{"id":33559529,"url":"https://github.com/princecloudops/terraform-azure-core-infra","last_synced_at":"2026-04-16T15:03:54.425Z","repository":{"id":324833468,"uuid":"1098696403","full_name":"PrinceCloudOps/terraform-azure-core-infra","owner":"PrinceCloudOps","description":"Infrastructure-as-Code project deploying core Azure resources using Terraform. Includes VNet, subnet, NSG, VM, NIC, Public IP, storage, and full deploy/teardown lifecycle.","archived":false,"fork":false,"pushed_at":"2025-11-18T04:09:36.000Z","size":6,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-11-18T06:13:33.010Z","etag":null,"topics":["azure-vm","cloud-engineering","devops","infrastructure-as-code","linux","terraform","virtual-network"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PrinceCloudOps.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-18T02:58:31.000Z","updated_at":"2025-11-18T04:46:21.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/PrinceCloudOps/terraform-azure-core-infra","commit_stats":null,"previous_names":["princecloudops/terraform-azure-core-infra"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/PrinceCloudOps/terraform-azure-core-infra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PrinceCloudOps%2Fterraform-azure-core-infra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PrinceCloudOps%2Fterraform-azure-core-infra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PrinceCloudOps%2Fterraform-azure-core-infra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PrinceCloudOps%2Fterraform-azure-core-infra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PrinceCloudOps","download_url":"https://codeload.github.com/PrinceCloudOps/terraform-azure-core-infra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PrinceCloudOps%2Fterraform-azure-core-infra/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27283994,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-26T02:00:06.075Z","response_time":193,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure-vm","cloud-engineering","devops","infrastructure-as-code","linux","terraform","virtual-network"],"created_at":"2025-11-27T22:01:14.837Z","updated_at":"2025-11-27T22:02:11.109Z","avatar_url":"https://github.com/PrinceCloudOps.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# ๐Ÿ“˜ Terraform Azure Core Infrastructure Deployment\n \u003cimg width=\"1400\" height=\"730\" alt=\"Thumbnail (3)\" src=\"https://github.com/user-attachments/assets/cf2946eb-91e0-4f49-a3cc-1d1caba1d477\" /\u003e\n\n## ๐ŸŽฅ Watch Me Build This!\n\n### Part 1 \n๐Ÿ‘‰ **[Watch Me Build This!](https://www.loom.com/share/d05bc2aa88bc4d8d98b1a178d7377cb6)**\n\n### Part 2 \n๐Ÿ‘‰ **[Watch Me Build This!](https://www.loom.com/share/131b286744154eee9d83d29234d7f06b)**\n\n\n\n\u003e This project is demonstrated through a short Loom video, showing the full build, verification in the Azure Portal, and complete teardown.\n\n---\n\n## ๐Ÿš€ Overview\n\nThis project provisions a complete Azure environment using **Terraform Infrastructure-as-Code (IaC)**.\n\nThe deployment includes:\n\n- Resource Group \n- Virtual Network (VNet) \n- Subnet \n- Network Security Group (NSG) with SSH rule \n- Public IP (Standard SKU) \n- Network Interface (NIC) \n- Storage Account (with globally unique name) \n- Linux Virtual Machine (Ubuntu 22.04, password authentication)\n\nIt demonstrates the full lifecycle:\n\n**Deploy โ†’ Verify โ†’ Destroy**\n\n---\n\n## ๐Ÿงฑ Architecture (Conceptual)\n\nThe Terraform config creates:\n\n- A Resource Group as the container \n- A VNet + Subnet for networking \n- An NSG with an inbound SSH rule on port 22 \n- A Standard Public IP for external access \n- A NIC attached to the subnet and public IP \n- A Storage Account for general/infra usage \n- A Linux VM running Ubuntu 22.04\n\n---\n\n## ๐Ÿ“‚ File Structure\n\n```text\nterraform-azure-core-infra/\nโ”œโ”€โ”€ main.tf\nโ”œโ”€โ”€ variables.tf\nโ”œโ”€โ”€ outputs.tf\nโ”œโ”€โ”€ README.md\nโ””โ”€โ”€ LICENSE\n```\n๐Ÿ› ๏ธ How to Use This Project\n1. Prerequisites\n\n - Terraform installed\n\n - Azure CLI installed\n\n - An Azure subscription\n\n - Logged in via az login\n2. Initialize Terraform\n ```text\n terraform init\n```\n3. Format and Validate\n```text\nterraform fmt\nterraform validate\n```\n4. Preview the Plan\n```text\nterraform plan -out tfplan\n```\n5. Apply the Deployment\n```text\nterraform apply tfplan\n```\nAfter this, youโ€™ll have:\n\nResource Group: rg-coretf-lab\n\nVM: coretf-vm\n\nVNet, Subnet, NSG, NIC, Public IP, Storage Account\n6. Destroy the Environment\n```text\nterraform destroy -auto-approve\n```\nThis removes all resources that were created by this configuration.\n\n\n---\n\n๐Ÿงช Troubleshooting Notes\n\nThese are real issues encountered and resolved while building this lab:\n\nPublic IP SKU Error\n\nFree-tier subscriptions often do not allow Basic IPv4 public IPs.\n\nFix:\nUse\n sku = \"Standard\" for azurerm_public_ip.\n---\nStorage Account Name Error\n\nStorage account names must:\n\nBe all lowercase\n\nUse only letters and numbers\n\nBe globally unique\n\nBe 3โ€“24 characters long\n\nFix:\nRemoved the dash and appended a random string:\n\n```text\ncoretfstorage${random_string.storage_suffix.result} \n```\n---\nSSH Key Path Error\n\nTerraform couldnโ€™t find the SSH key file referenced in the config.\n\nFix (for this lab):\nSwitched to password authentication to keep the demo simple and focused on Terraform.\n\n---\n\nResource Renaming/Recreation\n\nChanging naming (like name_prefix or hardcoded names) can cause Terraform to destroy and recreate resources.\n\nFix:\nAccepted as normal behavior when refactoring; Terraform handled the replacements automatically.\n\n---\n\n## ๐Ÿง  What I Learned\n\nThis project helped me practice how real infrastructure is deployed in an enterprise setting. \nUsing Terraform forced me to think in terms of desired state, version-controlled configs, and repeatable builds instead of clicking around the Azure Portal.\n\nWorking through naming constraints, SKU limitations, and resource recreation showed how cloud teams handle real Azure errors and refactor infrastructure safely. \nDeploying, validating, and destroying the environment reinforced the full IaC lifecycle โ€” which is exactly how production teams avoid configuration drift.\n\n\n\n## ๐Ÿ”ง How This Applies in Real Cloud Work\n\nIn enterprise environments, Terraform is essential for:\n\n- Enforcing consistent resource standards across environments \n- Automating Azure deployments with predictable outputs \n- Rebuilding or scaling environments quickly \n- Preventing manual mistakes common in portal-driven setups \n- Managing cloud infrastructure as code through Git workflows \n\nThis lab reflects the same workflow used by Cloud, DevOps, and Platform Engineering teams in real organizations.\n\n---\n\n๐Ÿ“ฆ Full Terraform Configuration\n\nBelow are the three main Terraform files used in this project for quick reference.\n\nmain.tf\n```text\n\nterraform {\n required_version = \"\u003e= 1.3.0\"\n\n required_providers {\n azurerm = {\n source = \"hashicorp/azurerm\"\n version = \"~\u003e 3.0\"\n }\n random = {\n source = \"hashicorp/random\"\n version = \"~\u003e 3.0\"\n }\n }\n}\n\nprovider \"azurerm\" {\n features {}\n}\n\n# Random suffix for globally unique storage account name\nresource \"random_string\" \"storage_suffix\" {\n length = 5\n upper = false\n special = false\n}\n\n# Resource Group\nresource \"azurerm_resource_group\" \"rg\" {\n name = \"rg-coretf-lab\"\n location = var.location\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Virtual Network\nresource \"azurerm_virtual_network\" \"vnet\" {\n name = \"coretf-vnet\"\n address_space = [\"10.0.0.0/16\"]\n location = azurerm_resource_group.rg.location\n resource_group_name = azurerm_resource_group.rg.name\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Subnet\nresource \"azurerm_subnet\" \"subnet\" {\n name = \"coretf-subnet\"\n resource_group_name = azurerm_resource_group.rg.name\n virtual_network_name = azurerm_virtual_network.vnet.name\n address_prefixes = [\"10.0.1.0/24\"]\n}\n\n# Public IP (Standard SKU)\nresource \"azurerm_public_ip\" \"pip\" {\n name = \"coretf-pip\"\n location = azurerm_resource_group.rg.location\n resource_group_name = azurerm_resource_group.rg.name\n allocation_method = \"Static\"\n sku = \"Standard\"\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Network Security Group\nresource \"azurerm_network_security_group\" \"nsg\" {\n name = \"coretf-nsg\"\n location = azurerm_resource_group.rg.location\n resource_group_name = azurerm_resource_group.rg.name\n\n security_rule {\n name = \"Allow-SSH\"\n priority = 1001\n direction = \"Inbound\"\n access = \"Allow\"\n protocol = \"Tcp\"\n source_port_range = \"*\"\n destination_port_range = \"22\"\n source_address_prefix = \"*\"\n destination_address_prefix = \"*\"\n }\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Network Interface\nresource \"azurerm_network_interface\" \"nic\" {\n name = \"coretf-nic\"\n location = azurerm_resource_group.rg.location\n resource_group_name = azurerm_resource_group.rg.name\n\n ip_configuration {\n name = \"internal\"\n subnet_id = azurerm_subnet.subnet.id\n private_ip_address_allocation = \"Dynamic\"\n public_ip_address_id = azurerm_public_ip.pip.id\n }\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Attach NSG to NIC\nresource \"azurerm_network_interface_security_group_association\" \"nic_nsg\" {\n network_interface_id = azurerm_network_interface.nic.id\n network_security_group_id = azurerm_network_security_group.nsg.id\n}\n\n# Storage Account (name corrected for Azure rules)\nresource \"azurerm_storage_account\" \"sa\" {\n name = \"coretfstorage${random_string.storage_suffix.result}\"\n resource_group_name = azurerm_resource_group.rg.name\n location = azurerm_resource_group.rg.location\n account_tier = \"Standard\"\n account_replication_type = \"LRS\"\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n# Linux VM (Ubuntu, password auth)\nresource \"azurerm_linux_virtual_machine\" \"vm\" {\n name = \"coretf-vm\"\n resource_group_name = azurerm_resource_group.rg.name\n location = azurerm_resource_group.rg.location\n size = \"Standard_B1s\"\n\n admin_username = var.admin_username\n admin_password = var.admin_password\n disable_password_authentication = false\n\n network_interface_ids = [\n azurerm_network_interface.nic.id\n ]\n\n os_disk {\n caching = \"ReadWrite\"\n storage_account_type = \"Standard_LRS\"\n }\n\n source_image_reference {\n publisher = \"Canonical\"\n offer = \"0001-com-ubuntu-server-jammy\"\n sku = \"22_04-lts\"\n version = \"latest\"\n }\n\n tags = {\n environment = \"lab\"\n project = \"terraform-azure-core-infra\"\n }\n}\n\n```\nvariables.tf\n\n```text\nvariable \"name_prefix\" {\n description = \"Prefix for all resources\"\n type = string\n default = \"coretf-\"\n}\n\nvariable \"location\" {\n description = \"Azure region for all resources\"\n type = string\n default = \"eastus\"\n}\n\nvariable \"admin_username\" {\n description = \"Admin username for the VM\"\n type = string\n default = \"azureuser\"\n}\n\nvariable \"admin_password\" {\n description = \"Admin password for the VM\"\n type = string\n default = \"SomeP@ssw0rd123!\"\n}\n\n```\noutputs.tf\n\n```text\noutput \"resource_group_name\" {\n description = \"Name of the deployed resource group\"\n value = azurerm_resource_group.rg.name\n}\n\noutput \"vm_public_ip\" {\n description = \"Public IP assigned to the Linux VM\"\n value = azurerm_public_ip.pip.ip_address\n}\n\noutput \"storage_account_name\" {\n description = \"Name of the deployed storage account\"\n value = azurerm_storage_account.sa.name\n}\n```\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprincecloudops%2Fterraform-azure-core-infra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprincecloudops%2Fterraform-azure-core-infra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprincecloudops%2Fterraform-azure-core-infra/lists"}