Mastering the Basics: Terraform and Infrastructure as Code in Azure

Introduction Managing cloud infrastructure manually is slow, error-prone, and impossible to scale. Infrastructure as Code (IaC) solves these problems by allowing infrastructure to be defined, deployed, and maintained with code. Terraform has become the go-to IaC tool because of its declarative approach, multi-cloud support, and ability to track infrastructure changes over time. This article will walk through the fundamentals of Terraform, covering why manual provisioning causes problems, how Terraform improves cloud management, and key best practices to ensure scalable and secure deployments. Continue reading

Terraform State Management in Azure: Don’t Let Your Backend Bite You

🥇 Your Terraform state file is the source of truth for your infrastructure. Lose it, and you might as well be deploying blindfolded. But how could you manage it properly in Azure? ⛈️ Why Terraform State Matters (And Why It Can Ruin Your Day) Terraform needs a state file to track the real-world infrastructure vs what your code says should exist. If that state file disappears, gets corrupted, or is being fought over by multiple deployments, you’re in for a world of pain. Continue reading

Why Terraform?

Intro I’m often asked if Microsoft provides the ability the deploy resources into Azure using Azure Resource Manager templates (ARM Templates) then why would I use Terraform for CI/CD deployments? In this post, I’ll try to answer this and provide an understanding of the differences and why, in my opinion, Terraform is the most versatile and agile tool available for IaC deployments. Why Infrastructure as code? Anyone who’s spent anytime deploying to Azure knows that the user interface is intuitive and that it guides you through the creation of deploying resources really well, prompting you for missing information and providing handy tooltips. Continue reading

Create enterprise applications for external access using Terraform

3rd party services such as threat management tools for Azure can add incredible value but to access services, they need a secure way of connecting to the platform. Enterprise Application give full IAM (Identity and Access Management) control and can be used to provide granular access to services. During deployment I found a need to automate the following elements: Registration of application within Azure with customized API permissions Creation of Enterprise application (Service Principal) linked to application Creation of client secret with no expiry date Creation of custom RBAC Assign app to subscriptions using custom RBAC role To make sure this process was repeatable easily and at scale the following Terraform elements were used. Continue reading

Deploy VM from Azure Marketplace image using Terraform

During code deployment via terraform to Azure, it’s useful to be able to reference marketplace-based images to support the deployment of 3rd party services. This brief guide will cover how to find an image and then how to use that data to deploy, in this case, an AlertLogic Linux VM. Windows images can be found in the same manner. For the purpose of this example, I will deploy Alert Logic Professional - BYOL. Continue reading