I am able to ssh vm created by terraform but unable to ssh vm with same configuration FYI there is no nsg attached to both

Question

Terraform ---

Terraform v1.1.9

provider registry.terraform.io/hashicorp/azurerm v3.67.0

---

provider "azurerm" {
    
  features {}
}

resource "azurerm_resource_group" "rg" {
  name     = "myResourceGroup"
  location = "East US"
}

resource "azurerm_virtual_network" "vnet" {
  name                = "myVNet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
}

resource "azurerm_subnet" "subnet" {
  name                 = "mySubnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes       = ["10.0.1.0/24"]
}

resource "azurerm_public_ip" "public_ip" {
  name                = "myPublicIP"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Static"
}

resource "azurerm_network_interface" "nic" {
  name                      = "myNIC"
  location                  = azurerm_resource_group.rg.location
  resource_group_name       = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "myNICConfig"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.public_ip.id
  }
}

resource "azurerm_virtual_machine" "vm" {
  name                  = "myVM"
  location              = azurerm_resource_group.rg.location
  resource_group_name   = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  vm_size               = "Standard_B1s"
  delete_os_disk_on_termination = true
  delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  }

  os_profile {
    computer_name  = "myvm"
    admin_username = "ihateyouguys"
    admin_password = ""
  }
  os_profile_linux_config {
    disable_password_authentication = false
  }
  storage_os_disk {
    name              = "myOsDisk"
    caching           = "ReadWrite"
    create_option     = "FromImage"
  }


  tags = {
    environment = "test"
  }
}

---

Create the same vm manually with same configuration.

Try to ssh into both.

I am able to ssh vm created by terraform but unable to ssh vm with same configuration FYI there is no nsg attached to both

Checked configuration of both side by side unable to figure it out.

Answer 1

I am able to ssh vm created by terraform but unable to ssh vm with same configuration FYI there is no nsg attached to both.

If you create a VM and Public IP using Terraform, by default, it will select Public IP Sku: basic if no SKU is specified in the Terraform code.

'SKU: standard public IP,' it will be secure by default and will not allow inbound traffic without an NSG with port 22.

SKU: Basic public IP, it will connect by default and allow inbound traffic. An NSG is needed with port 22.

    resource "azurerm_public_ip" "public_ip" {
      name                = "myPublicIP"
      location            = azurerm_resource_group.rg.location
      resource_group_name = azurerm_resource_group.rg.name
      allocation_method   = "Static"
      depends_on = [ azurerm_subnet.subnet ]
    }

VM Created using terraform:

In order to connect via SSH to a VM created from the portal, create a Public IP with SKU: Basic while you are creating the Azure Virtual Machine

Refer : Public IP addresses are created with one of the following SKUs