In a cloud-first world, manual infrastructure management consumes time and is prone to errors, acting as a complete barrier to agility and scalability. Infrastructure management by Code is what solves this problem, wherein you have the ability to define and manage your infrastructure using code. Terraform is a very popular open-source software tool by HashiCorp for IaC, allowing users to provision and manage cloud resources on a number of providers, including Microsoft Azure.
Prerequisites
- Azure Account
- Terraform CLI
Terraform Code
1. Provider Configuration(main.tf)
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.0"
}
}
}
provider "azurerm" {
features {}
}
2. Resource Group
resource "azurerm_resource_group" "example" {
name = "my-terraform-rg"
location = "centralindia"
}
3. Virtual Network
resource "azurerm_virtual_network" "example" {
name = "my-terraform-vnet"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
address_space = ["10.0.0.0/16"]
}
4. Subnet
resource "azurerm_subnet" "example" {
name = "subnet-1"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.0.1.0/24"]
}
5. Network Security Group
resource "azurerm_network_security_group" "example" {
name = "my-terraform-nsg"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
security_rule {
name = "AllowSSH"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
6. Virtual Machine
resource "azurerm_linux_virtual_machine" "example" {
name = "my-terraform-vm"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
size = "Standard_DS1_v2"
network_interface_ids = [azurerm_network_interface.example.id]
admin_username = "azureuser"
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
admin_ssh_key {
username = "azureuser"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC... your public key ..." # Replace!
}
}
resource "azurerm_network_interface" "example" {
name = "nic-terraform-vm"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
ip_configuration {
name = "primary"
subnet_id = azurerm_subnet.example.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.example.id
}
}
resource "azurerm_public_ip" "example" {
name = "public-ip-terraform-vm"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
allocation_method = "Static"
}
resource "azurerm_network_interface_security_group_association" "example" {
network_interface_id = azurerm_network_interface.example.id
network_security_group_id = azurerm_network_security_group.example.id
}
Terraform Execution
- terraform init: to initialize the backend
- terraform plan: to validate and check the resources
- terraform apply: to spin up the new resources
- terraform destroy: to remove/destroy the resources
This blog post showed how to use Terraform to define and provision simple Azure resources such as Resource Group, Virtual Network, Subnet, Network Security Group, and Virtual Machine. By adopting Infrastructure as Code with Terraform, you are able to automate your Azure deployment, increase consistency, streamline collaboration, and ultimately manage your cloud infrastructure more effectively and reliably.
You can refer to Terraform documentation to get the templates for all the resources. I hope you are able to understand what IAC is and how it is helpful in the real world.