azure - How do I pass a powershell script to a VM? Escaping doesn't seem to work

Question

I am trying to have my terraform script run a powershell script on a VM when it's provisioned. I know it's trying to run but it's erroring out. I believe it's because the backslash in the file paths. I've tried escaping it, by making each single back slash into a double, but then it seems to be passed literally instead of as a simple single backslash, and that is failing too.

So how do I do it? anyone? thank you much

resource "azurerm_virtual_machine_extension" "dc" {
  name                 = var.DomainControllerVMName
  virtual_machine_id   = azurerm_windows_virtual_machine.dc.id
  publisher            = "Microsoft.Azure.Extensions"
  type                 = "CustomScript"
  type_handler_version = "2.0"

  settings = jsonencode({
    commandToExecute = "$password = convertto-securestring RkP83Ls4S8wV -asplaintext -force;Install-windowsfeature -name AD-Domain-Services –IncludeManagementTool;Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath C:windowsNTDS -DomainMode WinThreshold -DomainName mdk.mydomain.com -DomainNetbiosName MDK -ForestMode WinThreshold -InstallDns:$true -SafeModeAdministratorPassword $password -LogPath C:windowsNTDS -NoRebootOnCompletion:$false -SysvolPath C:windowsSYSVOL -Force:$true -Confirm:$false"
  })


  tags = {
    environment = "Production"
  }

  depends_on = [azurerm_windows_virtual_machine.dc]
}

question from:https://stackoverflow.com/questions/65862692/how-do-i-pass-a-powershell-script-to-a-vm-escaping-doesnt-seem-to-work

Answer 1

After my validation, the following terraform template is working. For more information, you could refer to this terraform-azurerm-promote-dc sample.

resource "azurerm_virtual_machine_extension" "create-active-directory-forest" {
  name                 = var.DomainControllerVMName
  virtual_machine_id   = azurerm_windows_virtual_machine.dc.id
  publisher            = "Microsoft.Compute"
  type                 = "CustomScriptExtension"
  type_handler_version = "1.10"

settings = <<SETTINGS
  {
      "commandToExecute": "powershell.exe -Command "$password = convertto-securestring Password12345 -asplaintext -force;Install-windowsfeature -name AD-Domain-Services –IncludeManagementTool;Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath C:\windows\NTDS -DomainMode WinThreshold -DomainName mdk.mydomain.com -DomainNetbiosName MDK -ForestMode WinThreshold -InstallDns:$true -SafeModeAdministratorPassword $password -LogPath C:\windows\NTDS -NoRebootOnCompletion:$false -SysvolPath C:\windows\NTDS -Force:$true -Confirm:$false;shutdown -r -t 10;exit 0""
  }
SETTINGS

}