plan that currently stands up a Linux VM in Azure. I am attempting to run a bash script to install a software client.

It appears the azurerm provider does not support

user_data

rather it supports

custom_data

Am I correct in this statement?

That being said, what I am trying to do as well is this.

Reference instance of the software client is setup within a web portal. The web portal creates a token for this reference instance. That token is then used when installing the software client within the Linux VM.

My code for running the bash script is as follows:

> custom_data = <<USERDATA
>         #!/bin/bash -xe
>         curl -J -O -L https://app.strongdm.com/releases/cli/linux && unzip sdmcli* && rm -f sdmcli*
>         sudo ./sdm install --relay 
>         USERDATA

I get an error however when running terraform apply

$ terraform apply

Error: expected "custom_data" to be a base64 string, got
#!/bin/bash -xe curl -J -O -L https://app.strongdm.com/releases/cli/linux && unzip sdmcli* && rm -f sdmcli* sudo ./sdm install --relay

Here are my questions:

  1. Would I use something like a key vault to hold that token and then pull it when the bash script runs?
  2. Is there a better way of passing that token?
  3. Can you pass things of that nature in terraform like variables?
  4. Am I trying to run my bash script in the correct place?

The bash script is being run within the

resource "azurerm_linux_virtual_machine" "tfssh1" {

block of code.

UPDATE

  1. Log into Admin UI
  2. Create a new instance - Token is generated. Copy this token and save it somewhere.
  3. Run install on Linux VM
  4. Installation prompts for token saved earlier
  5. Token is input
  6. Installation completes
  7. Admin UI now knows this server matches this instance

I just found this within the provider

output "gateway_token" {
  value = sdm_node.my_gateway.gateway[0].token
  sensitive = true
}

That is outputting the token in question. I should be able to grab that within my bash script. Now I just need to figure out the correct way to run said bash script through terraform.

linuxbashazureterraformterraform-provider-azure


Solution 1:[1]

You need to use base64encode

custom_data = base64encode(data.local_file.cloudinit.content)

data "local_file" "cloudinit" {
 filename = "${path.module}/cloud-init.conf"
}

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Arkadius Ko

Related Questions