Important thing first

  • Repo is here or here if you prefer GitHub

If you just started to learn Terraform take a look at my blog Get started with Terraform.

Now clone project from Azure DevOps, we created in previous blog and open folder with Visual Studio Code.

If you want to look at my public project TerraformConfiguration, run following command

git clone https://[email protected]/sergeydotnet/TerraformConfiguration/_git/CreateAzureResourceGroup

We are starting to create resource group and create new file Resource group is a good way to group resources in Azure. Typically, you have resource group per environment f.ex. Development, Test and Production.

Paste following code to file

provider "azurerm" {
 version = "=2.0.0"
 features { }  

resource "azurerm_resource_group" "rg" {
 name     = var.resource_group_name
 location = var.location

First we are specifying the AzureRM version.  Take a note here we start to use variables. Add new file and call it and paste following code

variable "resource_group_name" {
 description = "The name of resource group "

variable "location" { 
 description = "Location "

Here we just list all variables we are going to use. To create resource group we need just the name of the resource group and the location.

To check all available locations in your subscription use Azure CLI. Install Azure CLI from here

az account list-locations

The structure looks like this


Now we are ready to run some magic terraform command and start with

terraform init


terraform plan

Provide now values for your variables

You get output something like this

Terraform plan

Terraform telling you that one Resource Group will be created.

Then run

terraform apply

Now you have to specify your variables again.

Then Terraform ask you

and you have to say yes

It's kind of cumbersome to provide all this variables each time you want to run plan or apply commands. To simplify that create another file and call it terraform.tfvars

subscription_id = ""

tenant_id = ""

client_id = ""

client_secret = ""

resource_group_name = "BestResourceGroup"

location = "westeurope"

Provide your values.

subscription_id and tenant_id you can get from the Azure portal or just use Azure CLI and run

az login

login using correct account and you get the list of all subscriptions, connected to this account

The output looks something like this

id is subscription_id and tenantId is tenant_id.

To get client_id and client_secret read my blog Create Service Principle.


terraform apply

If your values are correct you get your brain new resource group

Then we have to modify our .gitignore file to ignore some auto generated files and secrets

Open your .gitignore file and add


We are just telling to git to ignore files generated by Terraform and all our secrets. Important point here that file terraform.tfstate generated by Terraform, includes all id's Terraform generates for you and terraform.tfvars including sensitive information. That's why these files is your secrets and shouldn't be in the source control.

Now we can commit and push changes we have done.

Next we are going to use Azure DevOps to run our Terraform configuration we just created. Read my next blog Using Terraform with Azure DevOps.

Create Service Principle

Using Terraform with Azure DevOps

Terraform Configuration Azure DevOps project

GitHub repo