bram/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
root
2024-07-12 12:58:40 +02:00
commit 30fdad3be5
557 changed files with 11142 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
azure_create-clean-room.yml Normal file
View File

@@ -0,0 +1,133 @@
---
- name: get resource group info
become: true
become_user: root
# become_method: runas
hosts: localhost
tasks:
## create the resource group
- name: create resource_group
azure_rm_resourcegroup:
name: "rg-clean_room"
location: westeurope
## create the vnet with subnets
- name: Create virtual network vnet-clean_room
azure_rm_virtualnetwork:
resource_group: "rg-clean_room"
name: vnet-clean_room
address_prefixes:
- "10.10.0.0/24"
- "10.245.140.0/22"
dns_servers:
- "10.245.142.82"
- "10.245.142.83"
- name: create nsg
azure.azcollection.azure_rm_securitygroup:
resource_group: "rg-clean_room"
name: nsg-clean-room
rules:
- name: DENYOUTBOUNDINTERNET
protocol: "*"
access: Deny
priority: 100
destination_address_prefix: Internet
direction: Outbound
state: present
- name: Add subnet clean_room
azure_rm_subnet:
resource_group: "rg-clean_room"
name: sn-clean_room
address_prefix: "10.245.140.0/24"
virtual_network: vnet-clean_room
security_group:
name: nsg-clean-room
resource_group: rg-clean_room
- name: Add subnet clean_room1
azure_rm_subnet:
resource_group: "rg-clean_room"
name: sn-clean_room1
address_prefix: "10.245.141.0/24"
virtual_network: vnet-clean_room
security_group:
name: nsg-clean-room
resource_group: rg-clean_room
- name: Add subnet clean_room2
azure_rm_subnet:
resource_group: "rg-clean_room"
name: sn-clean_room2
address_prefix: "10.245.142.0/24"
virtual_network: vnet-clean_room
security_group:
name: nsg-clean-room
resource_group: rg-clean_room
- name: Add subnet clean_room3
azure_rm_subnet:
resource_group: "rg-clean_room"
name: sn-clean_room3
address_prefix: "10.245.143.0/24"
virtual_network: vnet-clean_room
security_group:
name: nsg-clean-room
resource_group: rg-clean_room
- name: Add subnet Azure Bastion
azure_rm_subnet:
resource_group: "rg-clean_room"
name: AzureBastionSubnet
address_prefix: "10.10.0.0/26"
virtual_network: vnet-clean_room
register: bastion_subnet
## create Bastion
- name: Create a public ip address
azure_rm_publicipaddress:
resource_group: "rg-clean_room"
name: bastion_pub_ip
sku: "Standard"
allocation_method: static
- name: get pubip info
azure_rm_publicipaddress_info:
resource_group: "rg-clean_room"
name: bastion_pub_ip
register: pub_ip
#domain_name: foobar
- name: check if bastion host exists
azure.azcollection.azure_rm_bastionhost_info:
name: "Bastion-clean_room"
resource_group: rg-clean_room
register: bastion
- name: Create Bastion host
azure.azcollection.azure_rm_bastionhost:
name: "Bastion-clean_room"
resource_group: "rg-clean_room"
ip_configurations:
- name: bastion-cr_ipconfig
public_ip_address:
id: "{{ pub_ip.publicipaddresses[0].id }}"
subnet:
id: "{{bastion_subnet.state.id}}"
sku:
name: "Standard"
state: present
when: bastion == None
## create staging storage account
- name: create staging storage account
azure_rm_storageaccount:
resource_group: "rg-clean_room"
name: sacleanroomstaging
type: "Standard_LRS"
kind: "StorageV2"
location: westeurope
public_network_access: "Enabled"
- name: Create container VHDS
azure_rm_storageblob:
resource_group: "rg-clean_room"
storage_account_name: sacleanroomstaging
container: vhds
environment:
- AZURE_CLIENT_ID: "{{AZURE_CLIENT_ID}}"
- AZURE_SECRET: "{{AZURE_SECRET}}"
- AZURE_SUBSCRIPTION_ID: "{{AZURE_SUBSCRIPTION_ID}}"
- AZURE_TENANT: "{{AZURE_TENANT}}"