feat: windows jump-host

Signed-off-by: Fredrik Klingenberg <[email protected]>

terraform/modules/bastion/main.tf

@@ -92,3 +92,60 @@ resource "azurerm_role_assignment" "example" {
 data "azurerm_role_definition" "vm_admin" {
   name = "Virtual Machine Administrator Login"
 }
+
+// Windows VM
+resource "azurerm_network_interface" "vm" {
+  name                = "windows-nic"
+  resource_group_name = var.resource_group.name
+  location            = var.resource_group.location
+
+  ip_configuration {
+    name                          = "internal"
+    subnet_id                     = var.subnet_jumphost_id
+    private_ip_address_allocation = "Dynamic"
+  }
+}
+
+resource "azurerm_windows_virtual_machine" "vm" {
+  name                = "windows-vm"
+  resource_group_name = var.resource_group.name
+  location            = var.resource_group.location
+
+  admin_username = "adminuser"
+  admin_password = var.admin_password
+  size           = "Standard_DS1_v2"
+
+  network_interface_ids = [azurerm_network_interface.vm.id]
+
+  source_image_reference {
+    publisher = "MicrosoftWindowsServer"
+    offer     = "WindowsServer"
+    sku       = "2022-datacenter-azure-edition"
+    version   = "latest"
+  }
+
+  os_disk {
+    name                 = "winodws-vm-os"
+    caching              = "ReadWrite"
+    storage_account_type = "Standard_LRS"
+  }
+
+  identity {
+    type = "SystemAssigned"
+  }
+}
+
+resource "azurerm_virtual_machine_extension" "AADLoginForWindows" {
+  name                       = "AADLoginForWindows"
+  virtual_machine_id         = azurerm_windows_virtual_machine.vm.id
+  publisher                  = "Microsoft.Azure.ActiveDirectory"
+  type                       = "AADLoginForWindows"
+  type_handler_version       = "1.0"
+  auto_upgrade_minor_version = true
+}
+
+resource "azurerm_role_assignment" "windows_vm_admin" {
+  scope              = azurerm_windows_virtual_machine.vm.id
+  role_definition_id = data.azurerm_role_definition.vm_admin.id
+  principal_id       = local.azuread_group_object_id
+}