Skip to content

Latest commit

 

History

History
131 lines (84 loc) · 5.62 KB

manage-ddos-protection-terraform.md

File metadata and controls

131 lines (84 loc) · 5.62 KB
Raw
title description author ms.service ms.topic ms.custom ms.author ms.date content_well_notification ai-usage
QuickStart: Create and configure Azure DDoS Network Protection using Terraform
In this article, you create and configure Azure DDoS Network Protection using Terraform
TomArcherMsft
ddos-protection
quickstart
devx-track-terraform
tarcher
07/17/2024
AI-contribution
ai-assisted

QuickStart: Create and configure Azure DDoS Network Protection using Terraform

This QuickStart describes how to use Terraform to create and enable a distributed denial of service (DDoS) protection plan and Azure virtual network (VNet). An Azure DDoS Network Protection plan defines a set of virtual networks that have DDoS protection enabled across subscriptions. You can configure one DDoS protection plan for your organization and link virtual networks from multiple subscriptions to the same plan.

:::image type="content" source="./media/manage-ddos-protection/ddos-network-protection-diagram-simple.png" alt-text="Diagram of DDoS Network Protection." lightbox="./media/manage-ddos-protection/ddos-network-protection-diagram-simple.png":::

[!INCLUDE Terraform abstract]

In this article, you learn how to:

[!div class="checklist"]

Prerequisites

Implement the Terraform code

Note

The sample code for this article is located in the Azure Terraform GitHub repo. You can view the log file containing the test results from current and previous versions of Terraform.

See more articles and sample code showing how to use Terraform to manage Azure resources

  1. Create a directory in which to test and run the sample Terraform code and make it the current directory.

  2. Create a file named providers.tf and insert the following code:

    [!code-terraformmaster]

  3. Create a file named main.tf and insert the following code:

    [!code-terraformmaster]

  4. Create a file named variables.tf and insert the following code:

    [!code-terraformmaster]

  5. Create a file named outputs.tf and insert the following code:

    [!code-terraformmaster]

Initialize Terraform

[!INCLUDE terraform-init.md]

Create a Terraform execution plan

[!INCLUDE terraform-plan.md]

Apply a Terraform execution plan

[!INCLUDE terraform-apply-plan.md]

Verify the results

Azure CLI

  1. Get the Azure resource group name.

    resource_group_name=$(terraform output -raw resource_group_name)

  2. Get the DDoS protection plan name.

    ddos_protection_plan_name=$(terraform output -raw ddos_protection_plan_name)

  3. Run az network ddos-protection show to display information about the new DDoS protection plan.

    az network ddos-protection show \
    --resource-group $resource_group_name \
    --name $ddos_protection_plan_name

Azure PowerShell

  1. Get the Azure resource group name.

    $resource_group_name=$(terraform output -raw resource_group_name)

  2. Get the DDoS protection plan name.

    $ddos_protection_plan_name=$(terraform output -raw ddos_protection_plan_name)

  3. Run Get-AzDdosProtectionPlan to display information about the new DDoS protection plan.

    Get-AzDdosProtectionPlan -ResourceGroupName $resource_group_name `
                         -Name $ddos_protection_plan_name

Clean up resources

[!INCLUDE terraform-plan-destroy.md]

Troubleshoot Terraform on Azure

Troubleshoot common problems when using Terraform on Azure

Next steps

[!div class="nextstepaction"] View and configure DDoS protection telemetry