If someone is looking for the actual code example - here it is.
Prerequirements:
- enable a system assigned managed identity on the VM first
resource "azurerm_virtual_machine_extension" "aad_login" {
name = "AADLogin"
virtual_machine_id = "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>/providers/Microsoft.Compute/virtualMachines/<VIRTUAL_MACHINE_NAME>" # Resource ID of your VM
publisher = "Microsoft.Azure.ActiveDirectory"
type = "AADSSHLoginForLinux" # For Windows VMs: AADLoginForWindows
type_handler_version = "1.0" # There may be a more recent version
}
After enabling the system assigned managed identity and deploying the VM extension you have to configure Azure RBAC to allow VM access. Assign ether Virtual Machine Administrator Login
or Virtual Machine User Login
to the VM resource.
You can now use az ssh vm
to login to the VM. Please note you have to set the proper subscription first.
Here is an example how to login via SSH to a Linux VM:
$ az login --tenant <TENANT_ID>
$ az account set --name <SUBSCRIPTION_NAME>
$ az ssh vm -g <RESOURCE_GROUP_NAME> -n <VIRTUAL_MACHINE_NAME>