in this section

Terraform for Azure: A Beginner’s Overview

Ori Yemini

Ori Yemini

CTO & Co-Founder

Azure Icon and Terraform Icon

in this section

Terraform is an open-source tool made by HashiCorp. It helps simplify the deployment and management of cloud services. Now, it supports almost all the cloud providers, including Azure. The goal of this guide is to provide a clear view of Terraform on Azure. It combines the power of declarative infrastructure management with many Microsoft Azure services.

What is Terraform and Why Use It?

Terraform is an infrastructure-as-code tool. Using this tool, you can define configuration files that allow you to deploy and configure infrastructure-based resources. So let’s get an example: a company needs to host an application on a set of infrastructure-based resources. If you’re familiar with the Azure cloud, you already know how to host applications on Azure virtual machines, host data within Azure Storage accounts and Azure SQL databases.
Sometimes you may provision these resources manually via the cloud web console and then deploy the application. But let’s assume there is an application that also has a test environment in place. As part of this environment, you have the same set of resources that need to be deployed. There are:

 

  • Two VMs
  • One Azure Storage account
  • One Azure SQL database.

 

Now whenever the testing phase starts, you need to create these resources and deploy your application. As soon as the testing is complete, you need to go ahead and delete the infrastructure because, you know, keeping this infrastructure in place increases costs. When the testing phase is complete, you delete the resources. Whenever testing is required to be conducted again, you recreate the resources and deploy the application. The newer version of the application test is complete. Then we need to go ahead and delete the environment again. So all of this is a headache.

Azure Code Configuration File

As a DevOps/Cloud engineer, you may need to recreate the environment repeatedly with the same environment, the same set of virtual machines, the same Azure SQL database, and the same storage account. It’s a manual task, and you need to recreate the environment every time. Secondly, the repeated task of recreating resources is also prone to errors.
You need to have an infrastructure that always has the same configuration. But when you’re manually creating resources, you are prone to making errors. You might put in the wrong configuration for one of the infrastructure-based resources. So we can avoid all of this. We can define the infrastructure that we want to have at hand by using or declaring it within a code configuration file. This code configuration file would declare all of our infrastructure base resources, and then we can use Terraform to deploy the resources on demand using that configuration file.

 

Terraform flow - how to set Azure Provider
Terraform on Azure

How to Set Up Terraform on Azure

Step1) Set Up Terraform

First, you need to get Terraform on your local machine. Go to the terraform documentation page and when it comes onto the various downloads available for Terraform. You have it available for Mac OS, Windows, Linux, etc. Since I’m on a Windows-based device and this demo, you can see how to set up terraform on Windows.

Step2 ) Operating System heading

Under the Operating System heading, select the Windows tab. The latest version is preselected.Screenshot from Terraform

Select 386 for 32-bit systems or AMD64 for 64-bit systems.

Step 3) Unzip – terraform path

Unzip the downloaded file. (use the C:\terraform path) Remember this location so you can add the path to the environment variables.Terrafrom.Exe Icon
You don’t need to run the file. Just add Terraform to the Windows environment variables. This will help the system recognize it.

Step 4) add the Terraform executable

To add the Terraform executable to the system’s global path, open the start menu. Type “environment” and click on “Edit system environment variables.” The System Properties window opens.

Step 5) Environment Variables

Click the Environment Variables button.

Step 6) Path variable

Select the Path variable in the System variables section to add terraform for all accounts. Alternatively, select Path in the User variables section to add terraform for the currently logged-in user only. Click Edit once you select a Path.

Click New in the edit window and enter the location of the Terraform folder.

Select the “Path” variable and click “Edit.” Append the path to the Terraform executable to the end of the variable value (e.g., C:\terraform\terraform.exe).

Finally, click OK on all windows to apply the changes.

How to Verify Installation

Open a new command-prompt window and enter the command to check the Terraform version:

c:\users\admin\teraform
c:\users\admin\teraform

terraform -version

Everything is set. We have Terraform now running on our local machine.

Now you need to configure Azure CLI to authenticate Terraform with the Azure cloud. Go to the Microsoft official website and download and install Azure CLI on your operating system.

Setting Up the Terraform Azure Provider

When you come on to building your terraform files you need to provision Terraform Azure provider block on your Terraform code. Azure provider will allow you to work with the Azure Cloud Platform. Basically, the Azure terraform provider has many versions because Azure itself keeps on updating its services and it keeps adding new features.

When you add new features, the provider needs to make use of these features. Anything that Azure changes, the provider has to change as well. In the end, the provider is calling the APIs. These are the application programming interfaces provided by Azure. Those APIs interact with the Azure-based services. So, the provider also needs to be up to date.

Terraform Azure Provider:

 

Terraform Azure Features and Benefits

  • Declarative Infrastructure Management
    One of the fundamental core principles behind Terraform is its declarative approach to handling infrastructure. You don’t have to write instructions on how to create, modify, or delete infrastructure. Just describe what you want the state of the infrastructure to be, and Terraform figures out how to get there no matter where it begins. This approach eliminates many common errors caused by manual operations or scripts.
  • State Management
    Terraform state files store the states of the managed resources. State files should be stored in a secure, shared place like Azure Blob Storage for teams. Proper state management is necessary for safe and correct operations.
  • Version Control
    Manage infrastructure using version-controlled files stored in Git repositories.
  • Conflict Handling
    Terraform has some strong conflict detection and handling features in addition to its effective cloud tool automation capabilities. One of these features is the Terraform plan function, which identifies any perceived or possible conflicts of infrastructure orchestration and makes it simple to resolve them before deployment.
  • Code Reusability
    We can use Terraform Azure codes for another same services deployment in the same or different projects and Terraform’s developer documentation page provides a large selection of code templates for simple reuse.

What is the Basic Terraform Workflow in Azure?

Terraform on Azure Workflow - Red: Develop- icon of code, Yellow: Preview, icon of documents under review. Green: Deploy - icon of action.
Terraform Workflow – Red: Develop, Yellow: Preview. Green: Deploy

The Azure Core Terraform workflow has three steps:

  1. Write – Author infrastructure as code.
  2. Plan – Preview changes before applying.
  3. Apply – Provision reproducible infrastructure.

Create a Terraform Configuration on Azure

Define an Azure resource using terraform block. In this example, we will create an Azure resource group, an Azure virtual network, and a VM.

 

Initialize Terraform

  • Initializing your workspace is used to initialize a working directory containing Terraform configuration files. Run the following command to initialize Terraform and download the Azure provider.terraform init
Initialize Terraform screenshot
Initialize Terraform the backend

Plan the Terraform Infrastructure

Terraform has a dry run mode where you can preview what Terraform will change without making any actual changes to your infrastructure. This dry run is performed by running a terraform plan. In your terminal, you can run a plan as shown below to see the changes required for Terraform to reach the desired state you defined in your code. This is equivalent to running Terraform in a “dry mode”.terraform plan

Once completed, you will see that Terraform has successfully built your resource based on what was in your plan file.

Applying Terraform Plan

Run the command below to build the resources within your plan file.terraform apply

Now, resources are deployed. You can check those resources in the Azure console.

Azure console
Azure console with Terraform Provider screenshot

The Azure Platfrom

Terraform Destroy

The terraform destroy command is a convenient way to destroy all remote objects managed by a particular Terraform configuration. It does not delete your configuration file(s), main.tf, etc. It destroys the resources built from your Terraform code. Run the command as shown below to run a planned destroy.terraform destroy

Terraform Best Practices for Azure

Use Modules for Reusability

Modules are specifically authored within the Terraform framework and serve as reusable components which enable you to organize cloud services with ease. You can also store vital information regarding cloud services in a module and then make it special by customizing it using module variables.

State Management

Store the Terraform state remotely in Azure Storage to enable team collaboration.

Security Best Practices

Avoid storing secrets in Terraform files: Keep sensitive information in Azure Key Vault.

Final Thoughts about Terraform in Azure

Terraform for Azure is a powerful tool for managing cloud infrastructure. As you apply Terraform, your organizations are able to utilize scalability, efficiency, and predictability of infrastructure as code. Keep learning, trying new things, and practicing good methods as you start your Terraform journey. This way, you can fully use Terraform to deploy infrastructure on Azure.

For more details and advanced topics, check the Terraform Azure Provider documentation. It has many resources and tutorials to help you learn about using Azure resources with Terraform.

gif

FAQ Terraform in Azure

Terraform automates the provisioning and management of Azure resources using Infrastructure as Code (IaC).

Terraform uses a state file (terraform.tfstate) to track deployed resources. It is recommended that it be stored remotely in Azure Storage for collaboration.

Yes, Terraform integrates with Azure DevOps to enable CI/CD pipelines for infrastructure automation.

Use Azure Key Vault to store sensitive credentials instead of hardcoding them in Terraform files.

Terraform provides multi-cloud support, built-in state management, and a modular approach, making it more flexible than Azure Resource Manager (ARM) templates.

Terraform detects configuration drift by comparing the current infrastructure state with the desired state defined in the code. Running terraform plan helps identify any discrepancies, and terraform apply can be used to bring the infrastructure back to the desired state.

To manage existing Azure infrastructure with Terraform, use the terraform import command to bring resources into your Terraform state. However, this doesn’t generate code. For a full Terraform Azure workflow, you’ll need .tf files that define the infrastructure. Tools like Azure Terrafy (aztfy) make this easier. They create Terraform code from current Azure resources and import it into state automatically. Once generated, review and refine the code to follow best practices. This process, whether manual or automated, helps bring your cloud resources together. It uses Terraform Azure management for consistent and clear infrastructure-as-code.

About the writer
Ori Yemini
Ori Yemini

CTO & Co-Founder

Ori Yemini is the CTO and Co-Founder of ControlMonkey. Before founding ControlMonkey, he spent five years at Spot (acquired by NetApp for $400M), where he built deep tech for DevOps and cloud infrastructure. Ori holds degrees from Tel Aviv and Hebrew University and is passionate about building scalable systems and solving real-world cloud challenges through Infrastructure as Code.

Related Resources

Visual showcasing Terraform Variables
Magnifying glass over broken terraform like debugging
Cloud business continuity and disaster recovery strategy visualization – ControlMonkey
Compliant AWS environments in minutes, with Self-service Infrastructure
Learn how to enable other teams such as Dev and QA to launch pre-defined compliant AWS environments in minutes, by using Terraform.

Contact us

We look forward to hearing from you

ControlMonkey
AWS Governance & DevOps Productivity with Terraform

Learn how how to shift-left cloud governance with Terraform in this webinar brought to you by AWS and ControlMonkey.

We look forward to hearing from you!

ControlMonkey

Terraform Best Practices with ControlMonkey Webinar

Check out our latest webinar with DoIT International.

In this webinar we showcase together with DoIT how ControlMonkey is helping DevOps teams to make the transition from ClickOps to GitOps easily with Terraform.

This website uses cookies. We use cookies to ensure that we give you the best experience on our website. Privacy policy