Using Terraform Providers To Deploy Resources To Different Azure Subscriptions : Thomas Thornton
by: Thomas Thornton
blow post content copied from Thomas Thornton – Microsoft Azure MVP – HashiCorp Ambassador
click here to view original post
Deploying Terraform in Azure, there may be a need to deploy or reference a resource in different subscription that the current Terraform deployment is configured to deploy to. In this blog post, I will delve into the process of deploying or referencing resources in different Azure subscriptions using Terraform providers. I will cover the fundamental concept, provide step-by-step instructions and show examples to help you understand and implement this approach.
What is a Terraform Provider?
Terraform providers are responsible for understanding and interacting with APIs of different cloud platforms. Providers allow Terraform to create, read, update, and delete resources within the cloud environment. Azure, being one of the most common cloud providers, has its own Terraform provider that enables seamless integration between your infrastructure code and Azure services.
How does a Terraform Provider help me deploy or reference another Azure subscription?
A Terraform Provider for Azure as mention allows you to interact with Azure resources and services using Terraform. To deploy resources to another Azure subscription, you can specify the subscription ID in the provider block of your Terraform configuration file.
Here is an example of how to specify the subscription ID in the provider block of your Terraform configuration file, this is used when you want to use one provider:
provider "azurerm" {
subscription_id = "subscription-id"
features {}
}
Referencing multiple subscriptions as providers
Now that we have showed an example of one provider reference, lets look at adding multiple, one for each subscription:
# default provider
provider "azurerm" {
subscription_id = "subscription-id"
features {}
}
provider "azurerm" {
subscription_id = "subscription-id-2"
features {}
alias = "subscription_2"
}
provider "azurerm" {
subscription_id = "subscription-id-3"
features {}
alias = "subscription_3"
}
The above Terraform configuration defines three Azure azurerm providers, each with a different subscription ID. The first provider is the default provider, while the second and third providers are aliased as “subscription_2” and “subscription_3”, respectively. This allows you to reference each provider by its alias in your Terraform configurations, allowing you reference or create resources in multiple subscriptions. More on that later..
Deploying to Different Azure Subscriptions
Deploying resources to different Azure subscriptions involves a combination of authenticating to each subscription and configuring Terraform to work with the desired subscription.
Prior to this, assuming you will be using a service principal to authenticate:
- Ensure the service principal has required permissions in all subscriptions to which you want to deploy into
In this example, I will deploy three resource groups into three separate subscriptions
Lets create a provider.tf and add in the three required providers, one for each subscription
# default provider
provider "azurerm" {
subscription_id = "04109105-f3ca-44ac-a3a7-66b4936112c3"
features {}
}
provider "azurerm" {
subscription_id = "04109105-f3ca-44ac-a3a7-66b4936112c4"
features {}
alias = "subscription_2"
}
provider "azurerm" {
subscription_id = "04109105-f3ca-44ac-a3a7-66b4936112c5"
features {}
alias = "subscription_3"
}
In the above, I have defined three provider blocks, each with a different subscription ID. The first provider block is the default provider, which will be used if no other provider is specified. The second and third provider blocks have an alias attribute, which allows us to reference them in our Terraform configuration files. We can use the alias attribute to specify which provider to use when creating resources.
In a main.tf file – I want to deploy three resource groups, deploy one in each of the relevant provider subscriptions:
resource "azurerm_resource_group" "tamops1" {
name = "resource-group-sub1"
location = "uksouth"
}
resource "azurerm_resource_group" "tamops2" {
name = "resource-group-sub2"
location = "uksouth"
provider = azurerm.subscription_2
}
resource "azurerm_resource_group" "tamops3" {
name = "resource-group-sub3"
location = "uksouth"
provider = azurerm.subscription_3
}
- Notice the first resource group
resource-group-sub1has no provider defined? it will use the default resource-group-sub2andresource-group-sub3both reference their associated providers.
Similar configuration done if you are wanting to reference a data block, but the resource is in another subscription, like example below:
data "azurerm_resource_group" "tamops3" {
name = "resource-group-sub3"
provider = azurerm.subscription_3
}
In this blog post, we have explored how to use Terraform providers to deploy to different Azure subscriptions and also how to reference a data resource from another subscription. We have seen how to define multiple provider blocks with different subscription IDs, and how to use the alias attribute to reference specific providers when creating or referencing resources.
By using Terraform providers, we can easily deploy and reference resources from multiple Azure subscriptions with a single Terraform configuration file. This makes it easy to manage infrastructure as code across multiple environments and subscriptions.
GitHub repository here with the example Terraform configuration shown above
August 16, 2023 at 06:12PM
Click here for more details...
=============================
The original post is available in Thomas Thornton – Microsoft Azure MVP – HashiCorp Ambassador by Thomas Thornton
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment