Terraform GCP unable to run metadata command for windows instance to create a user

Question

Trying to create a user which can be used in connection to move some files , when i try to create a user while creating a instance using metadata resource get created successfully but metadata command is not executed.

`resource "google_compute_instance" "win-dev-instance" {
 project = "my_pro_1"
 zone = "eu-west2-b"
 name = "win-dev-instance"
 machine_type = "f1-micro"
 boot_disk {
   initialize_params {
     image = "windows-server-2016-r2-dc-v20191210"
   }
 }
 network_interface {
   network = "default"
   access_config {
   }
 }
 metadata {
    windows-startup-script-cmd = "net user /add devuser PASSWORD & net localgroup adminstrators devuser /add"
  }
}`

Answer 1

In your example, there is a typo adminstrators , it should be administrators .

Solution

resource "google_compute_instance" "win-dev-instance" {
  project      = "my_pro_1"
  zone         = "eu-west2-b"
  name         = "win-dev-instance"
  machine_type = "n1-standard-2"
  boot_disk {
    initialize_params {
      image = "windows-server-2016-dc-v20191210"
    }
  }
  network_interface {
    network = "default"
    access_config {}
  }
  metadata = {
    windows-startup-script-cmd = "net user /add devuser Abc123123 & net localgroup administrators devuser /add"
  }
}

Answer 2

I test without success the solution based on windows-startup-script-cmd . Also this script will be excuted every time the instance restart. I think the best solution is to use the metadata with the windows-keys key as described here . The solution is to generate a double key, one will be used by gcp to generate the password and the second to decrypt it on reception