DEV Community

Cover image for Deploy Azure Infrastructure using Terraform Cloud
Aniket Kumar Sinha for This is Learning

Posted on • Edited on

Deploy Azure Infrastructure using Terraform Cloud

Note: You can get the whole code from this repository: aniketkumarsinha/azure-terraform-infrastructure

What is Terraform?
Terraform is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share.

Terraform Flow
  • First you have the terraform code.
  • Then we have Terraform Plan phase. The terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure.
  • Terraform Apply phase executes the actions proposed in a Terraform plan.
  • And everything gets deployed over the CSP, here Azure. Terraform Flow

What is Terraform Cloud?
Terraform Cloud is a managed service offering by HashiCorp that eliminates the need for unnecessary tooling and documentation for practitioners, teams, and organizations to use Terraform in production. It allows you to provision infrastructure in a remote environment that is optimized for the Terraform workflow.
Terraform Cloud Flow

In this blog, we will be creating Azure Infrastructure using Terraform and will be deploying it over to Azure using Terraform Cloud.

Infrastructure Code
We are creating a VM and resources related to it.

Setting up Terraform Cloud

  1. Create Terraform Cloud Account - Terraform Cloud
  2. Create a Project in Terraform Cloud: Image description
  3. Create a Workspace. Image description
    • Choose Version control workflow Image description
    • Connect to a version control provider Image description
    • Choose your Azure Infrastructure repository from your repository list. You can check the advance settings if you want to configure the workflow. Image description
    • Tap on Create Workspace button to create your workspace in terraform cloud Or Start new run from workspace overview page.
  4. You can directly start your plan phase. Image description
  5. You can verify in your projects page that your workspace has been created. Image description
  6. Open your workspace to start new run. Image description
  7. Choose your run type and start run. Image description
  8. Ouch!! Errors!! We are getting error in provider phase. The reason behind this is that we have authorized our infrastructure to connect and write over our Azure. We will be creating an App provide all the necessary details to our infrastructure. Image description

Authorizing Terraform Infrastructure to write over Azure

  • We are creating an App over Azure to authorize using Client Id, Client Secret and Tenant Id. So in your Azure Portal move into Azure Active Directory, and open App registrations from left pane, And add a new registration. Image description
  • Add your App details and register. Image description
  • So we have finally created our app. Image description
  • To connect our Infrastructure we need 4 details
    • Client Id
    • Client Secret
    • Tenant Id
    • Subscription Id We would be getting this one by one.
  • Application (client) ID is Client Id. Directory (tenant) ID is Tenant Id. Image description
  • To get the Client Secret, we first need to create the secret. Image description
    • Add description and expiry of this secret which you're creating.
    • Copy this value under Value column, and save it somewhere as we wouldn't be able to access this later. This is our Client secret. Image description
  • Search Subscription from search box and open your subscription. Copy your subscription id. Image description So now we have all the required values.
  • Let's add these values in our Infrastructure.
    • In the provider block add all four details. We would be saving the values in Terraform Cloud variables for security purpose. ```

provider "azurerm" {
features {}

skip_provider_registration = "true"

# Connection to Azure
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
}

 - Add variables in Variables page.
![Image description](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/giji6tny99ldozgyp2yb.png)
  - In `Key` add the words with var, i.e., var.`key`, and in `Value` add required Ids' and Secret.
![Image description](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/jns0v92i8f6phwqqt8c2.png)

Let's rerun the workflow!

Ohhhhh!!!! ERROR AGAIN!!!!
![Image description](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/pte3o0sq7lmlo9i8vem0.png)

But we are still left with some more code :P
We need to add variables.tf file mentioning about these variables.

And now finally we can get the results from Plan and Apply phase. Let's rerun the pipeline.

  • Wohooo!! Our Plan phase ran successfully: Image description
  • Expand Plan phase to check what resources are getting created. And if every configuration is fine then tap on Confirm & Apply button at the end of phase. So by default the Apply phase does not run automatically, we need manual approval, this is to make sure that someone checks the Plan output and verifies everything and then accordingly approve for Apply or reject. Image description
  • Error again 🫠 Image description
  • It seems our Azure app don't have permission to add anything. Let's provide the contributor role to our app.
    • Under Subscription, got to Access Control (IAM) and Add a role there. Image description
    • Add a Contributor role under Privileged administrator roles. Image description
    • Under Members tab, select our app as member. Image description
    • And then tap on Review+Assign. So now our App has contributor role and can make changes over Azure subscription. Image description
  • Rerun the pipeline. And wollaahh!! Everything ran successfully! Image description

Let's confirm over our Azure Portal too.
Yes we can see all our resources present under our subscription.
Image description

🤩🤩🤩🤩🤩🤩🤩

Damn!!!! We learnt so many things today. We first created the Terraform Infrastructure, setup our Terraform Cloud profile and then used it to deploy resources over Azure too. Now you can say you're a pro in Terraform and Terraform Cloud.

Let me provide you a bonus happiness. So the project which we configured over Terraform Cloud, automatically runs the workflow any branch is merged to the main branch or any new pushes are done to main branch.

You can get the whole Infrastructure as Code from this repository:

GitHub logo aniketkumarsinha / azure-terraform-infrastructure

Deploy Azure Infrastructure using Terraform Cloud

Deploy Azure Infrastructure using Terraform Cloud

Cover Image

Note: Tried of creating this doc as a demo with all process/steps in creating this project

What is Terraform?

Terraform is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share.

Terraform Flow

  • First you have the terraform code.
  • Then we have Terraform Plan phase. The terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure.
  • Terraform Apply phase executes the actions proposed in a Terraform plan.
  • And everything gets deployed over the CSP, here Azure. Image description

What is Terraform Cloud?

Terraform Cloud is a managed service offering by HashiCorp that eliminates the need for unnecessary tooling and documentation for practitioners, teams, and organizations to use Terraform in production. It allows you to provision infrastructure in a remote environment…



Share if your like the blog and follow for more!!

Enter fullscreen mode Exit fullscreen mode

Top comments (0)