{"id":22350867,"url":"https://github.com/michelmf/webserver_iaac","last_synced_at":"2026-01-06T07:35:33.560Z","repository":{"id":164952183,"uuid":"334041775","full_name":"michelmf/webserver_iaac","owner":"michelmf","description":"Deployment of a web server in Azure using Infrastructure as a Code","archived":false,"fork":false,"pushed_at":"2021-01-29T05:09:10.000Z","size":103,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-31T13:12:35.940Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michelmf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-29T04:56:08.000Z","updated_at":"2021-01-29T05:09:12.000Z","dependencies_parsed_at":null,"dependency_job_id":"80d49f5d-1dcb-435b-b0e0-18cff0204126","html_url":"https://github.com/michelmf/webserver_iaac","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelmf%2Fwebserver_iaac","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelmf%2Fwebserver_iaac/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelmf%2Fwebserver_iaac/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelmf%2Fwebserver_iaac/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michelmf","download_url":"https://codeload.github.com/michelmf/webserver_iaac/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245650118,"owners_count":20650097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-04T12:11:32.350Z","updated_at":"2026-01-06T07:35:33.510Z","avatar_url":"https://github.com/michelmf.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure Infrastructure Operations Project: Deploying a scalable IaaS web server in Azure\n\n### Introduction\n\nThis is the first project of the Azure DevOps nanodegree, where students must deploy a web server in Azure using terraform and packer.\n\n### First Steps\n1. Firstly, we need an [Azure Account](https://portal.azure.com) \n2. After getting an Azure account, we must install the [Azure command-line interface](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest)\n3. To create and deploy the Virtual Machine (VM) image, we need [Packer](https://www.packer.io/downloads)\n4. For automated creation of our infrastructure, we need to install [Terraform](https://www.terraform.io/downloads.html)\n\n### Policy Deployment\n\nBefore deploying the infrastructure needed for this project, we must create a policy that ensures all indexed resources are tagged. This policy will help us with organization and tracking, making it easier to log when things go wrong. For this task, we should use the Azure Policy tool found inside the security center. According to the given specifications, the policy to be created should **deny** the creation of resources that **do not have tags**.  \n\nThere are many ways to accomplish this task, such as using the Azure Portal to create the policy, Azure Command Line (CLI), or using Terraform. I have decided to check in Azure Policy a policy called **Require a tag on resource** that satisfies our requirements. Below, you can check the policy and pictures of the applied rules. \n\n~~~\n{\n  \"properties\": {\n    \"displayName\": \"Require a tag on resources\",\n    \"policyType\": \"BuiltIn\",\n    \"mode\": \"Indexed\",\n    \"description\": \"Enforces existence of a tag. Does not apply to resource groups.\",\n    \"metadata\": {\n      \"version\": \"1.0.1\",\n      \"category\": \"Tags\"\n    },\n    \"parameters\": {\n      \"tagName\": {\n        \"type\": \"String\",\n        \"metadata\": {\n          \"displayName\": \"Tag Name\",\n          \"description\": \"Name of the tag, such as 'environment'\"\n        }\n      }\n    },\n    \"policyRule\": {\n      \"if\": {\n        \"field\": \"[concat('tags[', parameters('tagName'), ']')]\",\n        \"exists\": \"false\"\n      },\n      \"then\": {\n        \"effect\": \"deny\"\n      }\n    }\n  },\n  \"id\": \"/providers/Microsoft.Authorization/policyDefinitions/871b6d14-10aa-478d-b590-94f262ecfa99\",\n  \"type\": \"Microsoft.Authorization/policyDefinitions\",\n  \"name\": \"871b6d14-10aa-478d-b590-94f262ecfa99\"\n}\n~~~\n\n![Screenshot of the Azure Policy](screenshot.PNG)\n\n![Checking if the policy was applied correctly](tagging-policy.PNG)\n\n### Packer Template\n\nIn order to support application deployment, we need to create an image that different organizations can take advantage of to deploy their own apps.To do this, we need to create a packer image that anyone can use, and we will leverage in our own Terraform template. To do so, we use packer to create a server image, ensuring that the provided application is included in the template. In order to complete the requiments of this project, the template uses environment variables to create the nedded vm image.\n\n* Use an Ubuntu 18.04-LTS SKY as base image\n* Ensure the following commands execute:\n\n~~~\n\"inline\": [\"echo 'Hello, World!' \u003e index.html\", \"nohup busybox httpd -f -p 80 \u0026\" ], \"inline_shebang\" : \"/bin/sh -x\", \"type\" : \"shell\"\n~~~\n\n* Ensure that the resource group specified in packer for the image is the same image specified in Terraform\n\n### How to Run ?\n\nIt is easy: just use the script *run.ps1* on AZURE CLI, and all the IAC steps will execute. This is how this script works:\n\n* First, an Application is registered in azure to execute the IAC \n* After the registration of the app, the variables (client_id, tenant_id, subscription_id, and client_secret) are stored on the user's environment\n* Packer is executed, using the env variables to fill the values inside json and it creates the vm image\n* After that, Terraform is executed to create the other resources needed for this project\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichelmf%2Fwebserver_iaac","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichelmf%2Fwebserver_iaac","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichelmf%2Fwebserver_iaac/lists"}