Recently, I teamed up with HashiCorp’s Nic Jackson to deliver a high-level look at using HashiCorp’s Terraform with Microsoft Azure. We covered a quick background of HashiCorp’s founding, what industry needs inspired Terraform’s creation, and how Terraform helps build an easy-to-follow template of one’s infrastructure – as code! We also demonstrated the use of Terraform configuration files to manage the deployment of your infrastructure as code effortlessly on top of Microsoft Azure.
During the session, we received a large number of really great questions around Terraform and it’s use on Microsoft Azure. Below is a list of the top questions we received and the answers.
Other questions? Find me on Twitter @zdeptawa – any questions or comments, as well as jokes or puns, are always welcome!
Is there a list of Azure features/services currently supported by Terraform?
For a list of all Azure features and services supported you can go to http://aka.ms/terraform. Anything not shown here is not supported yet.
What is the difference between Terraform and Terraform Enterprise?
Terraform Enterprise is designed to integrate into your company workflow. It has features such as approval, policy as code with sentinel, remote state – all right out of the box. You can of course achieve this with the open source offering as well, but you’d have to build and maintain those features yourself. More info here.
How do you avoid hard-coding login credentials when creating a Windows VM in Terraform?
You can store them securely in Azure Key Vault or use Managed Service Identity if you’re using Azure Active Directory.
Can you force ‘terraform apply’ to run without need for an interactive entry of ‘yes’? For example, kicking off a Terraform run via Jenkins… is it possible?
Yes! You would want to use the ‘-auto-approve’ flag when issuing the run. More here.
Is there a way to lock Terraform Module versions?
Yes. If you’re using the Terraform Module Registry as the source, you can use the ‘version’ attribute within the module in a Terraform configuration file. If you’re using a GitHub repository as the source, you can specify branches and versions within the query string using ‘?ref’. Additional info here.
Are Azure Virtual Machine Scale Sets fully supported?
Yes. Virtual Machine Scale Sets are fully supported. This is our recommended immutable compute layer.
Will Azure Functions be supported in Terraform?
Yes. We are close to having this functionality. Look for the release in early Spring.
Are Azure Availability Zones managed similarly to other cloud providers? Will Terraform support this?
Azure Availability Zones are located within a region. Each has its own independent power source, network, and cooling. Any Availability Zone enabled region has a minimum of three availability zones. Being Azure Availability Zones are still in preview, the AzureRM Terraform provider does not currently have a resource to allow management of availability zones. New Terraform AzureRM resources and features are being worked on as I type this – so make sure to check back as this should be added in short order – or when Availability Zones are out of preview. A quick side note to this – while not the same, you do have the option of using Azure Availability Sets within the Terraform AzureRM provider right now. More on Azure Availability Zones here and more on Azure Availability Set resources here.
How can I upload files into the Azure Cloud Shell to be used by my Terraform run?
You’d want to use a mounted file share similar to any container. More info on that here.
Is it possible to use callbacks with Terraform on Azure? For instance, sending a callback to a logging system, to a trigger, or to other events?
Yes. This can be done using Azure Event Hubs. This functionality is already available within the Terraform AzureRM provider today. More info on what the Azure Event Hubs service is here, as well as info on the Azure Event Hubs resource in Terraform here.
If you’d like to give Terraform and Azure a spin, check out the docs here. Terraform now comes preinstalled on the Microsoft Azure Cloud Shell, right in the portal.
If you’d like to check out the complete webinar with me and Nic, here it is on-demand.