Getting Started with Terraform and Azure


This article explains how to get started with Terraform and Azure.

Terraform is an open source language for deploying infrastructure as code. It supports all the 3 public cloud providers and also some of the private cloud providers (if this is what you want to call them).

It also supports a long list of other providers that you can view here.

This article assumes you are not using a remote git repository, so don't push the contents of these files to a remote repo as they contain sensitive information.

I will be writing a follow on article which covers Terraform and git.

Create a Service Principal in Azure

Terraform authenticates to Azure using a Service Principal

Go to Azure AD --> App registrations and click new registration

Click on Keys. Add a description and click Save. Copy the key when it is generated. Save this somewhere to use later. You only get one chance to save this.

You need to give the Service Principal some permissions in the subscription that you want to work with so navigate to Subscriptions and give the app some permissions using Access Control (IAM)

 

Terraform

Download Terraform from here

Add your Terraform directory to your Path variable so you don't have to keep typing in the full path every time you want to run terraform.exe

Visual Studio Code

If you are not already using Visual Studio code, I suggest downloading and installing it.

Download Visual Studio code from here.

Install an extension for Terraform Syntax highlighting

Terraform Visual Studio Extension

Restart visual studio

Click Plain Text in the bottom right of visual studio

Search for Terraform and select.

Copy some sample content into your code windows to get you started and save the file as .tf in a folder, sql-server in this example.

Note: In the sample content you need to change one of the references used to refer to resources (line 1 and 6). Both are named test) and this will cause the template to fail. Also update the references in the template to the variables (line 8 and 9)

You will also need to change the mysqlserver name (line 7) as this needs to be unique in the database.windows.net namespace.

At top of your .tf file add the following information that corresponds to your subscription, tenant, and Service Principle you created earlier

client_id corresponds to the Application ID of your Service Principle
client_secret is the key you generated earlier
tenant_id is your Azure Tenant ID which is your your Directory ID that can be retrieved by following the instructions here

Terraform Providers

In Terraform language, providers are the services (Azure, AWS, vSphere etc) that you are going to connect to to provision resources.

Each provider has a plugin which needs to be in the same directory as your .tf file. To install the plugin run terraform init against the directory containing your Terraform templates. This will create a .terraform directory in your template folder. The .terraform directory will contain the plugins required execute your templates.

Terraform plan

Run terraform plan to find out what Terraform will do when it deploys your configuration.

You will see which information Terraform is going to imput from the template and which information is going to be computed when it applies the template.

Terraform apply

You are now ready to apply your template. Run terraform apply

Terraform will apply all templates it finds in the directory. It's at this point that Terraform creates a terraform.tfstate file in your template directory. This file is very important, it should not be deleted and or edited.

Terraform uses this file to determine the state of your infrastructure for future additions, deletions, or changes to your template.

Terraform destroy

If you want to undo what you have just deployed, run terraform destroy

Summary

Hopefully from this blog post you can see the power of Terraform in deploying infrastructure in Azure. In my next post I will explain how to use Terraform variables and github for source control.