如何使用terraform在Azure Automation中创建更新管理项的计划
社区。 我正在尝试使用Terraform在Azure Automation中自动化更新管理器,但我找不到有关以下两点的信息:如何使用terraform在Azure Automation中创建更新管理项的计划,terraform,azure-rm,Terraform,Azure Rm,社区。 我正在尝试使用Terraform在Azure Automation中自动化更新管理器,但我找不到有关以下两点的信息: 为更新创建的计划不起作用。我认为问题在于缺少定义哪些机器需要更新等的runbook 找不到有关如何为特定资源组中的所有计算机自动启用此更新管理的信息 这是我完成的地形代码 #Creates automation account resource "azurerm_automation_account" "aa" { name
#Creates automation account
resource "azurerm_automation_account" "aa" {
name = local.autoac
location = local.region
resource_group_name = local.rg
sku_name = "Basic"
tags = {
environment = "test"
}
}
#Creates the schedule for updates
resource "azurerm_automation_schedule" "std-update" {
name = "Weekly-Sunday-6am"
resource_group_name = local.rg
automation_account_name = azurerm_automation_account.aa.name
frequency = "Week"
interval = 1
timezone = "Europe/Berlin"
start_time = "2021-04-28T18:00:15+02:00"
description = "Standard schedule for updates"
week_days = ["Sunday"]
}
#Creates log analitycs workspace
resource "azurerm_log_analytics_workspace" "law" {
name = local.lawname
location = local.region
resource_group_name = local.rg
sku = "PerGB2018"
retention_in_days = 30
tags = {
environment = "test"
}
}
# Link automation account to a Log Analytics Workspace.
resource "azurerm_log_analytics_linked_service" "autoacc_linked_log_workspace" {
resource_group_name = local.rg
workspace_id = azurerm_log_analytics_workspace.law.id
read_access_id = azurerm_automation_account.aa.id
}
# Add Updates workspace solution to log analytics
resource "azurerm_log_analytics_solution" "law_solution_updates" {
resource_group_name = local.rg
location = local.region
solution_name = "Updates"
workspace_resource_id = azurerm_log_analytics_workspace.law.id
workspace_name = azurerm_log_analytics_workspace.law.name
plan {
publisher = "Microsoft"
product = "OMSGallery/Updates"
}
}
关于这个问题的最新情况。 我发现在更新管理中创建更新计划的选项在Terraform中还不可用。这就是为什么我们只需要通过terraform配置中创建的ARM模板来实现这一点。 在前面评论的帮助下,我能够创建以下计划:
#Creates schedule for windows VM to update Monthly on 3rd Sunday
resource "azurerm_template_deployment" "windows-prod-3rd-Sunday" {
name = "windows-prod-3rd-Sunday"
resource_group_name = local.rg
template_body = <<DEPLOY
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion": "2017-05-15-preview",
"type": "Microsoft.Automation/automationAccounts/softwareUpdateConfigurations",
"name": "${azurerm_automation_account.aa.name}/windows-prod-3rd-Sunday",
"properties": {
"updateConfiguration": {
"operatingSystem": "Windows",
"duration": "PT${local.update_max_hours}H",
"windows": {
"excludedKbNumbers": [
],
"includedUpdateClassifications": "${local.update_classifications}",
"rebootSetting": "${local.update_reboot_settings}"
},
"targets": {
"azureQueries": [
{
"scope": [
"/subscriptions/${local.subscriptionid}/resourceGroups/${local.rg}",
"/subscriptions/${local.subscriptionid}/resourceGroups/${local.rg}",
"/subscriptions/${local.subscriptionid}/resourceGroups/${local.rg}"
],
"tagSettings": {
"tags": {
"environment": [
"Prod"
],
"updatedate": [
"3rd_Sunday"
]
},
"filterOperator": "All"
},
"locations": [
"West Europe"
]
}
]
}
},
"scheduleInfo": {
"frequency": "Month",
"startTime": "${local.update_date}T${local.update_time}:00+00:00",
"timeZone": "${local.update_timezone}",
"interval": 1,
"advancedSchedule": {
"monthlyOccurrences": [
{
"occurrence": "${local.sunday_3}",
"day": "${local.update_day}"
}
]
}
}
}
}
]
}
DEPLOY
deployment_mode = "Incremental"
}
#为windows虚拟机创建每月第三个星期日更新的时间表
资源“azurerm_模板_部署”“windows-prod-3rd-Sunday”{
name=“windows-prod-3rd-Sunday”
资源组名称=local.rg
template_body=这可能有点帮助。更新有关问题的信息。在前面评论的帮助下,我能够创建以下计划: