Hope you are enjoying learning the magic of Terraform and seeing its endless possibilities in designing and deploying your cloud landscape. In this blog post we will review the concepts we have covered to date.
Azure Providers
In part 2 of this series we covered Terraform Providers, specifically the Azure Provider (azurerm). We also deployed a features block, which is a requirement but can be left empty.
provider "azurerm" {
features {}
}
Resource Group
In part 3 we covered deploying your first resource Azure Resource Group. A container that would go onto to hold all the cloud resources we will deploy.
resource "azurerm_resource_group" "ftrg001" {
name = "FT23-RG-001"
location = "uksouth"
tags = {
environment = "dev"
}
}
The code bock also introduced our first optional argument, tags. You will notice in most environments tags are forced through policy, deploying resources tagging will be enforced. For further information click the following link.
We also took a moment to cover the main Terraform commands we will be using,
Command | Description |
terraform init | Initializes a Terraform working directory, preparing it for configuration and resource management. |
terraform validate | Validates the syntax and structure of the Terraform configuration files. |
terraform plan | Generates an execution plan, showing the proposed changes to infrastructure before applying them. |
terraform apply | Applies the changes specified in the Terraform configuration, creating or modifying resources. |
terraform destroy | Destroys all resources created by Terraform, effectively reverting the infrastructure to its initial state. |
Azure Networking
In part 4 we covered Azure networking, specifically creating a VNET and Subnet that will be used by future deployed resources.
resource "azurerm_virtual_network" "ftvnet" {
name = "ftvnet01"
address_space = ["10.10.0.0/16"]
location = "uksouth"
resource_group_name = azurerm_resource_group.ftrg001.name
tags = {
environment = "dev"
}
}
We covered the concept of Terraform being Idempotent. Terraform will only update infrastructure in your environment that has changed based on the code you define. In our example, deploying the VNET and Subnet to the existing resource group did not effect previously deployed resources, they were not deleted or re-created.
You may have also noticed, certain resources defined within the code block, resource_group_name we have not typed out the name of the resource group but referenced its alias and the name attribute of that alias, azurerm_resource_group.ftrg001.name. to break this down,
- azurerm_resource_group: This is the Terraform resource type for Azure Resource Groups. It’s part of the azurerm provider, which is responsible for managing Azure resources.
- ftrg001: This is an alias or name given to the specific instance of the azurerm_resource_group resource. When defining resources in Terraform, you provide a name or alias making it easier to refer to that resource in other parts of your configuration.
- .name: This is accessing the name attribute of the azurerm_resource_group resource. In our example code we named out resource group FT-RG-001
We can also use aliases to refer to these resources, a topic we will cover in future blog posts.
Azure NSG
In part 5 Azure NSG took centre stage as one of the guardians of your Azure Azure Cloud environment. NSG allowed you to defined traffic rules for both inbound and outbound traffic
resource "azurerm_network_security_group" "ftnsg01" {
name = "ft-test-nsg01"
location = "uksouth"
resource_group_name = azurerm_resource_group.ftrg001.name
security_rule = [
{
name = "SSH"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
Through out the series we have used a number of Azure CLI commands to validate our and deployments.
AZ CLI Commands
The commands have been consolidated into the following table for your referance,
Command | Description |
---|---|
az login | Authenticate to Azure |
az account set --subscription <ID> | Set the active Azure subscription |
az group create --name <name> --location <location> | Create an Azure Resource Group |
az group delete --name <name> --yes | Delete an Azure Resource Group |
az group list | List all Azure Resource Groups |
az vm create --resource-group <rg> --name <vm-name> --image <image> | Create an Azure Virtual Machine |
az network nsg rule create ... | Create a rule in a Network Security Group |
az network vnet create ... | Create an Azure Virtual Network |
az network vnet subnet create ... | Create a subnet in an Azure Virtual Network |
You may be wondering how Terraform keeps track of all the changes you make to your environment. This is the magic of Terraform State. We will cover Terraform State in our next post in this series. Happy reviewing.