Most enterprises are looking to leverage the capabilities of a public cloud environment, but often have strict data security or regulatory requirements that prevent them from fully transitioning away from on-premises data centers. To help with this concern, Microsoft introduced Azure Stack. Azure Stack is an extension of Azure Cloud, aimed at providing the benefits of Azure’s cloud computing capabilities via on-premises environments without raising some of the security concerns of the cloud. Organizations opting to use Azure Stack as part of a hybrid cloud environment, can now provision and manage infrastructure using HashiCorp Terraform through a new, dedicated provider. Below we’ll cover some of the changes that are required for using the new Azure Stack provider for Terraform and discuss some of the resources that are now available.
In order to use the Azure Stack provider, operators must first create a Service Principal through the Azure (Public) Portal. Currently, this is the only way for the provider to authenticate to Azure Stack. There are two tasks that users must complete. The first is to create an Application in the Azure Active Directory. The second is to grant that Application access to manage resources for the Azure Subscription that will be used. Once the Service Principal has been created, it can either be added as an environmental variable or as part of the provider resource block within your Terraform configuration. For more detailed instructions on how to create this Service Principal, please consult the Terraform docs.
Similar to the Azure Provider for Terraform, the new Azure Stack Provider calls APIs from the Azure Resource Manager library. There are currently about 20 resources available for configuration. Resources are available from the following categories:
To see an example configuration of these resources, please visit the Azure Stack provider docs.
For more information on Terraform, please visit: https://www.hashicorp.com/terraform.
Native Open Policy Agent (OPA) support allows customers who have standardized on OPA to bring their policies into Terraform Cloud.
Dynamic provider credentials for Terraform Cloud provide a simple and safe authentication workflow for Vault and official cloud providers.
CDK for Terraform (CDKTF) 0.15 improves on its ease of use with Terraform Cloud and Terraform Enterprise through automatic Terraform workspace creation.