I'm excited to announce that, continuing my journey since 2017, I will be speaking at the Azure Global Bootcamp 2025 on May 8- 10. This year, I’m eager to share more insights and learnings with the Azure community. Join me as we dive into the latest Azure advancements and tackle current tech challenges together.
27 posts tagged with "IaC"
View All TagsReading Bicep parameter files with PowerShell
Bicep parameter files allow you to define values in an individual file that are then passed to your main Bicep Templates file. The parameter file exposes values that may change from a given subscription, environment, and/or region. Leveraging a parameter file drives consistency in your IaC deployments while providing flexibility. For example, an organization can use these files to right-size nonproduction environments to save costs while maintaining the same core infrastructure across all deployments.
In addition, these parameter files streamline the CI/CD deployment process. Since each parameter file is under source control and passed into the appropriate automated deployment steps, they ensure a consistent and repeatable deployment experience. In this article, we will explore how to create, read, and use a Bicep parameters file via PowerShell.
Leveraging Bicep deployer for Automated RBAC Assignments
Hello Folks,
Today, I'll go through a topic that I believe is a real time-saver—one that keeps automation running smoothly and ensures it's effectively integrated into bicep templates. In this article, I'll share my experience with the Bicep deployer() function. I’ll explain how it streamlines the process of provisioning resources like Azure Key Vaults while automating RBAC-based access.
What Is the deployer Function?
The deployer() function in Bicep returns details about the identity executing the deployment. Essentially, it tells you which service principal or managed identity is running your deployment. I find this incredibly useful because it allows me to reference the deployer’s identity directly in my templates—ensuring that the correct permissions are automatically applied without hardcoding any object IDs for the deployments.
Example output of the deployer() function looks like this:
{
"objectId": "12345678-1234-1234-1234-123456789abc",
"tenantId": "87654321-4321-4321-4321-cba987654321"
}
Global Azure 2024 - Istanbul | Session Recording Available!
Following an amazing session at Global Azure 2024 - Istanbul, I’m happy to share the recording of my talk, "Deployment stack with Bicep – Insights and Experiences". Whether you attended live or couldn’t make it, you can now watch the full session at your convenience.
🎥 Watch the Recording Here:
Global Azure 2024 - Istanbul
I'm excited to announce that, continuing my journey since 2017, I will be speaking at the Azure Global Bootcamp 2024 on April 18-20. This year, I’m eager to share more insights and learnings with the Azure community. Join me as we dive into the latest Azure advancements and tackle current tech challenges together.
Terraform in GitHub Codespaces
I really like the idea of GitHub Codespaces. It is a cloud-based development environment that you can access from anywhere. This approach allows you to develop applications without the need for installing or configuring dependent services or tools locally, providing developers with a uniform method for working on applications and scripts.
Given my passion for Infrastructure as Code (IaC), I wanted to show how I could use GitHub Codespaces to work with Terraform. Before we start, let's take a look at the prerequisites:
- A GitHub account
- You can start with a free account with 60 hours of usage per month for GitHub Codespaces
🧑💻Create a new repository
First, create a new repository in your GitHub account. You can name it whatever you want. I named mine terraform-codespaces
.
After creating your repository, look for the Code
button and click on it, then choose Codespaces
. Next, you'll notice an ellipsis; clicking on this opens the Codespace repository configuration
page. Here, you'll find a Configure dev container
button—go ahead and click on it.
💥Configure dev container
In the Configure dev container
page, you will see devcontainer.json file is opened and on the right and side you will see marketplace. Search for Terraform
and select the Terraform
extension.
After adding the Terraform features in the devcontainer.json
file, you can save and commit the changes.
{
"image": "mcr.microsoft.com/devcontainers/universal:2",
"features": {
"ghcr.io/devcontainers/features/terraform:1": {}
}
}
Now, return to the Codespaces
section and click on the New codespace button to proceed.
While your Codespace is being created, you see the progress. Once the setup is complete, you'll find yourself in Visual Studio Code with the Terraform CLI installed.
✨Wrapping up
To confirm the Terraform installation, run the terraform --version
command in the terminal, which will display the version of Terraform installed in your Codespace. With this, we've successfully equipped a GitHub Codespace with Terraform, enabling on your Terraform projects without installing Terraform locally. That's it for this post. GitHub Codespaces is a fantastic tool for developers.
SFTP Users for Storage Accounts - Part 3
Welcome the third part of the blog series SFTP Users for Storage Accounts. In the previous blog post SFTP Users for Storage Accounts - Part 2, we have created containers and local users for the SFTP access. In this blog post, we will use the Azure API to generate the sftp credentials for the local users.
SFTP Users for Storage Accounts - Part 2
Welcome back folks! In the previous blog post SFTP Users for Storage Accounts - Part 1, we have created a Bicep template to deploy an Azure Storage Account and initialize the blob service. In this blog post, we will continue to extend the Bicep template to create containers and local users for the sftp access.
SFTP Users for Storage Accounts - Part 1
Hello Folks,
I'm here to talk about an interesting topic today. I will be sharing my experience on how to create SFTP users for Azure Storage Accounts. This is a three-part series. In this first part, we will cover the basics of SFTP and how to create an SFTP user for an Azure Storage Account using Bicep. In the second part, we will discuss how to create a password for the SFTP user and how to use it to connect to the Azure Storage Account.
Working with Bicep CIDR Functions - Part 2
In the previous blog post, we left out an example where we have parameters for vNetAddress
, vSubnetCount
, and vSubnetRange
. I would like to show how the deployment looks like when we use what-if and how the output looks like.
Our requirement was to create a virtual network with a given address space and a given number of subnets. We also wanted to specify the range of subnets. We used the cidrSubnet
function to create the subnets.