Why Terraform?
Intro I’m often asked if Microsoft provides the ability the deploy resources into Azure using Azure Resource Manager templates (ARM Templates) then why would I use Terraform for CI/CD deployments? In this post, I’ll try to answer this and provide an understanding of the differences and why, in my opinion, Terraform is the most versatile and agile tool available for IaC deployments. Why Infrastructure as code? Anyone who’s spent anytime deploying to Azure knows that the user interface is intuitive and that it guides you through the creation of deploying resources really well, prompting you for missing information and providing handy tooltips. Continue reading
Create enterprise applications for external access using Terraform
3rd party services such as threat management tools for Azure can add incredible value but to access services, they need a secure way of connecting to the platform. Enterprise Application give full IAM (Identity and Access Management) control and can be used to provide granular access to services. During deployment I found a need to automate the following elements: Registration of application within Azure with customized API permissions Creation of Enterprise application (Service Principal) linked to application Creation of client secret with no expiry date Creation of custom RBAC Assign app to subscriptions using custom RBAC role To make sure this process was repeatable easily and at scale the following Terraform elements were used. Continue reading
Deploy VM from Azure Marketplace image using Terraform
During code deployment via terraform to Azure, it’s useful to be able to reference marketplace-based images to support the deployment of 3rd party services. This brief guide will cover how to find an image and then how to use that data to deploy, in this case, an AlertLogic Linux VM. Windows images can be found in the same manner. For the purpose of this example, I will deploy Alert Logic Professional - BYOL. Continue reading