title | description |
---|---|
Azure Virtual Network Design using Terraform |
Design 4-Tier Azure Virtual Network using Terraform |
We are going to design the 4-Tier Azure Virtual Network here
- Azure Virtual Network
- WebTier Subnet + WebTier Network Security Group (Ports 80, 443)
- AppTier Subnet + AppTier Network Security Group (Ports 8080, 80, 443)
- DBTier Subnet + DBTier Network Security Group (Ports 3306, 1433, 5432)
- Bastion Subnet + Bastion Network Security Group (Ports 80, 3389)
- Terraform
for_each
Meta-Argument
- azurerm_resource_group
- azurerm_virtual_network
- azurerm_subnet
- azurerm_network_security_group
- azurerm_subnet_network_security_group_association
- azurerm_network_security_rule
Create the providers.tf
file and add the providers.
Create the variables.tf
file and define
- Business division
- Environment
- Resource group name
- Resource group location
Create the locals.tf
file to define local values in Terraform
Create random-resources.tf
file and define myrandom
block
Create resource-groups.tf
file with the resource group.
- Virtual network, subnets, and subnet NSGs variables
- Virtual Network
- Subnets and subnet NSGs modules
- Web, App, DB, Bastion Subnets associated with the Network Security Groups
- Terraform Output Values for Azure Virtual Network
Create vnet-subnets-nsgs-variables.tf
file and define
- Virtual Network name
- Virtual Network address_space
- Virtual Network Web Subnet Name
- Virtual Network Web Subnet Address Spaces
- Virtual Network Web Subnet NSG inbound ports map
- Virtual Network App Subnet Name
- Virtual Network App Subnet Address Spaces
- Virtual Network App Subnet NSG inbound ports map
- Virtual Network Database Subnet Name
- Virtual Network Database Subnet Address Spaces
- Virtual Network Database Subnet NSG inbound ports map
- Virtual Network Bastion Subnet Name
- Virtual Network Bastion Subnet Address Spaces
- Virtual Network Bastion Subnet NSG inbound ports map
Create vnet.tf
file and the Virtual Network
- Create
\modules\subnets-nsgs
directory and createmain.tf
inside it. Create the subnet and NSGs in it. - Create
variables.tf
file in the module directory and fill it with the variables.- Name of the subnet
- Resource group name
- Virtual network name
- Subnet Address Spaces
- Resource group location
- NSG rule priorities and ports
- Create
outputs.tf
file in the module directory and output- Subnet name
- Subnet ID
Create subnets-nsgs.tf
file and create modules for
- Web subnet
- App subnet
- DB subnet
- Bastion subnet
Create outputs.tf
file and output the names and IDs of VNet and subnets.
# Terraform Initialize
terraform init
# Terraform Validate
terraform validate
# Terraform Plan
terraform plan
# Terraform Apply
terraform apply -auto-approve
- Azure Resource Group
- Azure Virtual Network
- Azure Subnets (Web, App, DB, Bastion)
- Azure Network Security Groups (Web, App, DB, Bastion)
- View the topology
- Verify Terraform Outputs in Terraform CLI
# Delete Resources
terraform destroy
terraform apply -destroy
# Clean-Up Files
rm -rf .terraform*
rm -rf terraform.tfstate*