This module is designed to manage an Azure Shared Image Gallery, including the creation and management of shared images, image versions, and the configuration of image sharing settings. The Shared Image Gallery allows you to manage VM image versions, replication across regions, and sharing with multiple subscriptions or tenants.
- Shared Image Gallery Management: Facilitates the creation and management of an Azure Shared Image Gallery.
- Image Definitions & Versions: Supports the creation of image definitions and multiple versions within the gallery.
- Image Sharing: Allows configuration for sharing images across subscriptions or tenants, including as a community gallery.
This example demonstrates how to use the azurerm_shared_image_gallery module to create a shared image gallery with image definitions and versions, and configure it for sharing.
resource "azurerm_resource_group" "gallery_rg" {
location = "rg-vnet-example"
name = "germanywestcentral"
}
module "shared_image_gallery" {
source = "../tf-modules/tf-azurerm-shared-image-gallery"
name = "image-gallery-name"
resource_group_name = azurerm_resource_group.gallery_rg.name
location = "germanywestcentral"
tags = "tags"
description = "Storage of hardenened base images"
shared_images_definitions = {
redhat = {
trusted_launch_enabled = true
hyper_v_generation = "V2"
os_type = "Linux"
description = "RedHat RHEL"
name = "redhat-enterprise-linux-94-gen2-img-def"
identifier = {
offer = "RHEL"
publisher = "RedHat"
sku = "94_gen2"
}
},
windows = {
trusted_launch_enabled = true
hyper_v_generation = "V2"
os_type = "Windows"
description = "Windows Datacenter smalldisk g2 custom image."
name = "windows-datacenter-2022-smalldsk-g2-img-def"
identifier = {
offer = "CustomWindowsServer"
publisher = "Companyname"
sku = "2022-datacenter-core-smalldisk-g2"
}
}
}
}
| Name | Version |
|---|---|
| azurerm | >=4.0.0 |
| Name | Version |
|---|---|
| azurerm | >=4.0.0 |
| Name | Type |
|---|---|
| azurerm_shared_image.shared_image | resource |
| azurerm_shared_image_gallery.shared_image_gallery | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| description | * description - (Optional) A description for this Shared Image Gallery.Example Input: description = "An example shared image gallery" |
string |
n/a | yes |
| location | * location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.Example Input: location = "eastus" |
string |
n/a | yes |
| name | * name - (Required) Specifies the name of the Shared Image Gallery. Changing this forces a new resource to be created.Example Input: name = "my-shared-image-gallery" |
string |
n/a | yes |
| resource_group_name | * resource_group_name - (Required) The name of the resource group in which to create the Shared Image Gallery. Changing this forces a new resource to be created.Example Input: resource_group_name = "my-resource-group" |
string |
n/a | yes |
| shared_images_definitions | * shared_images_definitions - (Required) Manages a Shared Image within a Shared Image Gallery.* name - (Required) Specifies the name of the Shared Image. Changing this forces a new resource to be created.* identifier - (Required) An identifier block as defined below.* offer - (Required) The Offer Name for this Shared Image. Changing this forces a new resource to be created.* publisher - (Required) The Publisher Name for this Gallery Image. Changing this forces a new resource to be created.* sku - (Required) The Name of the SKU for this Gallery Image. Changing this forces a new resource to be created.* os_type - (Required) The type of Operating System present in this Shared Image. Possible values are Linux and Windows. Changing this forces a new resource to be created.* purchase_plan - (Optional) A purchase_plan block as defined below.* name - (Required) The Purchase Plan Name for this Shared Image. Changing this forces a new resource to be created.* publisher - (Optional) The Purchase Plan Publisher for this Gallery Image. Changing this forces a new resource to be created.* product - (Optional) The Purchase Plan Product for this Gallery Image. Changing this forces a new resource to be created.* description - (Optional) A description of this Shared Image.* disk_types_not_allowed - (Optional) One or more Disk Types not allowed for the Image. Possible values include Standard_LRS and Premium_LRS.* end_of_life_date - (Optional) The end of life date in RFC3339 format of the Image.* eula - (Optional) The End User Licence Agreement for the Shared Image. Changing this forces a new resource to be created.* specialized - (Optional) Specifies that the Operating System used inside this Image has not been Generalized (for example, sysprep on Windows has not been run). Changing this forces a new resource to be created.~> Note: It's recommended to Generalize images where possible - Specialized Images reuse the same UUID internally within each Virtual Machine, which can have unintended side-effects. * architecture - (Optional) CPU architecture supported by an OS. Possible values are x64 and Arm64. Defaults to x64. Changing this forces a new resource to be created.* hyper_v_generation - (Optional) The generation of HyperV that the Virtual Machine used to create the Shared Image is based on. Possible values are V1 and V2. Defaults to V1. Changing this forces a new resource to be created.* max_recommended_vcpu_count - (Optional) Maximum count of vCPUs recommended for the Image.* min_recommended_vcpu_count - (Optional) Minimum count of vCPUs recommended for the Image.* max_recommended_memory_in_gb - (Optional) Maximum memory in GB recommended for the Image.* min_recommended_memory_in_gb - (Optional) Minimum memory in GB recommended for the Image.* privacy_statement_uri - (Optional) The URI containing the Privacy Statement associated with this Shared Image. Changing this forces a new resource to be created.* release_note_uri - (Optional) The URI containing the Release Notes associated with this Shared Image.* trusted_launch_supported - (Optional) Specifies if supports creation of both Trusted Launch virtual machines and Gen2 virtual machines with standard security created from the Shared Image. Changing this forces a new resource to be created.* trusted_launch_enabled - (Optional) Specifies if Trusted Launch has to be enabled for the Virtual Machine created from the Shared Image. Changing this forces a new resource to be created.* confidential_vm_supported - (Optional) Specifies if supports creation of both Confidential virtual machines and Gen2 virtual machines with standard security from a compatible Gen2 OS disk VHD or Gen2 Managed image. Changing this forces a new resource to be created.* confidential_vm_enabled - (Optional) Specifies if Confidential Virtual Machines enabled. It will enable all the features of trusted, with higher confidentiality features for isolate machines or encrypted data. Available for Gen2 machines. Changing this forces a new resource to be created.~> Note:: Only one of trusted_launch_supported, trusted_launch_enabled, confidential_vm_supported and confidential_vm_enabled can be specified.* accelerated_network_support_enabled - (Optional) Specifies if the Shared Image supports Accelerated Network. Changing this forces a new resource to be created.* hibernation_enabled - (Optional) Specifies if the Shared Image supports hibernation. Changing this forces a new resource to be created.* disk_controller_type_nvme_enabled - (Optional) Specifies if the Shared Image supports NVMe disks. Changing this forces a new resource to be created.* tags - (Optional) A mapping of tags to assign to the Shared Image.Example Input: shared_images_definitions = { |
map(object({ |
null |
no |
| sharing | * sharing - (Optional) A sharing block as defined below. Changing this forces a new resource to be created.* permission - (Required) The permission of the Shared Image Gallery when sharing. Possible values are Community, Groups and Private. Changing this forces a new resource to be created.~> Note: This requires that the Preview Feature Microsoft.Compute/CommunityGalleries is enabled, see the documentation for more information.* community_gallery - (Optional) A community_gallery block as defined below. Changing this forces a new resource to be created.~> NOTE: community_gallery must be set when permission is set to Community.* eula - (Required) The End User Licence Agreement for the Shared Image Gallery. Changing this forces a new resource to be created.* prefix - (Required) Prefix of the community public name for the Shared Image Gallery. Changing this forces a new resource to be created.* publisher_email - (Required) Email of the publisher for the Shared Image Gallery. Changing this forces a new resource to be created.* publisher_uri - (Required) URI of the publisher for the Shared Image Gallery. Changing this forces a new resource to be created.Example Input: # private gallery |
optional(object({ |
null |
no |
| tags | * tags - (Optional) A mapping of tags to assign to the Shared Image Gallery.Example Input: tags = { |
map(string) |
null |
no |
| Name | Description |
|---|---|
| resource | Azure Shared Image Gallery output object |
| shared_images_definitions_resource | Azure Shared Images definitions |
No modules.
For more details on the Azure Shared Image Gallery and its capabilities, refer to the Azure documentation. This module is intended to be flexible and can be customized to fit various use cases, including multi-region replication and sharing across different Azure tenants.
- Ensure that your subscription has the necessary permissions to create and manage Shared Image Galleries.
- Review the Azure naming conventions and constraints to avoid issues with resource names.
- Always validate your Terraform configuration before deployment to catch potential issues early.
This module is licensed under the Apache V2 License. See the LICENSE file for more details.