Bicep で仮想マシンを作成する

param appName string
param location string = resourceGroup().location

resource vnet 'Microsoft.Network/virtualNetworks@2024-05-01' = {
    location: location
    name: '${appName}-vnet'
    properties: {
        addressSpace: {
            addressPrefixes: [
                '10.0.0.0/16'
            ]
        }
    }
}

resource nsg 'Microsoft.Network/networkSecurityGroups@2024-05-01' = {
    location: location
    name: '${appName}-nsg'
    properties: {
        securityRules: [
        ]
    }
}

resource snet 'Microsoft.Network/virtualNetworks/subnets@2024-05-01' = {
    name: 'snet'
    parent: vnet
    properties: {
        addressPrefixes: [
            '10.0.1.0/24'
        ]
        networkSecurityGroup: {
            id: nsg.id
        }
    }
}

resource pip 'Microsoft.Network/publicIPAddresses@2024-05-01' = {
    location: location
    name: '${appName}-pip'
    sku: {
        name: 'Standard'
        tier: 'Regional'
    }
    properties: {
        idleTimeoutInMinutes: 4
        publicIPAddressVersion: 'IPv4'
        publicIPAllocationMethod: 'Static'
    }
    zones: [
        '1'
    ]
}

resource nic 'Microsoft.Network/networkInterfaces@2024-05-01' = {
    location: location
    name: '${appName}-nic'
    properties: {
        auxiliaryMode: 'None'
        auxiliarySku: 'None'
        disableTcpStateTracking: false
        enableAcceleratedNetworking: false
        enableIPForwarding: false
        ipConfigurations: [
            {
                name: 'ipconfig1'
                properties: {
                    primary: true
                    privateIPAddress: '10.0.1.4'
                    privateIPAddressVersion: 'IPv4'
                    privateIPAllocationMethod: 'Static'
                    publicIPAddress: {
                        id: pip.id
                    }
                    subnet: {
                        id: snet.id
                    }
                }
                type: 'Microsoft.Network/networkInterfaces/ipConfigurations'
            }
        ]
        nicType: 'Standard'
    }
}

param adminUsername string = 'azureuser'
param keyData string

resource vm 'Microsoft.Compute/virtualMachines@2024-07-01' = {
    location: location
    name: '${appName}-vm'
    properties: {
        additionalCapabilities: {
            hibernationEnabled: false
        }
        diagnosticsProfile: {
            bootDiagnostics: {
                enabled: true
            }
        }
        hardwareProfile: {
            vmSize: 'Standard_B2ts_v2'
        }
        networkProfile: {
            networkInterfaces: [
                {
                    id: nic.id
                }
            ]
        }
        osProfile: {
            adminUsername: adminUsername
            computerName: '${appName}-vm'
            linuxConfiguration: {
                disablePasswordAuthentication: true
                ssh: {
                    publicKeys: [
                        {
                            keyData: keyData
                            path: '/home/${adminUsername}/.ssh/authorized_keys'
                        }
                    ]
                }
            }
        }
        securityProfile: {
            securityType: 'TrustedLaunch'
            uefiSettings: {
                secureBootEnabled: true
                vTpmEnabled: true
            }
        }
        storageProfile: {
            diskControllerType: 'SCSI'
            imageReference: {
                offer: 'ubuntu-24_04-lts'
                publisher: 'Canonical'
                sku: 'server'
                version: 'latest'
            }
            osDisk: {
                caching: 'ReadWrite'
                createOption: 'FromImage'
                diskSizeGB: 30
                name: '${appName}-osdisk'
                managedDisk: {
                    storageAccountType: 'StandardSSD_LRS'
                }
                osType: 'Linux'
            }
        }
    }
    zones: [
        '1'
    ]
}