Infrastructure as Code on Azure using Terraform
Closed this issue · 0 comments
SeanKilleen commented
- Install the azure cli (on Windows like me? I suggest using Chocolatey:
choco install azure-cli
) - Login to the azure cli:
az login
- List your subscriptions:
az account list
. Note the Guid ID of the subscription you care about. - Choose the subscription you want to create resources within:
az account set --subscription YOUR_SUBSCRIPTION_ID
- Install Terraform (again, with chocolatey:
choco install terraform
) - Create a file for your terraform script, e.g.
environment-setup.tf
, and open it. - Add the provider to your terraform file:
provider "azurerm" {
# Whilst version is optional, we /strongly recommend/ using it to pin the version of the Provider being used
version = "=2.7.0"
subscription_id = "SECRET_SUB_ID"
tenant_id = "SECRET_TENANT_ID"
features {} # This is required so that it doesn't throw an error.
}
- Add the setup for the azure resources that you'll use for your back-end:
resource "azurerm_resource_group" "backendrg" {
name = "TestTFProject"
location = var.DeploymentRegion
}
resource "azurerm_storage_account" "backendstorageacct" {
name = "terraformmetadata"
resource_group_name = azurerm_resource_group.backendrg.name
location = azurerm_resource_group.backendrg.location
account_tier = "Standard"
account_replication_type = "LRS"
access_tier = "Cool"
}
resource "azurerm_storage_container" "backendstoragecontainer" {
name = "tfstate"
storage_account_name = azurerm_storage_account.backendstorageacct.name
container_access_type = "private"
}
- Add a variables file or section, e.g.
terraform.tfvars
(a special name which is loaded automatically) and add the following variables to it:
variable "AzureSubscriptionId" {
description = "The subscription in which you are trying to set up this Terraform config"
type = string
}
variable "AzureTenantId" {
description = "The tenant in which you are trying to set up this Terraform config"
type = string
}
variable "DeploymentRegion" {
default="eastus2"
description="The region you want to create resources in."
type = string
}
- Add the file where you fill out the variables, e.g.
thesecrets.tf
AzureSubscriptionId="MY_SECRET_SUB"
AzureTenantId="MY_SECRET_TENANT"
- Run
terraform init
which will create your state locally. - Run
terraform apply
to create the infrastructure
That's great, but now all our state is stored locally. This is Not A Good Idea (TM).
So, add the backend:
terraform {
backend "azurerm" {
resource_group_name = "TestTFProject"
storage_account_name = "terraformmetadata"
container_name = "tfstate"
key = "terraform.tfstate"
subscription_id = "YOUR_AZURE_SUBSCRIPTION_ID" # TODO: Variable somehow?
tenant_id = "YOUR_AZURE_TENANT_ID" # TODO: Variable somehow?
}
}
- Run
terraform apply
and notice that it tells you the back-end changed. - Now tun
terraform init
again. It will prompt you on whether to add your state to the new back-end. Say yes!
Now Terraform is ready to rock and roll -- you've got the basics for your IaC setup.
Happy Terraforming!