This article is contributed. See the original author and article here.
Welcome to our June Terraform on Azure bimonthly update! We hope the first update was helpful towards giving you insights on what the product team has been working on. This update is our first bimonthly update with collaboration between Microsoft and HashiCorp. We will be aiming for the next update in August!
The resources exposed by the AzureRM provider are what most customers think of and include in their configurations when managing Azure infrastructure with Terraform. Azure is always adding new features and services so we work hard to ensure that you can manage these when they are generally available (GA).
A new version of the provider is released weekly that includes bug fixes, enhancements and net new resources and data sources. Here are some notable updates since our previous blogpost:
- Auth v2 support for web apps (#20449)
- Key Vault keys support auto rotation (#19113)
- AKS cluster default node pulls can now be resized. (#20628)
For a full list of updates to the AzureRM provider check out terraform-provider-azurerm/CHANGELOG.md at main · hashicorp/terraform-provider-azurerm (github.com)
Azure Export for Terraform is a tool that seeks to ease the translation of Terraform and Azure concepts between each other. Whether it’s exporting your code into a new environment or creating repeatable code from an existing environment, we believe the tool provides functionality that simplifies tougher processes.
The Team has published comprehensive documentation for a variety of Azure Export for Terraform scenarios. We’re excited to have you test this exciting tool and provide feedback – both on the product as well as our documentation for it. Read the overview of the tool here: https://aka.ms/tf/exportdocs
We’ve also recently merged a PR that supports import blocks for Terraform 1.5 onward: https://github.com/Azure/aztfexport/pull/398. To read up on import blocks, check out the HashiCorp documentation here, and if you’re curious about the difference between Azure Export for Terraform and import blocks, we also have a pinned issue detailing this: https://github.com/Azure/aztfexport/issues/406
Last, but certainly not least, we’ve released a video for Azure Export for Terraform! Make sure to give it a watch, as it includes benefits, scenarios, and demos:
Have you ever encountered below problems related to modules:
- Modules are out of date, not actively supported, and no longer functional
- Cannot override some module logic without modifying the source code
- Get confused when you see multiple modules with similar functions
- When calling various modules, inconsistencies exist that cause instability to existing infrastructure
To help tackle the above problems and more, the Azure Terraform team has established a verified module testing pipeline, and only those modules that have passed this pipeline will be marked as “verified”. This pipeline ensures consistency and best practices across verified multiple modules, reduces breaking changes, and avoids duplication to empower the “DRY” principle.
We have now released nine Azure verified modules. We prioritized these modules based on customer research and telemetry analysis. Meanwhile, we have continuously updated our verified modules for bug fixes and feature enhancements. For instance, for the AKS verified module, we have added support for the linux_os_config block in default_node_pool and default node pool’s node taints. For a full list of updates to each module, please refer to the changelog: Azure/terraform-azurerm-aks: Terraform Module for deploying an AKS cluster (github.com).
For our next modules, we are planning on releasing modules for hub networking, firewalls and key vaults, with close collaboration with the broader developer community. We hope you become one of the proactive contributors to the Azure Terraform verified modules community as well!
The Terraform on Azure community is a key investment for our team in bringing the latest product updates, connecting you with other Terraform on Azure users, and enabling you to engage in ongoing feedback as we aim to improve your Terraform experience on Azure. This section will consistently speak on community related feedback or engagements. As always, register to join the community at https://aka.ms/AzureTerraform!
Our latest community call was on April 6th! The recording of the event is at https://youtu.be/Zrr-GXN6snQ and we hope you give it a watch. Ned Bellavance talks in depth about Azure Active Directory and OIDC authentication, and we spend some time exploring GitHub Copilot with Terraform.
We also announced our new slack channel, which you can join at https://aka.ms/joinaztfslack. Not only will you get access to fellow Azure Terraform community members, but also the product team.
Our next community call is June 22nd at 9 am PT. Make sure to register here. It’ll be a time of open discussion with the team on Terraform, Azure, and the future of AI. Come with your thoughts and opinions!
We are also taking applications to co-present with us at our community calls! Our only prerequisite is that you are a member of the community. If you are interested, fill out our form at https://aka.ms/aztfccspeakers and we will reach out if we like your topic! Don’t worry if you don’t get picked for the next one; we will keep your talk on file and may reach out later.
It’s been a busy couple of months in Azure Terraform documentation!
A key goal we’re making progress on is to bring the Terraform Azure-service documentation into parity with ARM Templates and Bicep. The object is to make it easier to find and compare Azure infrastructure-provisioning solutions across the various IaC options.
To that end, we’ve published 15 new Terraform articles covering many different Azure-service topics.
- Quickstart: Create an Azure Analysis Services server using Terraform
- Quickstart: Create an Azure API Management service using Terraform
- Quickstart: Create an Azure Batch account using Terraform
- Quickstart: Create an Azure CDN profile and endpoint using Terraform
- Quickstart: Create an Azure Cognitive Search service using Terraform
- Quickstart: Create an Azure Cognitive Services resource using Terraform
- Quickstart: Create an Azure Container Instance with a public IP address using Terraform
- Quickstart: Create a lab in Azure DevTest Labs using Terraform
- Quickstart: Create and configure Azure DDoS Network Protection using Terraform
- Quickstart: Create an Azure DNS zone and record using Terraforms
- Quickstart: Create an Azure key vault and key using Terraform
- Quickstart: Create an Azure Notification Hub using Terraform
- Quickstart: Create an Azure Stream Analytics job using Terraform
- Quickstart: Create a single database in Azure SQL Database using Terraform
- Quickstart: Create an Azure Traffic Manager profile using Terraform
Terraform at Scale
This ongoing section previously called Solution Accelerators details helpful announcements for utilizing Terraform at enterprise workflow scales.
First, an article was published on deploying securely into Azure architecture with Terraform Cloud and HCP Vault. Read this article to learn about how to use Microsoft Defender and incorporate HCP Vault cluster!
Second, Terraform Cloud has announced dynamic provider credentials, which enables OIDC with Azure in TFC. If you want a video explaining the benefits of dynamic credentials, check out a great presentation here.
Make sure to sign up for the Terraform on Azure June 22nd 9am PT community call here! We’ll be discussing in an open panel discussion with the team about the future of Terraform on Azure, especially regarding the latest developments in AI.
We’ll aim for our next blogpost in August. See you then!
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.