Photo by Felix Hanspach on Unsplash

How to Deploy and Configure Azure Firewall with Terraform

Guillermo Musumeci

--

Azure Firewall is a managed, cloud-based network security service that protects our Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

Source: https://docs.microsoft.com/en-us/azure/firewall/overview

In this story, we will learn how to deploy and configure an Azure Firewall using HashiCorp Terraform.

On a typical Azure Cloud Hub-Spoke (aka Star) Architecture, we will use a Core or Shared VNET or Subscription, used to connect with on-premises and to provide shared services to production and non-production VNETs or Subscriptions.

Source: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke

It is common to deploy an Azure Firewall inside this Core/Share VNET or Subscription to protect the inbound and outbound traffic between all VNETs or Subscriptions and the internet.

1. Creating the Core Network Resources with Terraform

We will need to create a Resource Group for our core environment.

--

--

Guillermo Musumeci

Certified AWS, Azure & GCP Architect | HashiCorp Ambassador | Terraform SME | KopiCloud Founder | ex-AWS | Entrepreneur | Book Author | Husband & Dad of ✌