Book Image

Terraform Cookbook

By : Mikael Krief
Book Image

Terraform Cookbook

By: Mikael Krief

Overview of this book

HashiCorp Configuration Language (HCL) has changed how we define and provision a data center infrastructure with the launch of Terraform—one of the most popular and powerful products for building Infrastructure as Code. This practical guide will show you how to leverage HashiCorp's Terraform tool to manage a complex infrastructure with ease. Starting with recipes for setting up the environment, this book will gradually guide you in configuring, provisioning, collaborating, and building a multi-environment architecture. Unlike other books, you’ll also be able to explore recipes with real-world examples to provision your Azure infrastructure with Terraform. Once you’ve covered topics such as Azure Template, Azure CLI, Terraform configuration, and Terragrunt, you’ll delve into manual and automated testing with Terraform configurations. The next set of chapters will show you how to manage a balanced and efficient infrastructure and create reusable infrastructure with Terraform modules. Finally, you’ll explore the latest DevOps trends such as continuous integration and continuous delivery (CI/CD) and zero-downtime deployments. By the end of this book, you’ll have developed the skills you need to get the most value out of Terraform and manage your infrastructure effectively.
Table of Contents (10 chapters)

Using Azure Key Vault with Terraform to protect secrets

One of the challenges of IaC is the protection of sensitive information that is part of the infrastructure.

Indeed, one of the advantages of IaC is the possibility to version the code in a Git repository and so this code benefits from the Git workflow of versioning and validation of the code. However, with this approach, we tend to write everything in this code, sometimes forgetting that some data that is sensitive, such as passwords or login strings, can be misused if they end up in the wrong hands.

In this recipe, we will study how to protect this sensitive data by storing it in Azure's secret manager, which is Azure Key Vault, and then using it in the Terraform configuration.

Getting ready

For this recipe, we assume the use of Azure Key Vault. For more information, you can refer to the following documentation available at

In an Azure Key Vault that we have created in Azure...