ansible/roles/azure_createwindowsvm-demo/tasks/main.yml

---
# tasks file for azure-createwindowsvm
  # - name: Create public IP address
  #   azure_rm_publicipaddress:
  #     resource_group: "{{RG_name}}"
  #     allocation_method: Static
  #     name: "{{hostname}}-pip"
  #   register: output_ip_address

  # - name: Output public IP
  #   debug:
  #     msg: "The public IP is {{ output_ip_address.state.ip_address }}"


  - name: Get facts for one resource group
    azure_rm_resourcegroup_info:
      name: "{{RG_name}}"
    register: rginfo
  - name: Create a network interface
    azure_rm_networkinterface:
      name: "{{hostname}}-nic"
      resource_group: "{{RG_name}}"
      location: westeurope 
      virtual_network: "/subscriptions/dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd/resourceGroups/rg-network-tst-01/providers/Microsoft.Network/virtualNetworks/vnet-awe-tst-01"
      subnet_name: "{{subnetname}}"
      enable_accelerated_networking: True
      security_group: "/subscriptions/dd4dbc55-c970-4a1f-8ddd-8cb7ae7900dd/resourceGroups/rg-network-tst-01/providers/Microsoft.Network/networkSecurityGroups/nsg-tst-01-green"
      ip_configurations:
        - name: default
         # public_ip_address_name: "{{hostname}}-pip"
          primary: True
    register: new_nic
  
  - name: Get private IP of NIC
    azure_rm_networkinterface_info:
      resource_group: "{{RG_name}}"
      name: "{{hostname}}-nic"
    register: nic_info

  - name: Display private IP of NIC
    debug:
      var: "nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address"

  - name: Create VM
    azure_rm_virtualmachine:
      resource_group: "{{RG_name}}" 
      name: "{{hostname}}"
      vm_size: "{{vmsize}}"
      admin_username: ApeAdmin
      admin_password: "{{ password }}"
      network_interfaces: "{{hostname}}-nic"
      os_type: Windows
      boot_diagnostics:
        enabled: false
      managed_disk_type: "Premium_LRS"
      os_disk_name: "{{hostname}}-osdisk"
      os_disk_size_gb: 128
      image:
          offer: WindowsServer
          publisher: MicrosoftWindowsServer
          sku: "{{win_sku}}"
          version: latest
      tags:
        Dexcare: "{{tag_dexcare}}"
        ApplicationITContact: "{{tag_ApplicationITContact}}"
        DexMach_Protection: "ManagedByOther"
        Schedule: "{{tag_Schedule}}"
        ServiceHours: "{{tag_ServiceHours}}"
        Criticality: "{{tag_Criticality}}"
        UpdateSchedule: "{{tag_UpdateSchedule}}"
        TeamSpecialist: "{{tag_TeamSpecialist}}"
    no_log: false

  # - name: Create VM script extension to enable HTTPS WinRM listener
  #   azure_rm_virtualmachineextension:
  #     name: winrm-extension
  #     resource_group: "{{RG_name}}"
  #     virtual_machine_name: "{{hostname}}"
  #     publisher: Microsoft.Compute
  #     virtual_machine_extension_type: CustomScriptExtension
  #     type_handler_version: '1.9'
  #     settings: '{"fileUris": ["https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"],"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ConfigureRemotingForAnsible.ps1"}'
  #     auto_upgrade_minor_version: true

  - name: Enable winrm
    azure_rm_virtualmachineextension:
      name: winrm-extension
      resource_group: "{{RG_name}}"
      virtual_machine_name: "{{hostname}}"
      publisher: Microsoft.Compute
      virtual_machine_extension_type: CustomScriptExtension
      type_handler_version: '1.9'
      settings: '{"commandToExecute": "powershell winrm quickconfig -force"}'
      auto_upgrade_minor_version: true

  - name: Open port
    azure_rm_virtualmachineextension:
      name: winrm-extension
      resource_group: "{{RG_name}}"
      virtual_machine_name: "{{hostname}}"
      publisher: Microsoft.Compute
      virtual_machine_extension_type: CustomScriptExtension
      type_handler_version: '1.9'
      settings: {"commandToExecute": "powershell New-NetFirewallRule -DisplayName 'Winrm' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 5985"}
      auto_upgrade_minor_version: true



# - name: Get facts for one Public IP
#     azure_rm_publicipaddress_info:
#       resource_group: "{{RG_name}}"
#       name: "{{hostname}}-pip"
#     register: publicipaddresses

#   - name: set public ip address fact
#     set_fact: publicipaddress="{{ publicipaddresses | json_query('publicipaddresses[0].ip_address')}}"

  - name: wait for the WinRM port to come online
    wait_for:
      port: 5985
      host: "{{nic_info.networkinterfaces[0].ip_configurations[0].private_ip_address}}"
      timeout: 6