I have few resources in AWS which are launched using Terraform and some of them are manual create using AWS console. Some of the resources are launched using Cloudformation template.
I know Cloudformation designer gives you visualization of cloudformation templates. Terraform graph can provide dependent resources diagram too.
But can any service within AWS provide complete architecture and resources and dependencies for all resources launched either via CFT, Terraform or manual launch?
any service within AWS provide
There is no such AWS service or tool. There used to be AWS CloudFormer which could help a bit with this, but its not maintained any more.
Instead, as indicated in comments, you could use former2 which is a third party tool. former2 does not generate visualizations, but can reveres-engineer CFN templates from existing resources. Once having these templates you can try CFN designer to visualize them.
Related
When working with Terraform, what features of Azure services are there that cannot be scripted in Terraform or require embedding ARM?
Currently, there is no resource to create Data Sync Group in Azure using Terraform
An ARM template configures the Azure PaaS resources to send their diagnostic data to Log Analytics. There is no functionality for this in Terraform when used with Azure
There is a zone to zone disaster recovery for Azure VM but terraform only provides single instance and target availability set in the azure site recovery
Almost all the new features added in Azure cannot be created using Terraform
The landscape for both Azure and Terraform is constantly changing, so it would not make much sense to list what is supported/not supported in a Stack Overflow context.
I have been working with Terraform in Azure for more than 5 years, and the AzureRM provider is being updated almost on a biweekly basis. In general, it is very much up to date - not only with new resources and data sources that are being added constantly but also updates on existing components functionality and when the Azure API changes. This provider rocks!
Take a look at the changelog here to get an overview of the intense activity on the AzureRM provider: https://github.com/hashicorp/terraform-provider-azurerm/blob/main/CHANGELOG.md
I believe that instead of asking what is not supported, take a look at the landscape you want to create, and see if the components exist in the documentation, which is very good IMO. I think that the latest AzureRM provider (2.91.0) has around 950+ resources and data sources.
Documentation: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
Usually, when something does not exist there will be an issue in the Github repo. E.g. to follow the example that #RamaroAdapa-MT mentions, you can find the issue here (by a simple Google search):
https://github.com/hashicorp/terraform-provider-azurerm/issues/6425
Looking through that, you can see the the reason is actually not a Terraform AzureRM provider issue, but lack of support in the Azure API:
https://github.com/Azure/azure-rest-api-specs/issues/11061
We have set up small dev platform on azure which includes servers(sql server, web server) and azure ML. These are protected by azure VPN gateway. Below are the list of azure components we created and configured . Currently we don't need the dev platform to be available but we will need it after 6 months . so is there any way we could take this complete setup as snap shot and store as image or images so that when we need we can just restore it with out doing much configuration
dev platform components to archive and restore
Virtual networks , sub nets, dns, firewalls
VPN gateway , configuration
VM with os and server setup
sql server with data
subscription with custom roles, assignments, cost alerts , dashboards etc
if this is not possible then what are the alternatives
regards,
Suman
Have a look at the different Infrastructure as Code options that are available. Easiest way to 'export' the current situation is to generate an ARM template of the needed resources by going to the resource group and clicking Export template under Automation.
To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates (ARM templates). The template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. The template uses declarative syntax, which lets you state what you intend to deploy without having to write the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.
To increase the functionality options you have, have a look at Azure Bicep.
We've introduced a new language named Bicep that's used to develop ARM template JSON. Bicep files and JSON templates offer the same capabilities. You can convert templates between the two languages. Bicep provides a syntax that's easier to use for creating templates.
and also
Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. We believe Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.
Be advised: this is meant for the resources and their configuration of your environment. For the data side of things, save and/or export the data somewhere you can restore it from easily like Azure Storage.
I am trying to use Terraform to create a Service fabric cluster in Azure.
I have created configurations for the follwoing resources using a template provided by Tvo https://github.com/TrevorVonSeggern/ServiceFabric_Terraform
This will create the reasorces in Azure however the SFC just sits on "Deploying" and the Nodes themselves never display.
There seems to be a distinct lack of configuration resources for creating a Service fabric cluster using Terraform and HashiCorp's documentation on this resource example is not as in depth as for other resources.
Provisioning with Powershell is easier as more resources to guide.
If anyone has any working examples please can you share them?
Thanks
I have managed to deploy this successfully by deploying and then going through the extensions in the ARM template. Then adding (in JSON string) in the Terraform config for VMSS
Could not find anywhere in the Terraform documentation on this resource to assist with this.
For provisioning AWS services(EC2/R53/VPC/S3/..), technology like Terraform have unreliable approach in terms of performing rollback, error handling etc.
AWS CloudFormation templates address these problems.
CloudFormation templates are used for both provisioning of aws services(like EC2/VPC/r53/S3/...) and configuration of every service.
Additionally this template approach should easily fit into scripted pipeline using Jenkins.
What is the approach for provisioning and configuration of services in Azure cloud?
Its called Azure Resource Manager (Peter gave a helpful link in the comments). You will interact with ARM through Azure powershell, Azure Cli, ARM Templates, different SDK's or just plain rest calls to create resources.
ARM Templates are the closest thing you can get to CloudFormation templates, but they dont really have all the features of CloudFormation templates.
For example, there is no preview of the changes that will happen before you run the template. some services can not be configured with ARM Templates (or some of the properties cannot be configured).
I have a wonderful terraform plan that perfectly describes my infrastructure in Google Cloud Platform, however, I have a problem: since my repository isn't perfectly private, some steps of my plan are encrypted and must be decrypted using Google Key Management Service.
This means my plan must be broken down into two terraform phases:
Setup the Google Cloud Project and create a Key Ring and Key (after this, I encrypt secrets and put them in a variables.tf file)
Apply the entire plan.
Does Terraform support a way to break down my plan into phases? How should I go around implementing this?
Though terraform enables us to automate the resources creation, some preliminary steps need to be done manually, like account creation, billing setup, etc. Similarly for Google cloud setup, the project needs to be created prior running terrform scripts since terraform google provider requires the project details.
The project creation and terraform variables for the keys (as environment variables) can be generated through shell scripts. Then the shell script and the terraform scripts can be sequenced in execution using a make file.
The below link might be helpful for you to create GCP project through shell scripts.
https://medium.com/google-cloud/how-to-automate-project-creation-using-gcloud-4e71d9a70047