We start with my public Azure DevOps project TerraformConfiguration. To get started with Terraform read my blogs:

Create a new Azure DevOps repo. Read this blog how to do it Create a new project Azure DevOps and call it AzureAppService


New repository

Click on Create.

Remember to edit your .gitignore file to ignore some auto generated files and secrets

Open your .gitignore file and add


Take a look at my repo.

Open the folder using Visual Studio Code and add all necessary files for Terraform. The structure looks like this


Now we just copy some code from Terraform documentation how to create azure app service and simplify it


resource "azurerm_resource_group" "rg" {
  name     = "${var.resourceGroupName}"
  location = "${var.location}"

resource "azurerm_app_service_plan" "app_plan" {
  name                = "${var.appServicePlanName}"
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.rg.name}"

  sku {
    tier = "Standard"
    size = "S1"

resource "azurerm_app_service" "app_service" {
  name                = "${var.appServiceName}"
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.rg.name}"
  app_service_plan_id = "${azurerm_app_service_plan.app_plan.id}"

  app_settings = {
    "SOME_KEY" = "some-value"

Some important features here

  • take a note how we are using variables, the syntax is kind of strange and kind of familiar if you have used MSBuild at some point of time. ${var.appServiceName}
  • we are kind of connecting app service with app service plan and the syntax for this ${azurerm_app_service_plan.app_plan.id}
  • we are just defining app_settings. This is values from our config file or environments variables. Here I am just showing how to do it. Later I will define some real variables


variable "appServiceName" {
  type        = "string"
  description = "The name of app service"

variable "appServicePlanName" {
  type        = "string"
  description = "The name of app service plan"

variable "resourceGroupName" {
  type        = "string"
  description = "The name of resource group"

variable "location" {
  type        = "string"
  description = "Location"

variable "subscriptionId" {
  type        = "string"
  description = "Subscription id"

variable "tenantId" {
  type        = "string"
  description = "Tenant id"

variable "clientId" {
  type        = "string"
  description = "Client id"

variable "clientSecret" {
  type        = "string"
  description = "Client secret"

This is just the list of our variables used in the main.tf



This is the values for variables we defined in the variables.tf

Just provide your values in this file. Read my blogs as I mentioned in the beginning of this post for detailed explanation.

Push all this files to Azure DevOps.

Remember azureAppService.tfvars should not be included in the repo.

Now we create a build pipeline as explained here  and call it AzureAppService.

We are using azureAppService.tfvars as Secure Files.

Run the build definition by clicking Queue


Take a look to the logs


And the result is the new resource group with app service and app service plan

App Service and App Service Plan
Application settings

Here is the build steps we created.

Again this blog explains everything in depth.

And here is the YAML representation of these steps

- task: charleszipp.azure-pipelines-tasks-terrafo[email protected]0
  displayName: 'Use Terraform 0.11.13'
    terraformVersion: 0.11.13

- task: [email protected]
  displayName: 'Download secure file'
    secureFile: 'eb938478-d95b-4d23-840d-4e02464df212'

- task: [email protected]
  displayName: 'Copy Files to: $(Build.SourcesDirectory)'
    SourceFolder: '$(Agent.TempDirectory)'
    TargetFolder: '$(Build.SourcesDirectory)'

- script: 'terraform init'
  displayName: 'Terraform init'

- script: 'terraform apply -var-file=azureAppService.tfvars -auto-approve'
  displayName: 'Terraform apply'

- task: [email protected]
  displayName: 'Delete files from $(Build.SourcesDirectory)'
    SourceFolder: '$(Build.SourcesDirectory)'
    Contents: '**'

Read this post to understand how to create build pipeline using YAML.

Next time we are going to add some more resources and add Application Insights, Azure SQL and show how we will define connection string in the application settings

My public Azure DevOps project TerraformConfiguration

AzureAppService repo

Get started with Terraform

Using Terraform with Azure DevOps

Using Terraform with Azure DevOps using YAML

Create a new project Azure DevOps

Terraform documentation how to create Azure App Service