Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/navicore/azure-jsonnet-terraform-example
https://github.com/navicore/azure-jsonnet-terraform-example
azure infrastructure-as-code jsonnet terraform
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/navicore/azure-jsonnet-terraform-example
- Owner: navicore
- Created: 2017-07-22T21:14:43.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2017-08-28T18:41:00.000Z (about 7 years ago)
- Last Synced: 2023-03-23T00:47:17.059Z (over 1 year ago)
- Topics: azure, infrastructure-as-code, jsonnet, terraform
- Language: Shell
- Size: 237 KB
- Stars: 7
- Watchers: 2
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
Terraform with Jsonnet for Azure VNets w/ Bastion
---------
An example of using terraform to call Azure APIs to provision a vnet with
subnets, network security groups, and a bastion host.
# QUICK START
1. Create a service principal if you haven't already
```console
az ad sp create-for-rbac -n "mycloud-1-sp" --role="Contributor"
```
1. Set env vars
```bash
export ARM_SUBSCRIPTION_ID=
export ARM_CLIENT_ID=
export ARM_CLIENT_SECRET=
export ARM_TENANT_ID=
```
1. Create `config.jsonnet` by copying and editing `config.bastion.example.jsonnet`
1. Generate Terraform JSON
```console
./build.sh
```
1. Deploy to Azure
```console
./deploy.sh
```
The above steps generate this network:
Above diagram created by [azuml](https://github.com/navicore/azuml).
# WHY
I recently had to add a lot of NSG rules to a Terraform HCL + Azure project.
The resulting HCL was verbose and riddled with rule name and rule priority
conflicts.
I realized I had to invest more of my time to learn HCL better to make the code
correct and maintainable or find a new way to express the rules. I considered
three options: work smarter with HCL, write a code generator app that wrote HCL
from a config file - ie: create my own DSL, or try
[jsonnet](http://jsonnet.org/). jsonnet met my needs and I can use it for
other purposes such as creating Kubernetes yaml.
The Terraform tool is still extremely valuable without HCL. While I don't use
any HCL language features in this demo, I do use Terraform interpolation syntax
for resolving the "not known until deployment" attributes.