This example shows how to bootstrap an Azure account with Terraform. It performs the following:
- Creates Azure AD Application and Service Principal
- Creates Resource Group
- Creates Azure Storage Account (where state is stored)
- Updates GitHub Repository Secrets
- Creates Documentation in Confluence
-
Terraform >= 1.5
-
Azure CLI >= 2.0.0
-
A GitHub Repository for maintaining other repositories. You can create one with the following command replacing the values with your own:
gh repo create myorg/devops --description "Repository to maintain other repositories in the organization" --add-readme --private -
A Confluence Space for maintaining documentation
Create a file terraform.tfvars with the following content. Replace the values with your own:
name = "terraform"
location = "westus"
confluence_username="email@example.com"
confluence_token="ATATT3xqbcdefghjklmnopqrstuvwxyz"
confluence_site="example.atlassian.net"
confluence_space="DevOps"
github_owner = "wernerstrydom"
github_token = "ghp_abcdefghjklmnopqrstuvwxyz"
github_repository_name = "devops"The values are as follows:
| Name | Description | Reference |
|---|---|---|
| name | The name of the storage account, resource group and application | |
| location | The location of the storage account and resource group | Azure Regions |
| confluence_username | The username of the Confluence user | |
| confluence_token | The API token of the Confluence user | Confluence API Tokens |
| confluence_site | The site of the Confluence instance | |
| confluence_space | The space of the Confluence instance | |
| github_owner | The organization where repos are being stored | |
| github_token | The API token of the GitHub user | GitHub API Tokens |
| github_repository_name | The name of the repository responsible to manage GitHub, Azure and whatnot |
For example, you could create a devops repository in your organization which would be reponsible for managing all the other repositories in your organization. You can create it using the gh command line tool:
gh repo create myorg/devops --description "Repository to maintain other repositories in the organization" --add-readme --privateBefore running Terraform apply, be sure to login to Azure. You can do this with the following commands:
az login
az account set --subscription <subscription_id>
terraform init
terraform plan
terraform applyOnce the resources are created, you'll may need to copy the state to the storage account. You can do this with the following command:
First, you'll need to add a backend configuration to your terraform.tf file, replacing the values with the ones generated:
terraform output -raw backend > backend.tfThen, run the following commands:
terraform state push terraform.tfstateYou can now delete the local state file.
:note: You may want to remove the
backend.tffile as well.
If you'd like to delete the resources you just created, run the following command:
terraform destroyterraform fmt -recursiveThis library is licensed under the MIT License. See the LICENSE file.