I am having one resource group in my azure subscription name "demoterraform"
Now I would like to create one windows VM in this resource group, So I don't deploy new VM in existing resource group.
Use the azurerm_resource_group data source.
data "azurerm_resource_group" "demo" {
name = "demoterraform"
}
in the rest of the code you can refer to it with a similar expression data.azurerm_resource_group.demo.id.
Related
I am trying to implement a strategy where I can create a NSG in one Azure subscription and use the same NSG resource to attach to any VMs or NICs created in other subscriptions and resource groups.
How can this implementation work via Terraform where I want to attach a single (default) NSG (created in a separate subscription) to multiple VMs and NICs in other subscriptions?
Default NSG for all Azure Subscriptions via Terraform:
Rules defined for a certain network security group with some network security rules will only apply to that resource group. As a result of this limitation for network security groups, it is not feasible to access an NSG in subscriptions other than the existing ones.
You cannot access an NSG that exists in one subscription in another, even though it is provided in the same region.
If you need to add network security in other subscriptions, you can consider the following methods:
Add multiple subscriptions in provider using alias while deploying Terraform code, as mentioned article by #Jeff Brown.
provider "azurerm"{
alias = "xx"
subscription = "subscription1"
features{}
}
provider "azurerm"{
alias = "xxdev"
subscription = "subscription2"
features{}
}
resource "azurerm_network_security_group" "example"{
//Add configuration
}
Note: Include azurerm providers to deploy the same NSG or any Azure resource across multiple subscriptions provided by subscription Ids.
terraform import can be used to import existing resources from anywhere.
terraform import azurerm_network_security_group.<NSG> <ResourceID>
Output:
I am having my azure infrastructure created using terraform.
Now I want to add few resources to existing resource group.
When I did same it is giving error like resources group is already exists.
How can I refer existing resource and no changes to existing resources and tfstate file.
There is a couple of ways to refer existing resource in Azure without making changes.
Use Terraform import
Use Terraform data resource
Terraform import example:
resource "azurerm_resource_group" "example" {
# ...instance configuration...
name = "MyResourceGroup"
}
Run command: terraform import azurerm_resource_group.example \ /subscriptions/MySubscriptionNumber/resourceGroups/MyResourceGroup
Terraform data resource example:
data "azurerm_resource_group" "example" {
name = "MyResourceGroup"
}
I have created an instance of Azure Kubernetes Service (AKS) and have discovered that apart from the resource group I created the AKS instance in, one more resource group is created for me.
Eg:
My AKS Resource Group: Production_MyAKSInstance
Additional Resource Group: MC_MyResourceGroup-Production_MyAKSInstance_westeurope
Is there a way to rename the Additional Resource Group something like Production_MyAKSInstance_Supportive?
You can't rename it however you can specify a name when you create the cluster.
https://learn.microsoft.com/en-us/azure/aks/faq
By default, AKS will name the node resource group
MC_resourcegroupname_clustername_location, but you can also provide
your own name.
To specify your own resource group name, install the aks-preview Azure
CLI extension version 0.3.2 or later. When you create an AKS cluster
by using the az aks create command, use the --node-resource-group
parameter and specify a name for the resource group. If you use an
Azure Resource Manager template to deploy an AKS cluster, you can
define the resource group name by using the nodeResourceGroup
property.
The secondary resource group is automatically created by the Azure
resource provider in your own subscription. You can specify a custom
resource group name only when you're creating the cluster. As you work
with the node resource group, keep in mind that you cannot:
Specify an existing resource group for the node resource group.
Specify a different subscription for the node resource group. Change
the node resource group name after the cluster has been created.
Specify names for the managed resources within the node resource
group. Modify or delete Azure-created tags of managed resources within
the node resource group.
I am trying to deploy a VM using ARM template and static IP. My vnet is in network resource group and I am creating my NIC in compute resource group with VM. My ARM template is failing because it is trying to search the vnet/subnet under compute resource group while creating VM NIC... How to handle this situation ?
you need to provide the proper resourceId to the NIC while attaching it to the vnet\subnet, like this:
"subnet": {
"id": "[resourceId('resourceGroupName', 'Microsoft.Network/virtualNetworks/Subnets', 'vnetName', 'subnetName')]",
},
where resourceGroupName is the name of the resourceGroup your vnet resides in. you can pick a vnet in a different subscription with this function as well. or you can just "calculate" it with concat function, or outside of the template.
more reading: https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-functions-resource#resourceid
When I try to deploy my solution on MS azure using an existing resource group it gives me an error as follows:
"This resource group contains existing resources.Choose an empty resource group or create a new one".
Can someone point how can I fix the error in CreateUIdefination.json or something else I need to do.
According to the message, we can't create that resource to that resource group which contains existing resources, we should create a new resource group, or use an empty resource group.
As 4c74356b41 said, by default, Azure not support to deploy managed application to resource group with resources.
Please try to use an empty resource group to deploy it.