Azure PowerShell Terraform

Set up WinRM for a Azure Virtual Machine using Terraform Code

4 Run the Terraform code and create the virtual machine.

Not a lot to say here, run the Terraform plan, check it and then run terraform apply. wait for the machine to build.

5. Connect to the machine

OK so assumming that the virtual machine is built, How do we connect to it. To connect to the Azure Virtual Machines you need to specify some credentials to use. This is all in PowerShell. we start with setting up the credentials. One important thing to point out here is the username should be “.\Rogersadmin” without the quotes. If you just use “Rogersadmin” it will fail to connect. Thats because the .\ is telling the VM to use a local user account to login.

$cred = Get-credential

The next piece is to set the SessionOption. This is simply the settings we are going to use for the connection, or as they put it, the session. If you use the command below it tells the connection to skip checking the Certificate Authority, to skip the check of the Common Name (of the certificate) and to skip the check if the certificate has been revoked by the Certificate Authority or not.

The reason for this is we are using a self-signed certificate and things will not match correctly. Think about the Common Name (CN) in the certificate it’s set to RogersComputers or something like that. A production certificate would be set to RogersComputer1.domain.com or RogersComputer2.uksouth.cloudapp.azure.com and each machine would have a separate certificate or a wildcard. Although A wildcard is less secure, it’s easier to work with.

$sessionoption = new-pssessionoption -skipCAcheck -skipCNcheck -SkipRevocationCheck

Then to access the VM

Enter-pssession -ConnectionUri https://public IP or dns of VM:5986 -credential $cred -sessionoption $sessionoption

And that is it. You can now with ease connect to your virtual machine. Hope that helps in setting up your WinRM access.

If you want some detail on the encryption and secure methods please see the Microsoft document below.

https://docs.microsoft.com/en-us/powershell/scripting/learn/remoting/winrmsecurity?view=powershell-7