Deploying Terraform Infrastructure using Azure DevOps Pipelines Step by Step (Advanced)
Azure DevOps is a hosted service to deploy CI/CD pipelines and today we are going to create a pipeline to deploy a Terraform configuration using an Azure DevOps pipeline.
This is an updated version of this original story. The original story will help you to deploy an Azure Infrastructure using Terraform from DevOps Pipelines in a few minutes.
This is an advanced version with more detail, in particular, how to use Git to update Azure DevOps Repos, and it will more useful for large projects.
If you are interested to deploy GCP Infrastructure with Terraform using Azure DevOps read Deploying GCP Infrastructure using Terraform and Azure DevOps Pipelines Step by Step
Note May 2020: Updated the story with two separate repos of Terraform sample code for both AzureRM v1.x and AzureRM v2.x
This is the list of prerequisites required to create a DevOps pipeline:
- Azure Subscription: If you don’t have an Azure subscription, create a free account at https://azure.microsoft.com before you start.
- Azure Service Principal: is an identity used to authenticate to Azure. See below for instructions to create one.
- Azure Remote Backend for Terraform: we will store our Terraform state file in a remote backend location. We will need a Resource Group, Azure Storage Account and a Container. We can create the Remote Backend in advance (read points 1.2, 1.3 and 1.4 of the original story) or let the Release Pipeline create one.
- Azure DevOps Account: we need an Azure DevOps account because is a separate service from the Azure cloud.
- Git Tools: we need Git tools installed on our machines to push code to Azure DevOps Repos (more info in point 4).
1.1. Creating a Service Principal and a Client Secret
Using a Service Principal, also known as SPN, is a best practice for DevOps or CI/CD environments.
First, we need to authenticate to Azure. To authenticate using Azure CLI, we type: