I have a custom dsc resource that manages Data Execution Prevention using BCDEDIT. I have to manage it using puppet enterprise and I am a newbie when it comes to puppet. Can anyone tell me where do i need to place the custom dsc resource and how do i call it in my puppet class ?
This documentation from PuppetLabs should help https://github.com/puppetlabs/puppetlabs-dsc/blob/master/README.md
Related
I want to assign an azure blueprint to management group scope.
Since "azurerm_blueprint_assignment" command doesn't support mg level blueprint assignment. Reference : https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/blueprint_assignment
I'm considering to test assigning a blueprint using "azurerm_management_group_template_deployment" command.
As stated here https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_group_template_deployment , terraform supports ARM Template deployment to management scope.
Does anyone tried this method?
If so, I would like to take opinions about whether is it a convenient way of deploying blueprints?
A few highlight as follows;
What could be possible risks and drawbacks?
Is it be possible to provide blueprint parameters individually and retrieve the parameters?
Thanks in advance,
I'm trying to enable "automaticRepairsPolicy" for my azure VMSS via terraform. I can't find the right option in azurerm documentation. Is there another way how to enable it? Maybe by creating a policy or adding an extension?
I'm grateful for any help!
You are using a deprecated resource azurerm_virtual_machine_scale_set
As documentation says, rely on one of the below resources::
azurerm_linux_virtual_machine_scale_set for linux VMSS
azurerm_windows_virtual_machine_scale_set for windows VMSS
Above resources have automatic_instance_repair block where you can set them accordingly.
When I run terraform apply -auto-approve I get the following error:
Error: A resource with the ID "/subscriptions/.../resourceGroups/RG-SCUSTFStorage" already exists - to be managed via Terraform this resource needs to be imported into the State. Please see the resource documentation for "azurerm_resource_group" for more information.
I underestand that I need to run terraform import to import the resource to my worksapce. The problem is that I need to specify the resource id for all of the missing resources one at a time.
Is any way to have terraform import import all of the "already exists " resources automatically witout entering the resource IDs one at a time?
Unfortunately, you only can import the existing resources one by one with the resource IDs manually:
The import command doesn’t automatically generate the configuration to
manage the infrastructure, though. Because of this, importing existing
infrastructure into Terraform is a multi-step process.
More details here. I will suggest you use remote state storage for all the Terraform scripts before deployment. If you do not have the state file that contains all the deployed resources, then you only can import them one by one.
If you are looking to import Azure resources then aztfy is the recommended tool as it is natively from Azure.
It does generate the terraform code, additionally, it has a feature where you can import the azure resource group, it automatically imports and generates config for the resources that the resource group is holding.
Not to mention but the tool gives you a nice terminal-based-UI experience.
For other hyperscalers, there are two choices.
terracognita : can generate modules too as per their docs.
terraformer : Developed by Google people but not official product.
There isn't a native way in Terraform to import already existing resources, however, there are a couple of tools available that allow you to not only import the resources but also generate Terraform code for them if it doesn't already exist.
For Azure, the best tool to use is Azure-built AZtfy. A tool to bring your existing Azure resources under the management of Terraform.
Another tool to that can be used to import Azure resources is Google Cloud Terraformer which supports Azure.
is there any code generator for Azure Terraform?
Actually i am trying to add Azure app service to existing resource group. For this we need a state configuration file, which can be generated only ( Terraform import ) if we have full Terraform code already written for that resource group.
I saw, Using Terraform to import existing resources on Azure and Update existing app service with Terraform ,but here i am talking about the thousands of resource groups.
Thanks
Gill
You would, to my knowledge, need to use terraform import against all of the existing resources that you have / want to consumse via terraform.
In saying that if you only want to manage the Azure App Service with Terraform and not everything else you can just simply pass all the requirements for the resource in and only manage this in the terraform state file.
Hi Lachie thanks for reply, I Found the solution using AZ2TF tool.
Thanks to Mr Agarciamiravet, who explained all the steps to use AZ2TF tool ( by using Docker) at
https://recetasdevops.com/migra-tu-infraestructura-actual-de-azure-a-terraform-con-py-az2tf/
this worked very well for me.
Thanks
Gill
I am trying to replicate an existing Azure resource group using arm templates from the automation script section but running into a warning message about 10 resources types cannot be exported yet. One being Azure data factory. After searching online I found that templates for some resource types are not yet available. While looking at the Deployment section in my resource group, I am able to see a deployment details download link for each resource.
Can those be used to recreate each resource into a new resource group? Or is my best bet downloading the template from the automation script section and manually adding the resources for which the template are not yet available?
Any help would be appreciated.
Some of the warnings I got:
ResourceTypeSchemaNotFound:
***The schema of resource type 'Microsoft.DataFactory/dataFactories' is not available. Resources of this type will not be exported to the
template. (Code: ResourceTypeSchemaNotFound, Target:
Microsoft.DataFactory/dataFactories
ExportTemplateProviderError: all related to sql server
***Could not get resources of the type 'Microsoft.Sql/servers/connectionPolicies'. Resources of this type
will not be exported. (Code: ExportTemplateProviderError, Target:
Microsoft.Sql/servers/connectionPolicies)
***Could not get resources of the type 'Microsoft.Sql/servers/backupLongTermRetentionVaults'
***Could not get resources of the type 'Microsoft.Sql/servers/extendedAuditingSettings'.
The Azure resource group ARM templates from the automation script section are not as comprehensive as they should probably be. For example, it is quite possible to deploy a Data Factory instance from ARM. It provides a reasonable starting point but you will find resources that don't deploy as well as a lot of superfluous cruft.
The approach I take is to start from a clean template in Visual Studio and then construct a project from a blank template or quick-start, then refer to the template documentation and build up from scratch, using your exported ARM template from your resource group to help work out how it should look. This results in a nice clean reusable template project.
Unfortunately I have not found an better way yet.