When testing deployment of resources in release pipelines, the resource groups need to be cleaned after you are done testing the deployment of the resources. In many scenarios you do not want or have no rights to remove the resource group it self. For removing the resources in the resource group you can use the VSTS task clean resources. This tasks removes all resources in a resource group.
Keep your deployment secret secure in the key vault when using ARM templates to deploy into Azure
When creating new resource in Azure that have secrets like passwords or ssl certificates you can securely save them in the Key Vault and get them from the Key Vault when you deploy. Only the people who need access to the secrets can read and write them to the Key Vault. In a infrastructure as code scenario the secrets are supplied when deploying your templates to Azure. The code it self will be free of secrets.
Continue reading “Keep your ARM deployment secrets in the Key Vault”
When creating reusable ARM templates you have a number of options on how to manage conditional parts in your templates. The smallest conditions can be done by parameters, medium differences can be done by t-shirt sizes and large differences by linked templates. In this blog post I’ll show how to use implement conditions by linked templates.
Continue reading “Conditional parts in ARM Templates”
Protect your data at rest with disk encryption on Linux VMs and deploying them as Infrastructure as Code.
Gerenate ARM NSG rules to allow access to an Azure Datacenter
In some Azure environments the organization limits the outbound internet traffic from their servers. There are scenarios where you need to access Azure PAAS services (blob storage, or Azure SQL database etc.). You have to block the access to the internet and enable access to the Azure IP ranges Microsoft reserved for a specific Azure datacenter. To be able to access the service I made a script that will generate the Network Security Groep Rules in ARM format to give access to Azure services.
Continue reading “Access Azure PAAS without internet access”
Create known configuration in your ARM templates with T-shirt sizes
A good way of keeping on top of the configurations deployed in your Azure environment can be done by using T-shirt size configurations. T-shirt Sizes are known working configurations for your ARM templates. By using a T-shirt Size you can take away the complexity from the ARM template consumers. A sample of a T-shirt Size can be a Small, Medium of Large offering from a resource.
In this blogpost I want to show how you can use T-shirt Size configuration in an ARM template. The idea is to deploy a website where you hide all the size setting behind a Small, Medium of Large sizing. The consumer only has two parameters to start the deployment:
Continue reading “Creating a T-shirt size ARM template”
Terraform is able to generate graph files in dot (graph description language) format from your deployment plan. With some tooling the dot files be generated into image files. This makes reviewing and talking about Terraform templates easier. You are able to review a visual graph before deployment.
Continue reading “Visualizing your cloud resources with dot and Terraform”
Quick guide to deploy “hello world” with Terraform on AzureRM
When reviewing possible for creating declarative infrastructure, I looked at Terraform. In this blog post I show how easy it is to get started and create AzureRM resources with Terraform.
Continue reading “Getting started with Terraform on Windows and Azure”