diff --git a/README.md b/README.md
index 9ed1e96..af0610d 100644
--- a/README.md
+++ b/README.md
@@ -40,63 +40,64 @@ module "linux_virtual_machine" {
## Requirements
-| Name | Version |
-| ---------------------------------------------------------------------------- | --------- |
-| [terraform](#requirement\_terraform) | >= 1.0.0 |
-| [azurerm](#requirement\_azurerm) | >= 3.40.0 |
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >=1.0.0 |
+| [azurerm](#requirement\_azurerm) | >=3.40.0 |
## Providers
-| Name | Version |
-| ---------------------------------------------------------------------- | ------- |
-| [azurerm](#provider\_azurerm) | 3.40.0 |
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | >=3.40.0 |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|-------------------------------------------------------------------------------------------------------------------------------------------------------|:--------:|
-| [project](#input\_project)| Project name | `string` | n/a | yes |
-| [env](#input\_env)| Environment name | `string` | n/a | yes |
-| [resource\_group](#input\_resource\_group)| The name of the resource group | `string` | n/a | yes |
-| [suffix](#input\_suffix)| Optional suffix that would be added to the end of resources names. It is recommended to use dash at the beginning of variable (e.x., '-example') | `string` | "" | no |
-| [location](#input\_location)| Azure location | `string` | n/a | yes |
-| [custom\_virtual\_machine\_name](#input\_custom\_virtual\_machine\_name)| Specifies the name of the virtual machine name resource | `string` | null | no |
-| [custom\_network\_interface\_name](#input\_custom\_network\_interface\_name)| Specifies the name of the virtual machine interface name resource | `string` | null | no |
-| [custom\_public\_ip\_name](#input\_custom\_public\_ip\_name)| Specifies the name of the public ip name name resource | `string` | null | no |
-| [tags](#input\_tags)| Resource tags | map(any) | {} | no |
-| [subnet\_id](#input\_subnet\_id)| The ID of the Subnet where this Network Interface should be located in. | `string` | n/a | yes |
-| [public\_ip\_enabled](#input\_public\_ip\_enabled)| Boolean flag to enable Public Ip address creation and assignment to Virtual Machine | `bool` | true | no |
-| [public\_ip\_allocation\_method](#input\_public\_ip\_allocation_method)| Defines the allocation method for this IP address. Possible values are Static or Dynamic | `string` | Static | no |
-| [network\_interface\_private\_ip_address\_allocation](#input\_network\_interface\_private\_ip_address\_allocation)| The allocation method used for the Private IP Address. | `string` | Dynamic | no |
-| [vm\_size](#input\_vm\_size)| The SKU which should be used for this Virtual Machine. | `string` | Standard_F2 | no |
-| [vm\_admin\_username](#input\_vm\_admin\_username)| The username of the local administrator used for the Virtual Machine. | `string` | adminuser | no |
-| [vm\_admin\_password](#input\_vm\_admin\_password)| The password of the local administrator used for the Virtual Machine. | `string` | null | no |
-| [admin\_ssh\_key](#input\_admin\_ssh\_key)| Objects to configure ssh key reference for virtual machine | object({
username = string
public_key = string
}) | n/a | yes |
-| [os\_disk](#input\_os\_disk)| Objects to configure os disk reference for virtual machine | object({
caching = string
storage_account_type = string
}) | {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
} | no |
-| [source\_image\_reference](#input\_source\_image\_reference)| Objects to configure source image reference for virtual machine | object({
publisher = string
offer = string
sku = string
version = string
}) | {
publisher = "Canonical"
offer = "0001-com-ubuntu-server-focal"
sku = "20_04-lts"
version = "latest"
} | no |
-| [identity\_enabled](#input\_identity\_enabled)| Boolean flag than enables creation of System Assigned identity to VM | `bool` | false | no |
-| [password\_access\_enabled](#input\_password\_access\_enabled)| Boolean flag that enables access using password | `bool` | false | no |
-
## Modules
No modules.
## Resources
-| Name | Type |
-| ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
-| [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
-| [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
-| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
+| Name | Type |
+|------|------|
+| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
+| [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
+| [azurerm_network_interface_application_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_application_security_group_association) | resource |
+| [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
+
+## Inputs
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [admin\_ssh\_key](#input\_admin\_ssh\_key) | Objects to configure ssh key reference for virtual machine | object({
username = optional(string, "adminuser")
public_key = optional(string)
}) | `{}` | no |
+| [application\_security\_group\_id](#input\_application\_security\_group\_id) | Application security group id | `string` | `null` | no |
+| [custom\_network\_interface\_name](#input\_custom\_network\_interface\_name) | Specifies the name of the virtual machine interface name resource | `string` | `null` | no |
+| [custom\_public\_ip\_name](#input\_custom\_public\_ip\_name) | Specifies the name of the public ip name name resource | `string` | `null` | no |
+| [custom\_virtual\_machine\_name](#input\_custom\_virtual\_machine\_name) | Specifies the name of the virtual machine name resource | `string` | `null` | no |
+| [env](#input\_env) | Environment name | `string` | n/a | yes |
+| [identity\_enabled](#input\_identity\_enabled) | Boolean flag than enables creation of System Assigned identity to VM | `bool` | `false` | no |
+| [location](#input\_location) | Azure location | `string` | n/a | yes |
+| [network\_interface\_private\_ip\_address\_allocation](#input\_network\_interface\_private\_ip\_address\_allocation) | The allocation method used for the Private IP Address. | `string` | `"Dynamic"` | no |
+| [os\_disk](#input\_os\_disk) | Objects to configure os disk reference for virtual machine | object({
caching = string
storage_account_type = string
}) | {
"caching": "ReadWrite",
"storage_account_type": "Standard_LRS"
} | no |
+| [password\_access\_enabled](#input\_password\_access\_enabled) | Boolean flag that enables access using password | `bool` | `false` | no |
+| [project](#input\_project) | Project name | `string` | n/a | yes |
+| [public\_ip\_allocation\_method](#input\_public\_ip\_allocation\_method) | Defines the allocation method for this IP address. Possible values are Static or Dynamic | `string` | `"Static"` | no |
+| [public\_ip\_enabled](#input\_public\_ip\_enabled) | Boolean flag to enable Public Ip address creation and assignment to Virtual Machine | `bool` | `true` | no |
+| [resource\_group](#input\_resource\_group) | The name of the resource group | `string` | n/a | yes |
+| [source\_image\_reference](#input\_source\_image\_reference) | Objects to configure source image reference for virtual machine | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-focal",
"publisher": "Canonical",
"sku": "20_04-lts",
"version": "latest"
} | no |
+| [subnet\_id](#input\_subnet\_id) | The ID of the Subnet where this Network Interface should be located in. | `string` | n/a | yes |
+| [suffix](#input\_suffix) | Optional suffix that would be added to the end of resources names. It is recommended to use dash at the beginning of variable (e.x., '-example') | `string` | `""` | no |
+| [tags](#input\_tags) | Resource tags | `map(any)` | `{}` | no |
+| [vm\_admin\_password](#input\_vm\_admin\_password) | The password of the local administrator used for the Virtual Machine. | `string` | `null` | no |
+| [vm\_admin\_username](#input\_vm\_admin\_username) | The username of the local administrator used for the Virtual Machine. | `string` | `"adminuser"` | no |
+| [vm\_size](#input\_vm\_size) | The SKU which should be used for this Virtual Machine. | `string` | `"Standard_F2"` | no |
## Outputs
-| Name | Description |
-| ----------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- |
+| Name | Description |
+|------|-------------|
| [id](#output\_id) | The ID of the Linux Virtual Machine |
-| [identity](#output\_identity) | linux virtual machine identity |
+| [identity](#output\_identity) | linux virtual machine Identities list |
+| [private\_ip](#output\_private\_ip) | Linux Virtual Machine private IP address |
| [public\_ip](#output\_public\_ip) | Linux Virtual Machine public IP address |
diff --git a/main.tf b/main.tf
index 0ba9a75..748da19 100644
--- a/main.tf
+++ b/main.tf
@@ -69,3 +69,10 @@ resource "azurerm_linux_virtual_machine" "this" {
version = var.source_image_reference.version
}
}
+
+resource "azurerm_network_interface_application_security_group_association" "this" {
+ count = length(var.application_security_group_id) != null ? 1 : 0
+
+ network_interface_id = azurerm_network_interface.this.id
+ application_security_group_id = var.application_security_group_id
+}
diff --git a/variables.tf b/variables.tf
index ccb2a2f..2803c3a 100644
--- a/variables.tf
+++ b/variables.tf
@@ -94,6 +94,7 @@ variable "admin_ssh_key" {
username = optional(string, "adminuser")
public_key = optional(string)
})
+ default = {}
description = "Objects to configure ssh key reference for virtual machine"
}
@@ -136,3 +137,9 @@ variable "password_access_enabled" {
description = "Boolean flag that enables access using password"
default = false
}
+
+variable "application_security_group_id" {
+ type = string
+ description = "Application security group id"
+ default = null
+}