Use Existing Resources with Data Sources in Terraform and Azure

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video we use existing azure resources as part of a terraform deployment [Music] if you use terraform for long enough you'll run into an instance where you need to use an existing resource that's not managed by terraform as part of the terraform deployment a common example is using a existing virtual network when deploying a network-enabled resource a virtual machine for example this video is going to demonstrate how to use existing resources with terraform before that please like subscribe share with a friend and let me know what you think in the comments below get early access to videos with a membership option and check out my courses on hybrid identity and azure virtual desktop at udemy.com the link is below there are two options for using resources created by some means other than terraform import and data source import as the name implies imports infrastructure into terraform management import adds resources to the deployment state with the expectation that it'll be managed by terraform going forward data source or just data allows terraform to define and use infrastructure created outside of the current deployment it could have been deployed as part of another terraform deployment or using some other process like the portal or arm templates the key difference is that with data the source does not become managed by terraform or part of any terraform state the data block simply points to existing infrastructure so we can reference the resource in the deployment the rest of this video will focus on data source the data block is used to read data from an existing source this is a read-only action we're not modifying the data at all also the data resource is refreshed every time terraform plan is ran we're going to create a data resource in the demo coming up the goal of the demo is to create a vm that will attach to an existing subnet we'll also use the feature block to define the behavior of the vm implementation use a sensitive argument to hide passwords and review a tfrs file the code used in this demo is available on github the link is below let's get started in vs code here we are in vs code if you're just getting started with terraform and etcher check out the playlist and the prior videos on terraform the link is on your screen i already have a module defined that creates a vm it's a pretty simple example the module name is winserver the main.tf file starts by creating a network interface or nic the vm name is used with hyphen nick appended to the end for the name of the network interface card notice var dot subnet id we have to have a subnet to attach the nick to we'll come back to that shortly next we have a series of settings for the vm resource group location size and admin username and password the rest is hard coded but it could be changed to a variable if needed let's look at the variables for this module i'm not going through each one but if we go down to admin password notice it has the sensitive argument and that's set to true sensitive set to true prevents the password from displaying on the screen during deployment kind of a security by obscurity setting not only will it prevent it from displaying on the screen if you're using terraform with automation it could prevent passwords from getting written to log files in plain text let's take a look at the outputs we'll output the vmid and the vmip address when deployed let's close all the module files and go to the root directory here we have the inputs.tf outputs.tf main.tf and a terraform.tf vars file let's start with the main.tf file we have the terraform block just like all the other videos as well as the provider block the provider block though is different it has a virtual machine feature set these features tell terraform to delete the os disk when we run the destroy command we could set this to false so the virtual disk is preserved there's also a setting that will not require a shutdown to delete a vm this way the vm is deleted no matter what the power state the available features for the provider block can be found in the terraform documentation from azure rm we'll go into documentation we can go to argument reference features here are all the feature blocks available with the azure rm resource provider if we go to virtual machines here we can find details for each of the settings for the example we're using delete os disk on deletion and skip shutdown and force delete let's go back to vs code next we have the resource group the name and location is hard-coded that could be set as a variable if needed after that we have the data block let's go back to the documentation and take a look at how to configure data blocks here we are back in the azure rm provider and if we type subnet we have the resources up top that's what we'd use to create a new subnet at the bottom we have data sources and azure subnet under that this is where we find the settings required to read data from existing infrastructure it also shows an example of how we can output that data let's go back to vs code here we have the data source for an azure subnet that has the local name vm subnet we pass in the existing subnet name that's the azure name of the subnet we'll attach the nic to it also needs the virtual network name the virtual network that the subnet belongs to and the resource group name for that virtual network now if we look at the vm module that we're going to call we can see the last line references the subnet id of the subnet data source that will pass in the subnet id of the existing subnet the virtual machine network card will attach to we do have a few variables in this root module let's take a look at that we have the subnet information as well as the admin password that password variable is also set to sensitive the password is passed into the vm module when it's called one item that's different from the other videos is there's no default value for these variables instead of default values i created a terraform.tfvars file this is a file that supplies values to all those variables so why not just use default values in the input file generally you don't want to supply default values for variables in a module that makes the variables optional for this example we wouldn't want to use a default for the subnet settings because that would likely be wrong if used in a different environment also if you're using git for source code control we can prevent the tf vars file from getting pushed into source control with a get ignore file so why would that be important notice i supplied a password in the tfrs file it's bad practice to keep passwords and plain text in source control especially if it's a public repo the tfvrs file along with getignore is a strategy for protection against password leaks one last item we passed the vmid and ip address back to the root module with an outputs.tf file we also created an output file in the root module to pass those values to the terminal okay let's open up the terminal and run terraform init and terraform plan there's the output from terraform plan notice the value for the vmid and the vmip will show after terraform apply let's also look at the password here it shows the admin password as a sensitive value so it's not displaying the actual password we passed in that all looks good let's run terraform apply and this will take a few minutes to finish i'll pause here and come back once it's done there it is we have the vm id as well as the ip address that ip address is from the existing subnet we attach the network card to we now have a vm deployed with terraform connecting to an existing v-net that's outside of the terraform state i hope this helps you better understand the data source and terraform with azure don't forget to like and subscribe and thanks for watching
Info
Channel: Travis Roberts
Views: 12,298
Rating: undefined out of 5
Keywords: Data, data source, data resource, data resource block, sensitive, Modules, outputs, outputs.tf, terraform outputs, terraform modules, Terraform.tfvars, .tfvars, variables, terraform variables, terraform var, Azure, Azure CLI, IaC Terraform, Terraform Registry, VSCode, Terraform for Azure, registry, .tf, HashiCorp, workflow, Terraform Resource, .terraform, Terraform Write, Terraform Plan, Terraform Apply, Terraform Destroy, main.tf, terraform tutorial, terraform training, Terraform Examples
Id: QrSfASpVE14
Channel Id: undefined
Length: 9min 11sec (551 seconds)
Published: Sun Jan 02 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.