Continuing our Part 1, we already set up our environment, we can now setup our very first example (do not worry if is too simple at this point, but this is just to understand how it works).
Example 1: Deploy an Azure Resource Group
I think the Azure Resource Group is the most basic Azure resource, so we will verify our setup is ok by deploying one.
First, create your project folder on your local machine, in my case I am using C:TerraformTerraform_AZ_example but you can use any path you want.
Then, open that folder in VSCode:
cd C:TerraformTerraform_AZ_example code .
Or use the GUI to open the folder:
Once opened, I like, as a best practice to add this .gitignore file even when you work locally, so sensitive information and Terraform state is not uploaded if you decide source to GitHub:
# Local .terraform directories **/.terraform/* # .tfstate files *.tfstate *.tfstate.* # Crash log files crash.log crash.*.log # Exclude all .tfvars files, which are likely to contain sensitive data, such as # password, private keys, and other secrets. These should not be part of version # control as they are data points which are potentially sensitive and subject # to change depending on the environment. *.tfvars *.tfvars.json # Ignore override files as they are usually used to override resources locally and so # are not checked in override.tf override.tf.json *_override.tf *_override.tf.json # Include override files you do wish to add to version control using negated pattern # !example_override.tf # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan # example: *tfplan* # Ignore CLI configuration files .terraformrc terraform.rc
Let us create a main.tf file:
The first step is to add the Azure provider, you can find the providers at https://registry.terraform.io/
Click on providers and then select Azure:
Click on Use Provider, and then select the code snippet shown:
Copy it to your main.tf, and inside the provider block, add this line of code: features {} as this is required, your code should look like this:
Next step is to add to the end of same script a resource of type Resource Group, as this is the most basic:
resource "azurerm_resource_group" "MyRG" {
name = "RG_TF_Tests"
location = "East US"
}
On this case MyRG is the Terraform identifier for the resource, we will access the resource in the script using that name, and name is the name of the deployed resource into Azure.
For any resource, we can check the provider documentation to find examples and possible parameters we can configure:
Once done, we are ready to deploy our first resource.
Following Terraform lifecycle, we must execute init, for this, open a new terminal into VSCode and run
Terraform init
This will download required plugins into .terraform folder and create some other files that will be out of scope for now.
Next is to validate syntax, so run
Terraform validate
Everything looks ok, so we now need to plan the deployment, so run
Terraform plan
We will see the proposed changes to our infrastructure (new resource group creation)
Note: it is possible to skip the Terraform validate and Terraform plan steps and jump from init to apply if you are confident with the changes you will perform, but I advise you to run those steps every time as a double-check.
Once we are ok with the proposed plan, we can deploy it using
Terraform apply
It will ask for our confirmation to proceed with the changes, type yes. (It is possible to skip this confirmation with the -auto-approve flag):
This step can take some time since the process is done using API calls. So, after some wait, we can confirm the changes were done:
We need to validate, that the resource was properly created, to do that, login to your Azure console and go to resource groups, if everything is ok, you will see the resource there:
What if we want to modify the resource? For example, let us add a tag to the resource. Modify the resource block adding the tags block:
resource "azurerm_resource_group" "MyRG" {
name = "RG_TF_Tests"
location = "East US"
tags = {
environment = "Modification tests"
}
}
Save the main.tf file.
This time, we will skip directly to Terraform apply using auto approve:
Terraform apply -auto-approve
We can see that the resource was just updated with the new tag.
Validate it on the Azure portal:
On the next example we will create and configure an Azure SQL database inside this resource group.