Important thing first
If you just started to learn Terraform take a look at my blog Get started with Terraform.
Now clone project from Azure DevOps, we created in previous blog and open folder with Visual Studio Code.
If you want to look at my public project TerraformConfiguration, run following command
git clone https://[email protected]/sergeydotnet/TerraformConfiguration/_git/CreateAzureResourceGroup
We are starting to create resource group and create new file main.tf. Resource group is a good way to group resources in Azure. Typically, you have resource group per environment f.ex. Development, Test and Production.
Paste following code to main.tf file
provider "azurerm" {
version = "=2.0.0"
features { }
}
resource "azurerm_resource_group" "rg" {
name = var.resource_group_name
location = var.location
}
First we are specifying the AzureRM version. Take a note here we start to use variables. Add new file and call it variables.tf and paste following code
variable "resource_group_name" {
description = "The name of resource group "
}
variable "location" {
description = "Location "
}
Here we just list all variables we are going to use. To create resource group we need just the name of the resource group and the location.
To check all available locations in your subscription use Azure CLI. Install Azure CLI from here
az account list-locations
The structure looks like this
Now we are ready to run some magic terraform command and start with
terraform init
Then
terraform plan
Provide now values for your variables
You get output something like this
Terraform telling you that one Resource Group will be created.
Then run
terraform apply
Now you have to specify your variables again.
Then Terraform ask you
and you have to say yes
It's kind of cumbersome to provide all this variables each time you want to run plan or apply commands. To simplify that create another file and call it terraform.tfvars
subscription_id = ""
tenant_id = ""
client_id = ""
client_secret = ""
resource_group_name = "BestResourceGroup"
location = "westeurope"
Provide your values.
subscription_id and tenant_id you can get from the Azure portal or just use Azure CLI and run
az login
login using correct account and you get the list of all subscriptions, connected to this account
The output looks something like this
id is subscription_id and tenantId is tenant_id.
To get client_id and client_secret read my blog Create Service Principle.
Run
terraform apply
If your values are correct you get your brain new resource group
Then we have to modify our .gitignore file to ignore some auto generated files and secrets
Open your .gitignore file and add
#Terraform
**/*.tfstate*
**/*.tfvars
.terraform/
We are just telling to git to ignore files generated by Terraform and all our secrets. Important point here that file terraform.tfstate generated by Terraform, includes all id's Terraform generates for you and terraform.tfvars including sensitive information. That's why these files is your secrets and shouldn't be in the source control.
Now we can commit and push changes we have done.
Next we are going to use Azure DevOps to run our Terraform configuration we just created. Read my next blog Using Terraform with Azure DevOps.
Links in this blog
Using Terraform with Azure DevOps