-
Notifications
You must be signed in to change notification settings - Fork 2
/
azcmagent.auto.tfvars.sh
executable file
·75 lines (62 loc) · 2.2 KB
/
azcmagent.auto.tfvars.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/bin/bash
# Script intended for a single environment.
# (Use the hackteam.auto.tfvars.sh script for multiple environments.)
#
# Can set resource group name in the first argument.
# Can set subscription id in the second argument.
# Can set location in the third argument.
#
# Assumes that the user is in the right context and has the right permissions.
# The script creates a service principal and role assignment for the Azure Connected Machine Onboarding role.
# The script creates the azcmagent.auto.tfvars file for the Azure Arc Connected Machine agent installation.
# The script creates a resource group for the Arc-enabled Servers, i.e. connected machines.
error()
{
tput setaf 1
echo "ERROR: $@" >&2
tput sgr0
exit 1
}
info()
{
tput setaf 6
echo "$@" >&2
tput sgr0
return
}
## Variables
resource_group_name=${1:-arc_pilot}
[[ -n "$2" ]] && subscription_id=$2 || subscription_id=$(az account show --query id --output tsv)
[[ -n "$3" ]] && location=$3 || location=uksouth
info "- Creating resource group $resource_group_name"
az group create --name $resource_group_name --location $location --subscription $subscription_id --output none || error "Failed to create $resource_group_name"
resource_group_id=$(az group show --name $resource_group_name --subscription $subscription_id --query id --output tsv)
# Create the service principal and role assignment
name=$resource_group_name
info "- Creating service principal $name"
json=$(az ad sp create-for-rbac --name $name --scope $resource_group_id --role "Azure Connected Machine Onboarding" --only-show-errors)
# Create the azcmagent.auto.tfvars file
cat > azcmagent.auto.tfvars <<EOF
azcmagent = {
windows = {
install = true
connect = true
}
linux = {
install = true
connect = true
}
}
arc = {
tenant_id = "$(jq -r .tenant <<< $json)"
service_principal_appid = "$(jq -r .appId <<< $json)"
service_principal_secret = "$(jq -r .password <<< $json)"
subscription_id = "$subscription_id"
resource_group_name = "$resource_group_name"
location = "$location"
tags = {
environment = "pilot"
}
}
EOF
info "- Created azcmagent.auto.tfvars variable file. Check before running Terraform."