Getting started with Infrastructure as Code on Azure

What is Infrastructure as Code?

Per Ryen’s blog post Infrastructure as Code, abbreviated as IaC, is a process of managing and provisioning computing infrastructure with some declarative approach while setting their configuration using definition files instead of traditional interactive configuration tools.

What are the benefits of IaC?

• Consistently achieve standardized provisioning of cloud deployments
• Rapidly deploy enterprise cloud environments
• Reusable code for repeatable or similar provisioning or deployment
• Extensible code for incorporating with additional items

IaC on Azure cloud is implemented via these three pillars:

1. Azure Command Line Interface, or Azure CLI (including Xplat-CLI)
2. Azure Resource Management (ARM) including ARM templates in JSON format
3. Software Development Kits (SDKs)

For new Azure customers starting with IaC today I would recommend Azure CLI 2.0 that soon will be supporting all Azure ARM services and infrastructure. Azure CLI 2.0 natively runs and supports Bash on MacOS, Linux and Windows, so it is very portable. There were many enhancements made to the authoring experience and overall syntax moving to Python.

Let’s get started with IaC on Azure:

1. Subscribe to Azure account: Link.
2. Install Azure CLI 2.0. Link. I followed Windows 10 instructions which now has Windows Linux Subsystem running Ubuntu that comes with Bash.
3. Launch command line interface (Bash). I highly suggest to create a service principal as it allows much faster authentication and CLI login to your subscription. Link.
4. Login to your subscription from Azure CLI 2 using service principal credentials: $ az login --service-principal -u <SP_APP_ID> -p <PASS_WD> --tenant Microsoft.com
5. where <SP_APP_ID> is "appId" returned in JSON when you set-up the service principal above and <PASS_WD> is the service principal password you chose
6. Execute a simple command that will list your resource groups if you created them earlier via Azure Portal: $ az group list --output table
7. I highly suggest to use --no-wait parameter when you delete resources or create multiple resources in parallel so that you can switch to the next task. ARM supports fire and forget operation. This switch is not advisable during resource creation with dependencies, for example (a) create a storage account, (b) create container on this storage account.
8. Example: $ az group delete -n <RESOURCE_GROUP_NAME> -y --no-wait
9. To familiarize yourself with more complex scripts, take a look at “Create a single SQL database and configure a firewall rule using the Azure CLI” example here.

Further reading:

• You can deploy and manage Azure resources via CLI 2.0 and ARM templates. Azure quick start ARM JSON templates are located here.
• Azure CLI 2.0 documentation is located here.
• Azure SDK’s for writing more complex IaC logic can be found here. Azure Node.js SDK has quite a following on Github and is located here. Node.js reference is here.