I have created a virtual machine using the below terraform code:
Here is the VM code:
# demo instance
resource "azurerm_virtual_machine" "demo-instance" {
name = "${var.prefix}-vm"
location = var.resource_group_location
resource_group_name = var.resource_group_name
network_interface_ids = [
azurerm_network_interface.demo-instance.id]
vm_size = "Standard_A1_v2"
# this is a demo instance, so we can delete all data on termination
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_image_reference {
publisher = "RedHat"
offer = "RHEL"
sku = "7-RAW"
version = "7.5.2018042521"
}
storage_os_disk {
name = "RED-HAT-osdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "MyOS"
admin_username = "MyUsername"
admin_password = "Password1234!"
}
os_profile_linux_config {
disable_password_authentication = false
}
}
resource "azurerm_network_interface" "demo-instance" {
name = "${var.prefix}-instance1"
location = var.resource_group_location
resource_group_name = var.resource_group_name
ip_configuration {
name = "instance1"
subnet_id = azurerm_subnet.demo-internal-1.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.demo-instance.id
}
}
resource "azurerm_network_interface_security_group_association" "allow-ssh" {
network_interface_id = azurerm_network_interface.demo-instance.id
network_security_group_id = azurerm_network_security_group.allow-ssh.id
}
resource "azurerm_public_ip" "demo-instance" {
name = "instance1-public-ip"
location = var.resource_group_location
resource_group_name = var.resource_group_name
allocation_method = "Dynamic"
}
and here is the network config:
resource "azurerm_virtual_network" "demo" {
name = "${var.prefix}-network"
location = var.resource_group_location
resource_group_name = var.resource_group_name
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "demo-internal-1" {
name = "${var.prefix}-internal-1"
resource_group_name = var.resource_group_name
virtual_network_name = azurerm_virtual_network.demo.name
address_prefixes = ["10.0.0.0/24"]
}
resource "azurerm_network_security_group" "allow-ssh" {
name = "${var.prefix}-allow-ssh"
location = var.resource_group_location
resource_group_name = var.resource_group_name
security_rule {
name = "SSH"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = var.ssh-source-address
destination_address_prefix = "*"
}
}
As a result, i am able to connect to the virtual-machine using SSH. However, when i try to connect using RDP, i face with the below error:
What i have tried:
I read this document and added an inbound role into my network
However, i am not still able to get connect with RDP.
So, far i know that my VM is in network because it has a password and i know it is running because i can connect using SSH. But, i still don’t know why the RDP does not work.
2
Answers
I see from the screenshot that you have allowed RDP traffic in the VM you are creating now. But the VM you create is RHEL server, you won’t be able to take RDP into that, you can SSH only. Only windows vm can be logged in by using RDP.
If you want to login RHEL server from a particular Windows Jump box, that is possible, deploy a windows VM with opening RDP port and add one rule for RHEL server where source IP would be the windows VM. Then you can login to windows VM as bastion and take ssh to RHEL from this bastion. Let me know if your query is cleared.
Since this is a Linux VM, you can only connect via SSH protocol even though you have allowed both 3389 and 22 in the NSG.