| Id | Description | Build Status |
|---|---|---|
| Best-Practice | Share a list of best practices and tutoriels when using Terraform on Azure | |
| Azure DevOps - Intro | Share articles about CI/CD, Azure DevOps and Terraform on Azure. | |
| CreateAzureRm-Infra | Share Terraform script that reveal how to create a VPC in Azure and how application client can create their resources |
Simple and Powerful
HashiCorp Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared among team members, treated as code, edited, reviewed, and versioned.
The following table is a quick comparison feedback between Terraform and Azure ARM template.
| Comparison | Terraform | ARM Template |
|---|---|---|
| Pro | Common language to deal with several providers (Azure including AzureRm and Azure AD, AWS, Nutanix, VMware, Docker,...) Detect if a resource's parameter could be updated in place or if the resources need to be re created Compliant test could be done easily to ensure that what you have deployed remains coherent Facilitating CICD testing as the "plan" function tells you exactly what need to be done If the Terraform resource doesn't exist we can execute ARM template from the Terraform resource "azurerm_template_deployment" |
Microsoft Azure ownership Variety of parameters types Deployment log stored in the Azure Resource Group |
| Cons | Could not use secure object as parameter New release might not be delivered as fast if it was the provider own tool Authentication with service principal & certificate is not supported yet #2471 |
AzureRm only No option to preview what change should be done The deployment mode "complete" permits to guarantee that your RG contains exactly what you want but the ARM template could be hard to read depending on the number of resources you put on it |
About the Terraform's modules
On of the objective here is to share Terraform custom modules with the community with the following guidelines :
- a module is used when we need to call a given number of resources several times and the same way, for exemple : when creating a VM we need nic, disks, backup, log monitoring, etc ..
- a module doesn't contain any static values
- a module is called using variables