github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/compute/AVD-AZU-0039/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/compute/AVD-AZU-0039/Terraform.md (about)

     1  
     2  Use ssh authentication for virtual machines
     3  
     4  ```hcl
     5   resource "azurerm_linux_virtual_machine" "good_linux_example" {
     6     name                            = "good-linux-machine"
     7     resource_group_name             = azurerm_resource_group.example.name
     8     location                        = azurerm_resource_group.example.location
     9     size                            = "Standard_F2"
    10     admin_username                  = "adminuser"
    11     admin_password                  = "somePassword"
    12     
    13     admin_ssh_key {
    14       username   = "adminuser"
    15       public_key = file("~/.ssh/id_rsa.pub")
    16     }
    17   }
    18   
    19   resource "azurerm_virtual_machine" "good_example" {
    20   	name                            = "good-linux-machine"
    21   	resource_group_name             = azurerm_resource_group.example.name
    22   	location                        = azurerm_resource_group.example.location
    23   	size                            = "Standard_F2"
    24   	admin_username                  = "adminuser"
    25   
    26   	
    27   	os_profile_linux_config {
    28   		ssh_keys = [{
    29   			key_data = file("~/.ssh/id_rsa.pub")
    30   			path = "~/.ssh/id_rsa.pub"
    31   		}]
    32   
    33   		disable_password_authentication = true
    34   	}
    35   }
    36   
    37  ```
    38  
    39  #### Remediation Links
    40   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#disable_password_authentication
    41  
    42   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#disable_password_authentication
    43