Terraform on Azure

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

This template creates a Terraform workstation as follows:

  • Create a VM with system assigned identity based on the Ubuntu 17.10 image
  • Install the MSI extension on the VM to allow OAuth tokens to be issued for Azure resources
  • Assign RBAC permissions to the Managed Identity, granting owner rights for the resource group
  • Installs Terraform Open Source
  • Installs Azure CLI v2
  • Creates a Terraform template folder (tfTemplate)
  • Pre-configures Terraform remote state with the Azure backend
  • Optionally installs Ubuntu Mate Desktop environment for development

This template creates a new Linux VM with a MSI and deploys the MSI extension to the VM. The MSI associated with the VM is given owner permission on the resource group containing the VM. A shell script is then run on the VM using the customscript extension. This shell script installs Terraform and Azure CLI v2. It then creates a Terraform template folder that is preconfigured to use Terraform Remote State with the Azure backend. The Azure CLI also creates the storage container required by remote state. Optionally, this template installs Ubuntu Mate Desktop environment for usage as develolpment environment.

Steps to enable Remote State

Copy ~/tfTemplate/remoteState.tf from home directory to the root of the Terraform scripts to enable remote state management

Steps to enable MSI

Once the template is deployed, log into the vm and run the following command to enable MSI with terraform

 `sh ~/tfEnv.sh`

Tags: Microsoft.Storage/storageAccounts, Microsoft.Network/publicIPAddresses, Microsoft.Network/virtualNetworks, Microsoft.Network/networkSecurityGroups, Microsoft.Network/networkInterfaces, Microsoft.Compute/virtualMachines, SystemAssigned, Microsoft.Authorization/roleAssignments, Microsoft.Compute/virtualMachines/extensions, CustomScript