This repository contains Terraform sample code for Azure - mostly smaller deployments, labs, test environments. These are environments I used to demonstrate/test. Feel free to use these as you wish! 😄
Due to the fact that some of the Terraform Projects in this Repository are unlikely to be used alone, the samples provided may also contain supporting elements. So in some cases, items like Resource Groups, VNETs, Subnets and more are deployed to support whatever is being demonstrated.
To utilise the code you may therefore just deploy as is and see the concept being demonstrated, without needing to adapt the code or rework it. You can then take any elements you require and work them into your code, to move forward from there.
- Part 1 - Setup and Tooling
- Part 2 - Running our first deployment
- Part 3 - Tips Tricks and Further Reading
I have setup a Chocolatey script that will provide all the tools you need to work with Terraform on Azure - see here or use the Chocolatey install script below:
# Chocolatey setup and installation script for using Terraform
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
# Chocolatey apps
choco install vscode -y -no-desktopshortcuts
choco install terraform -y -no-desktopshortcuts
choco install azure-cli -y -no-desktopshortcuts
These projects can be deployed easily using GitHub Actions - for a full guide, please see here.
For most of the Projects the following files are provided:
- azuredeploy.tf
- variables.tf
- terraform.tfvars
- provider.tf
These should be placed into a directory, and then Terraform initialised and applied. (Note: some larger projects split out the Terraform elements into separate files for sanity reasons.) Note that for some projects the TF Files are split out into seperate files for ease of use!
Please reach out to me via my Website or Twitter - I am happy to create new projects or collaborate!
Please open an issue, or feel free to create a pull request. You can also reach out to me via my Website or Twitter! :)
This creates a data item that gets the external IP of the machine that is running Terraform. The IP is then used to create an inbound security rule inside a Network Security Group. See: Automatic-ClientIP-NSG
This creates an Azure Key Vault using a random name like "keyvault##########", and then creates a password string, using the random_string resource, which is stored inside the KeyVault. This can then be used during the setup of VMs with Terraform . See: Azure-KeyVault-with-Secret
✅ Note: Now updated to V2 - see Single Region Azure Base Lab V2. This code creates a simple Lab environment within a Single Azure Region. The idea here is that it allows for quick deployment of VNETs, Subnets, and a Domain Controller to simulate smaller environments or provide a quick lab for any test requirements. See: Single-Region-Azure-BaseLab
This code creates a simple Lab environment within a Single Azure Region, and also includes an Ubuntu VM with Ansible installed. The idea here is that it allows for quick deployment of VNETs, Subnets, and a Domain Controller to simulate smaller environments or provide a quick lab for any test requirements, and also to provide Ansible. See: Single-Region-Azure-BaseLab-with-Ansible
This code creates a simple Azure Environment with an Ubuntu Server VM, and uses a Custom Script Extension to install Ansible. You can then use Ansible as you require. See Ansible-Quickstart
This code creates a simple Lab environment within two Azure Regions. The idea here is that it allows for quick deployment of VNETs, Subnets, and two Domain Controllers to simulate smaller environments or provide a quick lab for any test requirements. See: Dual-Region-Azure-BaseLab
This code creates a simple Lab environment within two Azure Regions. A number of Azure NetApp Files Resources are also provisioned ready for setting up a basic Active Directory Domain, and then configuring Azure NetApp Files, with Cross Region Replication. This Lab is covered in detail on my blog, and was the subject of a user group talk, for which the slides are available in my events repo: See: Azure-NetApp-Files-CRR-BaseLab
This code sets up an Azure Base Lab, based on the Single Region Lab above, but also includes Azure Firewall. Firewall options, policies, and deployment settings can be tested using this lab. See: Azure-Firewall-Baselab
This code sets up an Azure vWAN Demo Lab. Based on a two Region deployment, with documentation. See: Virtual-WAN-Demo Details of this Lab are also available on my blog here.
This code sets up an Azure Base Lab, based on the Single Region Lab above, but installs IIS onto the VM it creates using a Custom Script Extension. See: Web-Server-IIS-DemoLab
This code demonstrates the use of the cidrsubnet function, and shows how it can be used to create an environment whereby network CIDR ranges can be specified once, and then Terraform used to do the splitting of networks easily. See: CIDRSubnet-Demo
This code demonstrates the use of the cidrhost function, and shows how it can be used to create an environment whereby host IP addresses can be calculated from a network CIDR range. This demo includes showing usage within Virtual Network DNS Servers, Network Interfaces, NSGs, and Route Tables. See: CIDRHost-Demo
This code sets up a demonstration environment to support a blog post around Azure Chaos Studio. It builds out a deployment of Windows Servers, running IIS, across two Regions. Azure Load Balancer, Firewall, and Traffic Manager are then used to provide Load Balancing and Failover. See: Chaos-Studio-Test. The blog post for this environment is also available here.
Updated from my Single Region Azure Base Lab - This V2 version creates a simple Lab environment within a Single Azure Region. The idea here is that it allows for quick deployment of VNETs, Subnets, Domain Controller/Additional VMs to simulate smaller environments or provide a quick lab for any test requirements. Now includes optional features, enabled/disabled via Variables; Azure Bastion, Azure Firewall, AVD Supporting Elements, and a Virtual Network Gateway. See: Single-Region-Azure-BaseLab-v2
This environment creates a simple Azure Automation Demo Environment, along with a PowerShell runbook. A schedule that is used to trigger the runbook is used - which then shuts down VMs based on a Tag. See: Azure-Automation-Demo