This repository contains a Terraform configuration for deploying infrastructure on Microsoft Azure, coupled with an Ansible playbook for application deployment. The Terraform script creates a set of resources, including a Virtual Machine, Key Vault, and networking components. The Ansible playbook is invoked through a null resource provisioner to configure and deploy an application on the provisioned Azure infrastructure. The application can be accessed through port 8080 of the provisioned vm.
-
You must have a Microsoft Azure subscription.
-
You must have the following installed:
- Terraform CLI
- Azure CLI tool
-
The code was written for:
- Terraform v1.6.4 or later
-
It uses the Terraform AzureRM Provider v3.8.0 that interacts with the many resources supported by Azure Resource Manager (AzureRM) through its APIs.
-
Authenticate using the Azure CLI.
Terraform must authenticate to Azure to create infrastructure.
In your terminal, use the Azure CLI tool to set up your account permissions locally.
az login
Your browser will open and prompt you to enter your Azure login credentials. After successful authentication, your terminal will display your subscription information.
[ { "cloudName": "<CLOUD-NAME>", "homeTenantId": "<HOME-TENANT-ID>", "id": "<SUBSCRIPTION-ID>", "isDefault": true, "managedByTenants": [], "name": "<SUBSCRIPTION-NAME>", "state": "Enabled", "tenantId": "<TENANT-ID>", "user": { "name": "<YOUR-USERNAME@DOMAIN.COM>", "type": "user" } } ]Find the
idcolumn for the subscription account you want to use.Once you have chosen the account subscription ID, set the account with the Azure CLI.
az account set --subscription "<SUBSCRIPTION-ID>"
-
Create a Service Principal.
A Service Principal is an application within Azure Active Directory with the authentication tokens Terraform needs to perform actions on your behalf. Update the
<SUBSCRIPTION_ID>with the subscription ID you specified in the previous step.
Run Command:
$ az ad sp create-for-rbac --name <some-name> --role="Contributor" --role "User Access Administrator" --scopes="/subscriptions/<SUBSCRIPTION-ID>"
Command Output:
{ "appId": "xxxxxx-xxx-xxxx-xxxx-xxxxxxxxxx", "displayName": "azure-cli-2022-xxxx", "password": "xxxxxx~xxxxxx~xxxxx", "tenant": "xxxxx-xxxx-xxxxx-xxxx-xxxxx" } -
NOTE: This script needs the User Access Administrator role in addition to the Contributor role because it makes role assignments.
- Set your environment variables.
HashiCorp recommends setting these values as environment variables rather than saving them in your Terraform configuration.
In your terminal, set the following environment variables. Be sure to update the variable values with the values Azure returned in the previous command.
- For MacOS/Linux:
$ export ARM_CLIENT_ID="<SERVICE_PRINCIPAL_APPID>"
$ export ARM_CLIENT_SECRET="<SERVICE_PRINCIPAL_PASSWORD>"
$ export ARM_SUBSCRIPTION_ID="<SUBSCRIPTION_ID>"
$ export ARM_TENANT_ID="<TENANT_ID>"- For Windows (PowerShell):
$env:ARM_CLIENT_ID="<SERVICE_PRINCIPAL_APPID>"
$env:ARM_CLIENT_SECRET="<SERVICE_PRINCIPAL_PASSWORD>"
$env:ARM_SUBSCRIPTION_ID="<SUBSCRIPTION_ID>"
$env:ARM_TENANT_ID="<TENANT_ID>"Run command:
$ terraform init- Run command:
$ terraform planRun command:
$ terraform applyRun command:
$ terraform destroyThese are the variables that can be customized to tailor the deployment according to your requirements.
| Variable Name | Type | Description | Default Value |
|---|---|---|---|
name_prefix |
String | Name prefix used for resources. Should only contain lowercase characters and hyphens. | shtan-app- |
location |
String | Azure Region where all resources in this example should be created. | West Europe |
vm_admin_user |
String | Admin user name for the virtual machine. | shtech |
vm_image |
Object | Linux virtual machine image configuration. | See Default Configuration |
app_version |
String | Version of the app to be installed on the VM. | 0.2.0 |
{
publisher = "Canonical"
offer = "0001-com-ubuntu-server-jammy"
sku = "22_04-lts"
version = "latest"
}The app_version follows Semantic Versioning (SemVer) syntax. It must match the pattern MAJOR.MINOR.PATCH[-PRERELEASE][+BUILD]. The default version is 0.2.0.