Terraform Hands-On Lab 2019
Create and deploy your first template using Terraform
Overview
This lab will guide you through the creation of 3 resources using Terraform configuration files.
The following diagram depicts the final infrastructure that you will have to deploy:
Requirements: the following tools are needed
- Terraform
- Azure CLI
- Visual Studio code
- Extension Name: Terraform https://marketplace.visualstudio.com/items?itemName=mauve.terraform
Exercise 0 - Generate Resource Group
As an example, we have provisioned a folder with all the configuration files for creating a Resource Group: Resource group.
You can use them as a template for the following exercises.
In order to try this module, follow these steps:
-
Login to Azure CLI
az login
-
Select the Azure Subscription where you want to deploy
az account set -s <subscription_id>
-
Verify if it has been selected
az account show
-
Itialize the Terraform configuration directory
terraform init
-
Validate the code
terraform validate
-
Create an execution plan
terraform plan
-
Create the resource group
terraform apply
Once deployed, the Resource Group should have been created in your subscription.
Exercise 1 - Generate Key Vault
In this exercise, we will create the configuration files needed to generate a Key Vault.
In the repository you will find a folder named kvt . Inside it, you will find all the files that Terraform needs for deploying a resource.
The key vault should have the following attributes:
- Disk encryption should be enabled.
- Template deployment should be enabled.
- (Optional) Access Policy: at least one user should have these permissions:
- Secret: get, list, set
- Storage: get
- Two tags:
- environment: should be inherited from RG.
- channel.
Moreover, your module should have the following outputs:
- Key Vault ID
- Key Vault name
How can you start?
- Main.tf: fill the block resource bearing in mind all the requirements.
- Variables.tf: define all the variables. Remember that you should have already defined them in Main file.
- Output.tf: add all the requested outputs. Take a look at RG outputs file.
- versions.tf: as you are using Terraform 12, you should constrain terraform to a specific version or a range of versions.
Exercise 2 - Generate Log Analytics workspace
In this exercise, we will create the configuration files needed to generate a Log Analytics Workspace. You will need to create all the configuration files from scratch.
The Log Analytics should have the following attributes:
- Tags: should be inherited from RG.
- Location: inherit from RG.
Moreover, your module should have the following outputs:
- Log Analytics ID
- Log Analytics name
How can you start?
- Create the file structure.
- Follow same steps explained for exercise 2.
Exercise 3 (BONUS) - Create blueprint
If you have already finished the previous exercises, you are prepared to create your first blueprint, being blueprint a set of modules.
The goal of this exercise is to create a blueprint that generates a Resource Group, a Log Analytics Workspace and a Key Vault which sends its logs to the Log Analytics Workspace via diagnostic setting.