azurerm_linux_virtual_machine - Normalise SSH keys

[jackofallops]

Fixes #9238

Background: When VM's are created via the Portal with "Generate new key" the API response contains a broken representation of the public key including newline character codes which needs to be normalised before it can be used via terraform import.

Tested manually:

➜  terraform state show azurerm_linux_virtual_machine.import
# azurerm_linux_virtual_machine.import:
resource "azurerm_linux_virtual_machine" "import" {
    admin_username                  = "azureuser"
    allow_extension_operations      = true
    computer_name                   = "stedev-ssh-test"
    disable_password_authentication = true
    encryption_at_host_enabled      = false
    extensions_time_budget          = "PT1H30M"
    id                              = "/subscriptions/******/resourcegroups/stedev-20201216/providers/Microsoft.Compute/virtualMachines/stedev-ssh-test"
    location                        = "westeurope"
    max_bid_price                   = -1
    name                            = "stedev-ssh-test"
    network_interface_ids           = [
        "/subscriptions/******/resourceGroups/stedev-20201216/providers/Microsoft.Network/networkInterfaces/stedev-ssh-test842",
    ]
    priority                        = "Regular"
    private_ip_address              = "10.1.1.4"
    private_ip_addresses            = [
        "10.1.1.4",
    ]
    provision_vm_agent              = true
    public_ip_address               = "20.73.65.79"
    public_ip_addresses             = [
        "20.73.65.79",
    ]
    resource_group_name             = "stedev-20201216"
    size                            = "Standard_B1ls"
    tags                            = {}
    virtual_machine_id              = "7bd30006-3bba-4731-a066-68aadcbe41c9"

    admin_ssh_key {
        public_key = <<~EOT
            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC5UO2NUzb5G/Lcis/hc/VzKgUn
            VbHjiZAUIlNcQg+3yL6Xj5Fg2jF7gO/hWdZK5VS4cGp38ryuS67bvrApwxslmFe2
            6qpd8203RLAF1wUjiSugOPCqPSFD4PKRTUoLmwtECcnhhAV0RkCRmikdjuDRN4bq
            D0jgABfgabIvWbvJ5T9ea/qf7SInIQpGtd4HTEpSyTohIXg/Wdsk+9CulJfcQSou
            a3C/elw9ssnEBh4aXmty+Yc+dF2oWzDSgcb5ic4eB6lwnP9LAr7NsEr4b6wPM0dh
            rn6QO2Q2xReG7ESgrEPDY6Sb1g6PPNZbnV7x1b3nwIPtM9rW/AQ1OOmUX43v32n2
            AIMo0/egkCZcxIskvp2WNnd5I/tmUsc3TuiPF5YXT0/1UMyR/bnwlJbLSp4xY0Zm
            qI1xXDaWzGiDrP103A75iIP9ps5Eq+mmJIjr/w38x/8kJBiU69dSklokBFS9AE2m
            cT8SKpPespdqC9WaXuXNurxN0uOmfYT0F4KWfYc= generated-by-azure
        EOT
        username   = "azureuser"
    }

    boot_diagnostics {}

    os_disk {
        caching                   = "ReadWrite"
        disk_size_gb              = 30
        name                      = "stedev-ssh-test_disk1_4891a3883e7b4638a1c56ff7997d936f"
        storage_account_type      = "Standard_LRS"
        write_accelerator_enabled = false
    }

    source_image_reference {
        offer     = "UbuntuServer"
        publisher = "Canonical"
        sku       = "18.04-LTS"
        version   = "latest"
    }

    timeouts {}
}

Config:

provider "azurerm" {
  features {}
}

resource "azurerm_linux_virtual_machine" "import" {
  name                = "stedev-ssh-test"
  location            = "westeurope"
  resource_group_name = "stedev-20201216"
  size                = "Standard_B1ls"
  network_interface_ids = [
    "/subscriptions/******/resourceGroups/stedev-20201216/providers/Microsoft.Network/networkInterfaces/stedev-ssh-test842",
  ]
  os_disk {
    caching                   = "ReadWrite"
    disk_size_gb              = 30
    name                      = "stedev-ssh-test_disk1_4891a3883e7b4638a1c56ff7997d936f"
    storage_account_type      = "Standard_LRS"
    write_accelerator_enabled = false
  }
  admin_username = "azureuser"

  admin_ssh_key {
    public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC5UO2NUzb5G/Lcis/hc/VzKgUnVbHjiZAUIlNcQg+3yL6Xj5Fg2jF7gO/hWdZK5VS4cGp38ryuS67bvrApwxslmFe26qpd8203RLAF1wUjiSugOPCqPSFD4PKRTUoLmwtECcnhhAV0RkCRmikdjuDRN4bqD0jgABfgabIvWbvJ5T9ea/qf7SInIQpGtd4HTEpSyTohIXg/Wdsk+9CulJfcQSoua3C/elw9ssnEBh4aXmty+Yc+dF2oWzDSgcb5ic4eB6lwnP9LAr7NsEr4b6wPM0dhrn6QO2Q2xReG7ESgrEPDY6Sb1g6PPNZbnV7x1b3nwIPtM9rW/AQ1OOmUX43v32n2AIMo0/egkCZcxIskvp2WNnd5I/tmUsc3TuiPF5YXT0/1UMyR/bnwlJbLSp4xY0ZmqI1xXDaWzGiDrP103A75iIP9ps5Eq+mmJIjr/w38x/8kJBiU69dSklokBFS9AE2mcT8SKpPespdqC9WaXuXNurxN0uOmfYT0F4KWfYc= generated-by-azure"
    username   = "azureuser"
  }

  source_image_reference {
    offer     = "UbuntuServer"
    publisher = "Canonical"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  boot_diagnostics {}
  
}

Plan:

➜  terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

azurerm_linux_virtual_machine.import: Refreshing state... [id=/subscriptions/******/resourcegroups/stedev-20201216/providers/Microsoft.Compute/virtualMachines/stedev-ssh-test]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

[katbyte]

LGTM 👍 \

[tombuildsstuff]

Left a few comments inline but if we can fix those up then this otherwise looks good 👍

[ghost]

This has been released in version 2.41.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.41.0"
}
# ... other configuration ...

[AleFazio]

Fixes #9238

Background: When VM's are created via the Portal with "Generate new key" the API response contains a broken representation of the public key including newline character codes which needs to be normalised before it can be used via terraform import.

Tested manually:

➜  terraform state show azurerm_linux_virtual_machine.import
# azurerm_linux_virtual_machine.import:
resource "azurerm_linux_virtual_machine" "import" {
    admin_username                  = "azureuser"
    allow_extension_operations      = true
    computer_name                   = "stedev-ssh-test"
    disable_password_authentication = true
    encryption_at_host_enabled      = false
    extensions_time_budget          = "PT1H30M"
    id                              = "/subscriptions/******/resourcegroups/stedev-20201216/providers/Microsoft.Compute/virtualMachines/stedev-ssh-test"
    location                        = "westeurope"
    max_bid_price                   = -1
    name                            = "stedev-ssh-test"
    network_interface_ids           = [
        "/subscriptions/******/resourceGroups/stedev-20201216/providers/Microsoft.Network/networkInterfaces/stedev-ssh-test842",
    ]
    priority                        = "Regular"
    private_ip_address              = "10.1.1.4"
    private_ip_addresses            = [
        "10.1.1.4",
    ]
    provision_vm_agent              = true
    public_ip_address               = "20.73.65.79"
    public_ip_addresses             = [
        "20.73.65.79",
    ]
    resource_group_name             = "stedev-20201216"
    size                            = "Standard_B1ls"
    tags                            = {}
    virtual_machine_id              = "7bd30006-3bba-4731-a066-68aadcbe41c9"

    admin_ssh_key {
        public_key = <<~EOT
            ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC5UO2NUzb5G/Lcis/hc/VzKgUn
            VbHjiZAUIlNcQg+3yL6Xj5Fg2jF7gO/hWdZK5VS4cGp38ryuS67bvrApwxslmFe2
            6qpd8203RLAF1wUjiSugOPCqPSFD4PKRTUoLmwtECcnhhAV0RkCRmikdjuDRN4bq
            D0jgABfgabIvWbvJ5T9ea/qf7SInIQpGtd4HTEpSyTohIXg/Wdsk+9CulJfcQSou
            a3C/elw9ssnEBh4aXmty+Yc+dF2oWzDSgcb5ic4eB6lwnP9LAr7NsEr4b6wPM0dh
            rn6QO2Q2xReG7ESgrEPDY6Sb1g6PPNZbnV7x1b3nwIPtM9rW/AQ1OOmUX43v32n2
            AIMo0/egkCZcxIskvp2WNnd5I/tmUsc3TuiPF5YXT0/1UMyR/bnwlJbLSp4xY0Zm
            qI1xXDaWzGiDrP103A75iIP9ps5Eq+mmJIjr/w38x/8kJBiU69dSklokBFS9AE2m
            cT8SKpPespdqC9WaXuXNurxN0uOmfYT0F4KWfYc= generated-by-azure
        EOT
        username   = "azureuser"
    }

    boot_diagnostics {}

    os_disk {
        caching                   = "ReadWrite"
        disk_size_gb              = 30
        name                      = "stedev-ssh-test_disk1_4891a3883e7b4638a1c56ff7997d936f"
        storage_account_type      = "Standard_LRS"
        write_accelerator_enabled = false
    }

    source_image_reference {
        offer     = "UbuntuServer"
        publisher = "Canonical"
        sku       = "18.04-LTS"
        version   = "latest"
    }

    timeouts {}
}

Config:

provider "azurerm" {
  features {}
}

resource "azurerm_linux_virtual_machine" "import" {
  name                = "stedev-ssh-test"
  location            = "westeurope"
  resource_group_name = "stedev-20201216"
  size                = "Standard_B1ls"
  network_interface_ids = [
    "/subscriptions/******/resourceGroups/stedev-20201216/providers/Microsoft.Network/networkInterfaces/stedev-ssh-test842",
  ]
  os_disk {
    caching                   = "ReadWrite"
    disk_size_gb              = 30
    name                      = "stedev-ssh-test_disk1_4891a3883e7b4638a1c56ff7997d936f"
    storage_account_type      = "Standard_LRS"
    write_accelerator_enabled = false
  }
  admin_username = "azureuser"

  admin_ssh_key {
    public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC5UO2NUzb5G/Lcis/hc/VzKgUnVbHjiZAUIlNcQg+3yL6Xj5Fg2jF7gO/hWdZK5VS4cGp38ryuS67bvrApwxslmFe26qpd8203RLAF1wUjiSugOPCqPSFD4PKRTUoLmwtECcnhhAV0RkCRmikdjuDRN4bqD0jgABfgabIvWbvJ5T9ea/qf7SInIQpGtd4HTEpSyTohIXg/Wdsk+9CulJfcQSoua3C/elw9ssnEBh4aXmty+Yc+dF2oWzDSgcb5ic4eB6lwnP9LAr7NsEr4b6wPM0dhrn6QO2Q2xReG7ESgrEPDY6Sb1g6PPNZbnV7x1b3nwIPtM9rW/AQ1OOmUX43v32n2AIMo0/egkCZcxIskvp2WNnd5I/tmUsc3TuiPF5YXT0/1UMyR/bnwlJbLSp4xY0ZmqI1xXDaWzGiDrP103A75iIP9ps5Eq+mmJIjr/w38x/8kJBiU69dSklokBFS9AE2mcT8SKpPespdqC9WaXuXNurxN0uOmfYT0F4KWfYc= generated-by-azure"
    username   = "azureuser"
  }

  source_image_reference {
    offer     = "UbuntuServer"
    publisher = "Canonical"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  boot_diagnostics {}
  
}

Plan:

➜  terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

azurerm_linux_virtual_machine.import: Refreshing state... [id=/subscriptions/******/resourcegroups/stedev-20201216/providers/Microsoft.Compute/virtualMachines/stedev-ssh-test]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

Thanks! Now it works!
By the way, as I said in #9238 (comment), the problem also occurs for me with key having following syntax:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20200715"
ssh-rsa AAA....
---- END SSH2 PUBLIC KEY ----
Do you have any suggestion for this?

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!