Scholz Azure Terraform

Configuration

Create the file secret/main.json with the following content:

{
  "tenant_id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "client_id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "client_secret": "xxxxxxxxxxxxxxxxx"
}

The "tenant_id" property corresponds to the Azure AD tenant ID. Specify the value of the client properties as described in the following section.

Authentication

The Terraform projects makes use of one Azure Service Principal account for authenticating to Azure.

Create the Azure Service Principal account in Azure.
Generate the secret for the Azure Service Principal account in Azure.
Insert the "client_id" and "client_secret" values into the secret/main.json file.
Assign the "Contributor" and "Resource Policy Contributor" RBAC roles on the "Scholz Recycling" Management Group to the Service Principal account.

Terraform State

The Terraform state of the Terraform projects are stored into an Azure Storage account.

Create the Azure Storage account, and the blob container.
Configure the Terraform provider "azurerm" in every Terraform project.

Terraform Project Initialization

For each Terraform project, initialize the Terraform project. This procedure have to be done the first time the Terraform project is created.

For example, run the following commands for the Terraform project of the Management subscription:

cd management/westeurope
terraform init -backend-config="secret/main.json" -reconfigure

Development

The last version of the Terraform state can be updated using the following command:

terraform state pull

Changes on the Terraform code can be verified and applied using the following Terraform commands:

cd management/westeurope
terraform plan -var-file="secret/main.json"
terraform apply -var-file="secret/main.json" -auto-approve

Format Terraform Code

find . -not -path "./migration/*" -type f -name '*.tf' -print | uniq | xargs -n1 terraform fmt

Terraform Import

one example --> creating new RG inside the azoure and import it to the terraform state first you need to create the RG inside Azure Then create the related module terraform.exe init -backend-config="secret/main.json" -reconfigure -lock=false terraform.exe plan -var-file="secret/main.json"

terraform.exe import -var-file="secret/main.json" <the resource name from terraform plan> <Resource ID from azure>


### Git Commands

git status
git checkout master
git pull origin master
git checkout -b "<Branch Name>"
git add .
git commit -m "<message>"
git push

tara-git Goto Github PK

Scholz Azure Terraform

Configuration

Authentication

Terraform State

Terraform Project Initialization

Development

Format Terraform Code

Terraform Import

tara-git's Projects

Recommend Projects

Recommend Topics

Recommend Org