Book Image

Terraform Cookbook

By : Mikael Krief
Book Image

Terraform Cookbook

By: Mikael Krief

Overview of this book

HashiCorp Configuration Language (HCL) has changed how we define and provision a data center infrastructure with the launch of Terraform—one of the most popular and powerful products for building Infrastructure as Code. This practical guide will show you how to leverage HashiCorp's Terraform tool to manage a complex infrastructure with ease. Starting with recipes for setting up the environment, this book will gradually guide you in configuring, provisioning, collaborating, and building a multi-environment architecture. Unlike other books, you’ll also be able to explore recipes with real-world examples to provision your Azure infrastructure with Terraform. Once you’ve covered topics such as Azure Template, Azure CLI, Terraform configuration, and Terragrunt, you’ll delve into manual and automated testing with Terraform configurations. The next set of chapters will show you how to manage a balanced and efficient infrastructure and create reusable infrastructure with Terraform modules. Finally, you’ll explore the latest DevOps trends such as continuous integration and continuous delivery (CI/CD) and zero-downtime deployments. By the end of this book, you’ll have developed the skills you need to get the most value out of Terraform and manage your infrastructure effectively.
Table of Contents (10 chapters)

Protecting the Azure credential provider

In order for the Terraform Azure provider to provision and manipulate resources in Azure, the provider must authenticate in Azure using an Azure account and that account must have the correct authorizations.

In the previous recipe, we studied how to automatically authenticate the Terraform context in Azure Cloud Shell with our personal account and permissions. However, in corporate projects, as well as in production, it is very bad practice to use your personal account as this could expire, be deleted, or, even worse, be misused.

This is why one of the options we have when running Terraform in Azure is to use an App Registration account (also known as Service Principal) that is not linked to a physical person.

In this recipe, we will first study the creation of this Service Principal and then we will see how to use it securely in order to run a Terraform configuration.

Getting ready

To apply the first part of this recipe, you must have user account...