Book Image

Terraform Cookbook

By : Mikael Krief
Book Image

Terraform Cookbook

By: Mikael Krief

Overview of this book

HashiCorp Configuration Language (HCL) has changed how we define and provision a data center infrastructure with the launch of Terraform—one of the most popular and powerful products for building Infrastructure as Code. This practical guide will show you how to leverage HashiCorp's Terraform tool to manage a complex infrastructure with ease. Starting with recipes for setting up the environment, this book will gradually guide you in configuring, provisioning, collaborating, and building a multi-environment architecture. Unlike other books, you’ll also be able to explore recipes with real-world examples to provision your Azure infrastructure with Terraform. Once you’ve covered topics such as Azure Template, Azure CLI, Terraform configuration, and Terragrunt, you’ll delve into manual and automated testing with Terraform configurations. The next set of chapters will show you how to manage a balanced and efficient infrastructure and create reusable infrastructure with Terraform modules. Finally, you’ll explore the latest DevOps trends such as continuous integration and continuous delivery (CI/CD) and zero-downtime deployments. By the end of this book, you’ll have developed the skills you need to get the most value out of Terraform and manage your infrastructure effectively.

Related Content you might be interested in

Current Title:

Small book image
Terraform Cookbook
Mikael Krief
Oct, 2020 | 366 pages
Small book image
Learning DevOps
Mikael Krief
Mar, 2022 | 560 pages
Small book image
HashiCorp Infrastructure Automation Certification Guide
Ravi Mishra
Jul, 2021 | 350 pages
Small book image
Learning DevOps.
Mikael Krief
Oct, 2019 | 504 pages
Table of Contents (10 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Setting Up the Terraform Environment
Setting Up the Terraform Environment
Technical requirements
Downloading and installing Terraform manually
Installing Terraform using a script on Linux
Installing Terraform using a script on Windows
Executing Terraform in a Docker container
Writing Terraform configuration in VS Code
Migrating your Terraform configuration to Terraform 0.13
Free Chapter
2
Writing Terraform Configuration
Writing Terraform Configuration
Technical requirements
Configuring Terraform and the provider version to use
Manipulating variables
Using local variables for custom functions
Using outputs to expose Terraform provisioned data
Provisioning infrastructure in multiple environments
Obtaining external data with data sources
Using external resources from other state files
Querying external data with Terraform
Calling Terraform built-in functions
Writing conditional expressions
Manipulating local files with Terraform
Executing local programs with Terraform
Generating passwords with Terraform
3
Building Dynamic Environments with Terraform
Building Dynamic Environments with Terraform
Technical requirements
Provisioning multiple resources with the count property
Using a table of key-value variables with maps
Looping over object collections
Generating multiple blocks with dynamic expressions
4
Using the Terraform CLI
Using the Terraform CLI
Technical requirements
Keeping your Terraform configuration clean
Validating the code syntax
Destroying infrastructure resources
Using workspaces for managing environments
Importing existing resources
Exporting the output in JSON
Tainting resources
Generating the graph dependencies
Debugging the Terraform execution
5
Sharing Terraform Configuration with Modules
Sharing Terraform Configuration with Modules
Technical requirements
Creating a Terraform module and using it locally
Using modules from the public registry
Sharing a Terraform module using GitHub
Using another file inside a custom module
Using the Terraform module generator
Generating module documentation
Using a private Git repository for sharing a Terraform module
Applying a Terrafile pattern for using modules
Testing Terraform module code with Terratest
Building CI/CD for Terraform modules in Azure Pipelines
Building a workflow for Terraform modules using GitHub Actions
6
Provisioning Azure Infrastructure with Terraform
Provisioning Azure Infrastructure with Terraform
Technical requirements
Using Terraform in Azure Cloud Shell
Protecting the Azure credential provider
Protecting the state file in the Azure remote backend
Executing ARM templates in Terraform
Executing Azure CLI commands in Terraform
Using Azure Key Vault with Terraform to protect secrets
Getting a list of Azure resources in Terraform
Provisioning and configuring an Azure VM with Terraform
Building Azure serverless infrastructure with Terraform
Generating a Terraform configuration for existing Azure infrastructure
7
Deep Diving into Terraform
Deep Diving into Terraform
Technical requirements
Creating an Ansible inventory with Terraform
Testing the Terraform configuration using kitchen-terraform
Preventing resources from getting destroyed
Zero-downtime deployment with Terraform
Detecting resources deleted by the plan command
Managing Terraform configuration dependencies using Terragrunt
Using Terragrunt as a wrapper for Terraform
Building CI/CD pipelines for Terraform configurations in Azure Pipelines
Working with workspaces in CI/CD
8
Using Terraform Cloud to Improve Collaboration
Using Terraform Cloud to Improve Collaboration
Technical requirements
Using the remote backend in Terraform Cloud
Using Terraform Cloud as a private module registry
Executing Terraform configuration remotely in Terraform Cloud
Automating Terraform Cloud using APIs
Testing the compliance of Terraform configurations using Sentinel
Using cost estimation for cloud cost resources governance
9
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Using Azure Key Vault with Terraform to protect secrets

One of the challenges of IaC is the protection of sensitive information that is part of the infrastructure.

Indeed, one of the advantages of IaC is the possibility to version the code in a Git repository and so this code benefits from the Git workflow of versioning and validation of the code. However, with this approach, we tend to write everything in this code, sometimes forgetting that some data that is sensitive, such as passwords or login strings, can be misused if they end up in the wrong hands.

In this recipe, we will study how to protect this sensitive data by storing it in Azure's secret manager, which is Azure Key Vault, and then using it in the Terraform configuration.

Getting ready

For this recipe, we assume the use of Azure Key Vault. For more information, you can refer to the following documentation available at https://docs.microsoft.com/en-us/azure/key-vault/.

In an Azure Key Vault that we have created in Azure...

Previous Section
End of Section 8
Next Section