azure,

Ways to provision infrastructure on Azure

Nov 01, 2021 · 4 mins read · Post a comment

Last week I wrote about the different Ways to Provision Infrastructure on AWS, and as you might expect I’m doing another one, but this time it’s all Azure.

ARM Templates

ARM Templates are basically the AWS CloudFormation templates equivalent, but instead of YAML and JSON support, these templates can be written in JSON only.

The template structure includes the following elements:

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "",
  "apiProfile": "",
  "parameters": {  },
  "variables": {  },
  "functions": [  ],
  "resources": [  ],
  "outputs": {  }
}

Microsoft has excellent Quickstart Templates on their GitHub repo called azure-quickstart-templates.

Azure Blueprint

Azure Blueprints are used to spin up new preconfigured Azure environments, by packaging ARM templates, role-based access control (RBAC) assignments, policies and resource groups, or so-called artifacts, in a single Blueprint template. The keyword here is governance at scale. Blueprints are packages that could be assigned to management groups or subscriptions, versioned and included in a CI/CD pipeline.

Now, what makes them different from ARM templates, is the relationship between the Blueprints definition (template) and Blueprints assignment (resources) is kept, which helps with the tracking of deployments. On the other side, ARM templates don’t live in Azure natively, hence we need to store them in Git repos.

Third-party tools

Terraform is a popular choice, free and open-source tool and best fit for multi-cloud deployments. Just like Docker is for containers, Terraform is already a standard in the IaC world, and it seems it’s here to stay at least for the next couple of years. Other alternatives include Pulumi and Crossplane.

Example of Azure storage account template in Terraform:

resource "azurerm_resource_group" "devcoops" {
  name     = "devcoops-westeurope-rg"
  location = "West Europe"
}

resource "azurerm_storage_account" "devcoops" {
  name                     = "devcoopsstorage"
  resource_group_name      = azurerm_resource_group.devcoops.name
  location                 = azurerm_resource_group.devcoops.location
  account_tier             = "Standard"
  account_replication_type = "LRS"

  tags = {
    environment = "production"
  }
}

Azure Bicep

Azure Bicep is a domain-specific language and an Azure solution to ARM Templates giving headaches from the unnecessary JSON syntax complexity. You can think of it as Terraform-ish templates that works only in Azure and there is no need for state management, since all state is stored in Azure. It’s also an ARM template JSON abstraction, meaning during deployments, the Bicep files are converted into ARM templates. Bicep GitHub repository.

Azure SDK

Software Development Kits are just another way of provision resources in the cloud. Azure SDK supports most of the programming languages with a ton of documentation and examples, including .NET, Java, JavaScript/TypeScript, Python, PHP, Ruby Go, C++, C, iOS and Android.

Azure CLI

Azure CLI is a command-line interface used for deploying and managing Azure resources. Not the ideal one when managing infrastructure, since there is no state management, although you could manage multiple Azure subscriptions and deploy ARM Templates.

Below are few examples to get you started.

# Login to Azure
az login

# Get the current subscription
az account show -o table

# Get a list of subscriptions
az account list -o table

# Create a resource group
az group create --name devcoops-rg --location westeurope 

# Create a storage account
az storage account create --name devcoops --resource-group devcoops-rg --location westeurope --sku Standard_LRS

Azure Portal

Last but not least, the Azure Portal, my personal favorite GUI Cloud Console and probably the best looking one. Testing out new Azure Portal features or services, deploying resources here and there, looking at dashboards, and making sure the production environment it’s still up and running, are just few of the things you might do on a daily basis.

Conclusion

So, which one is it?! If you are fully invested in Azure and you are already working with ARM templates, you could try out Azure Bicep, and if not, Terraform or some other multi-cloud IaC tool would be the right choice most of the time. Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.