The latest articles on Forem by Deepak Sharma (@techmademi). https://forem.com/techmademi https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3444954%2F3b4ebd6a-22c3-4c62-88be-78404b18e8da.png https://forem.com/techmademi en Deepak Sharma Thu, 27 Nov 2025 06:17:02 +0000 https://forem.com/techmademi/terraform-azure-infrastructure-modular-architecture-devsecops-291p https://forem.com/techmademi/terraform-azure-infrastructure-modular-architecture-devsecops-291p <h2> Code Structure </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>. ├── azure-pipelines.yml # Azure DevOps CI/CD pipeline ├── main │ ├── main.tf # Module orchestration │ ├── provider.tf # Azure provider configuration │ ├── terraform.tfvars # Input variable values │ └── variable.tf # Module variables ├── modules │ ├── 01_resource_group # Resource Group creation │ ├── 02_storage_account # Storage Accounts │ ├── 03_storage_container # Storage Containers │ ├── 04-Public_IP # Public IP │ ├── 05_Virtual_Net # VNet &amp; Subnets │ ├── 06_sql_server # Azure SQL Server │ ├── 07_sql_database # Azure SQL Database │ ├── 08_net_interface # Network Interfaces │ └── 09_Virtual_Machine # Azure VM └── README.md </code></pre> </div> <h2> 3-Tier Terraform Infra + Azure Pipeline Architecture Diagram </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff0kiqvqzdebj22fmy63j.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff0kiqvqzdebj22fmy63j.jpg" alt=" " width="800" height="480"></a></p> <h3> Git Repository URL: </h3> <p><a href="https://github.com/deepak83s143/3-Tier-Application-Infra-with-SAST-Scanning-Azure-Pipeline.git" rel="noopener noreferrer">https://github.com/deepak83s143/3-Tier-Application-Infra-with-SAST-Scanning-Azure-Pipeline.git</a></p> <h3> Features </h3> <ul> <li>Modular Terraform structure</li> <li>Incremental resource creation</li> <li>Environment-based scalability</li> <li>Azure backend remote state configuration</li> <li>DevSecOps validation:</li> <li>Terraform Validation (terraform validate) <ul> <li>tfsec security scan</li> <li>tflint linting</li> </ul> </li> <li>Manual approval stage before provisioning</li> </ul> <h3> Technologies </h3> <ul> <li>Terraform — IaC provisioning</li> <li>AzureRM Provider</li> <li>Azure DevOps Pipeline</li> <li>tfsec — Static security scan</li> <li>tflint — Terraform linting and provider validation</li> </ul> <h3> Terraform Workflow (Modules) </h3> <p>The root main/main.tf orchestrates creation in dependency order:</p> <ol> <li>Resource Group</li> <li>Storage Account</li> <li>Storage Container</li> <li>Public IP</li> <li>Virtual Network &amp; Subnets</li> <li>SQL Server</li> <li>SQL Database</li> <li>Network Interface</li> <li>Virtual Machine</li> </ol> <p>Each module accepts input variables and returns useful outputs such as IDs, names, and connection objects.</p> <h3> Remote State Backend </h3> <p>Azure backend ensures centralized state storage.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>backendAzureRmResourceGroupName: "ResourceGroupName" backendAzureRmStorageAccountName: "StorageAccountName backendAzureRmContainerName: "StorageContainerName" backendAzureRmKey: "KeyName" </code></pre> </div> <h3> Azure DevOps Pipeline Overview </h3> <ol> <li> <p><strong>Pipeline stages</strong>:</p> <ul> <li>Integration</li> <li>Terraform init</li> <li>Terraform validate</li> </ul> </li> <li> <p><strong>SanityCheck</strong></p> <ul> <li>tfsec security scan</li> <li>tflint recursive lint</li> </ul> </li> <li> <p><strong>CodePlanning</strong></p> <ul> <li>terraform plan</li> </ul> </li> <li> <p><strong>ManualValidation</strong></p> <ul> <li>Manual approval by reviewer</li> </ul> </li> <li> <p><strong>InfraCreation</strong></p> <ul> <li>terraform apply (auto approve)</li> </ul> </li> </ol> <h3> SAST Tools </h3> <p><strong>tfsec</strong></p> <ul> <li>Performs static vulnerability scanning</li> <li>Detects insecure Terraform configurations</li> <li>Ensures cloud compliance</li> </ul> <p>Used with:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>task: tfsec@1 dir: $(System.DefaultWorkingDirectory)/main version: v1.26.0 </code></pre> </div> <p><strong>tflint</strong></p> <ul> <li>Validates wrong resource types, regions, and deprecated resources</li> <li>Provider-specific rule sets</li> </ul> <p>Run manually:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>tflint --recursive </code></pre> </div> <h3> Variables &amp; tfvars </h3> <p>User inputs are stored in:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>main/variable.tf main/terraform.tfvars </code></pre> </div> <p>Examples include:</p> <ul> <li>Resource Group configuration</li> <li>Storage details</li> <li>VNet CIDR blocks and subnet ranges</li> <li>SQL server credentials</li> <li>VM sizing and OS details</li> </ul> <blockquote> <p><strong>Note! :-</strong> Never commit sensitive credentials to Git.</p> </blockquote> <h3> Best Practices </h3> <ul> <li>Follow module boundaries strictly</li> <li>No direct resource creation in main.tf</li> <li>Use tfsec &amp; tflint before merge</li> <li>Always review plan outputs</li> <li>Store secrets in: <ul> <li>Azure KeyVault</li> <li>DevOps Library secure variables</li> </ul> </li> </ul> <h3> Notes </h3> <ul> <li>Designed for IaC repeatability</li> <li>Suitable for multi-environment deployments (dev/stg/prod)</li> <li>Scalable due to isolated Terraform modules</li> </ul> <p>👉 <strong>Follow me on</strong> <br></p> <div class="table-wrapper-paragraph"><table> <tr> <td> <a href="https://github.com/techmademi" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3291%2F3291695.png" alt="GitHub" width="128" height="128"> </a> </td> <td> <a href="https://www.linkedin.com/in/deepak83s143/" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3536%2F3536505.png" alt="LinkedIn" width="128" height="128"> </a> </td> <td> <a href="https://www.youtube.com/@MademiTech" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3670%2F3670147.png" alt="YouTube" width="128" height="128"> </a> </td> </tr> </table></div> terraform devops architecture azure Deepak Sharma Mon, 01 Sep 2025 08:20:33 +0000 https://forem.com/techmademi/azure-pipeline-4mhi https://forem.com/techmademi/azure-pipeline-4mhi <p>Managing infrastructure with Terraform is one of the most common practices in modern DevOps workflows. But when it comes to <strong>automation and governance</strong>, Azure DevOps pipelines make the process much smoother. </p> <p>In this blog, I’ll walk you through a <strong>real-world Azure DevOps pipeline</strong> that deploys Terraform infrastructure to <strong>Dev</strong> and <strong>Prod</strong> environments with <strong>manual approvals</strong> in between.</p> <h3> 🔑 Prerequisites </h3> <p>Before setting up this pipeline, make sure you have the following in place:</p> <ol> <li> <strong>Active Azure Subscription</strong> You need a valid Azure subscription where your Terraform resources will be deployed. </li> <li> <strong>Azure DevOps Account</strong> An Azure DevOps project should be created to host your pipeline and repository. </li> <li> <strong>Self-Hosted Agent Pool</strong> A self-hosted agent is required to run Terraform tasks. This gives more control and avoids limitations of Microsoft-hosted agents. </li> <li> <strong>App Registration with Federated Credentials</strong> Create an App Registration in Azure AD and configure it with <strong>federated credentials</strong>. This will be used as the <strong>Service Connection (SPN)</strong> in Azure DevOps to authenticate Terraform with Azure. </li> <li> <strong>Terraform Code</strong> A working Terraform configuration (with <code>.tf</code> files and <code>.tfvars</code> for Dev and Prod) must be present in your repository. </li> </ol> <h2> 📌 Pipeline Overview </h2> <p>This pipeline is designed with two major stages:</p> <ol> <li> <strong>Dev Stage</strong> → Runs Terraform <code>init</code>, <code>plan</code>, requires manual approval, and then applies changes on the Dev environment. </li> <li> <strong>Prod Stage</strong> → After Dev is successful, it requires another manual approval and then applies changes to the Prod environment. </li> </ol> <p>By using <strong>manual validations</strong>, we ensure that no changes are applied accidentally in production without human approval.</p> <h2> 🔧 Key Features of the Pipeline </h2> <ul> <li> <strong>Multi-stage deployment</strong> → Dev first, then Prod. </li> <li> <strong>Terraform AzureRM backend</strong> → Stores the Terraform state in an Azure Storage Account. </li> <li> <strong>Manual validations</strong> → Adds an approval step before applying changes. </li> <li> <strong>Reusable variables</strong> → Service connection, resource group, storage account, and container details are stored as variables to avoid repetition. </li> </ul> <h2> 📝 Pipeline YAML </h2> <p>Here’s the YAML code for the pipeline:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">trigger</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">master</span> <span class="na">pool</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">mademitech</span> <span class="na">variables</span><span class="pi">:</span> <span class="na">serviceConnection</span><span class="pi">:</span> <span class="s1">'</span><span class="s">mademi-spn'</span> <span class="na">rgName</span><span class="pi">:</span> <span class="s1">'</span><span class="s">mademi-rg'</span> <span class="na">storageAccount</span><span class="pi">:</span> <span class="s1">'</span><span class="s">mademisg'</span> <span class="na">containerName</span><span class="pi">:</span> <span class="s1">'</span><span class="s">mademistatefiles'</span> <span class="na">stages</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">Dev</span> <span class="na">jobs</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">job</span><span class="pi">:</span> <span class="s">Validate_Dev</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Validate on Dev</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">TerraformTask@5</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Init Dev</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s1">'</span><span class="s">azurerm'</span> <span class="na">command</span><span class="pi">:</span> <span class="s1">'</span><span class="s">init'</span> <span class="na">backendServiceArm</span><span class="pi">:</span> <span class="s">$(serviceConnection)</span> <span class="na">backendAzureRmResourceGroupName</span><span class="pi">:</span> <span class="s">$(rgName)</span> <span class="na">backendAzureRmStorageAccountName</span><span class="pi">:</span> <span class="s">$(storageAccount)</span> <span class="na">backendAzureRmContainerName</span><span class="pi">:</span> <span class="s">$(containerName)</span> <span class="na">backendAzureRmKey</span><span class="pi">:</span> <span class="s1">'</span><span class="s">dev.tfstate'</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">TerraformTask@5</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Plan Dev</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s1">'</span><span class="s">azurerm'</span> <span class="na">command</span><span class="pi">:</span> <span class="s1">'</span><span class="s">plan'</span> <span class="na">commandOptions</span><span class="pi">:</span> <span class="s1">'</span><span class="s">-var-file=dev.tfvars</span><span class="nv"> </span><span class="s">--lock=false'</span> <span class="na">environmentServiceNameAzureRM</span><span class="pi">:</span> <span class="s">$(serviceConnection)</span> <span class="pi">-</span> <span class="na">job</span><span class="pi">:</span> <span class="s">ManualValidation</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Manual Approval for Dev Deployment</span> <span class="na">dependsOn</span><span class="pi">:</span> <span class="s">Validate_Dev</span> <span class="na">pool</span><span class="pi">:</span> <span class="s">server</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">ManualValidation@1</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">notifyUsers</span><span class="pi">:</span> <span class="s1">'</span><span class="s">deepak83s143@gmail.com'</span> <span class="na">onTimeout</span><span class="pi">:</span> <span class="s1">'</span><span class="s">resume'</span> <span class="pi">-</span> <span class="na">job</span><span class="pi">:</span> <span class="s">Deploy_Dev</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Deploy on Dev</span> <span class="na">dependsOn</span><span class="pi">:</span> <span class="s">ManualValidation</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">TerraformTask@5</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Apply Dev</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s1">'</span><span class="s">azurerm'</span> <span class="na">command</span><span class="pi">:</span> <span class="s1">'</span><span class="s">apply'</span> <span class="na">commandOptions</span><span class="pi">:</span> <span class="s1">'</span><span class="s">-var-file=dev.tfvars</span><span class="nv"> </span><span class="s">--auto-approve</span><span class="nv"> </span><span class="s">--lock=false'</span> <span class="na">environmentServiceNameAzureRM</span><span class="pi">:</span> <span class="s">$(serviceConnection)</span> <span class="pi">-</span> <span class="na">stage</span><span class="pi">:</span> <span class="s">Prod</span> <span class="na">dependsOn</span><span class="pi">:</span> <span class="s">Dev</span> <span class="na">jobs</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">job</span><span class="pi">:</span> <span class="s">ManualValidation_Prod</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Manual Approval for Prod</span> <span class="na">pool</span><span class="pi">:</span> <span class="s">server</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">ManualValidation@1</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">notifyUsers</span><span class="pi">:</span> <span class="s1">'</span><span class="s">deepak83s143@gmail.com'</span> <span class="na">onTimeout</span><span class="pi">:</span> <span class="s1">'</span><span class="s">resume'</span> <span class="pi">-</span> <span class="na">job</span><span class="pi">:</span> <span class="s">Deploy_Prod</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Deploy on Prod</span> <span class="na">dependsOn</span><span class="pi">:</span> <span class="s">ManualValidation_Prod</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">TerraformTask@5</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Init Prod</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s1">'</span><span class="s">azurerm'</span> <span class="na">command</span><span class="pi">:</span> <span class="s1">'</span><span class="s">init'</span> <span class="na">backendServiceArm</span><span class="pi">:</span> <span class="s">$(serviceConnection)</span> <span class="na">backendAzureRmResourceGroupName</span><span class="pi">:</span> <span class="s">$(rgName)</span> <span class="na">backendAzureRmStorageAccountName</span><span class="pi">:</span> <span class="s">$(storageAccount)</span> <span class="na">backendAzureRmContainerName</span><span class="pi">:</span> <span class="s">$(containerName)</span> <span class="na">backendAzureRmKey</span><span class="pi">:</span> <span class="s1">'</span><span class="s">prod.tfstate'</span> <span class="pi">-</span> <span class="na">task</span><span class="pi">:</span> <span class="s">TerraformTask@5</span> <span class="na">displayName</span><span class="pi">:</span> <span class="s">Apply Prod</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">provider</span><span class="pi">:</span> <span class="s1">'</span><span class="s">azurerm'</span> <span class="na">command</span><span class="pi">:</span> <span class="s1">'</span><span class="s">apply'</span> <span class="na">commandOptions</span><span class="pi">:</span> <span class="s1">'</span><span class="s">-var-file=prod.tfvars</span><span class="nv"> </span><span class="s">--auto-approve'</span> <span class="na">environmentServiceNameAzureRM</span><span class="pi">:</span> <span class="s">$(serviceConnection)</span> </code></pre> </div> <h3> 🔍 Step-by-Step Explanation </h3> <p><strong>1. Trigger &amp; Pool</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>trigger: - master </code></pre> </div> <p>This pipeline runs automatically whenever code is pushed to the master branch.<br> The pool is set to mademitech, which means it will run on a self-hosted agent.</p> <p><strong>2. Variables</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>variables: serviceConnection: <span class="s1">'mademi-spn'</span> rgName: <span class="s1">'mademi-rg'</span> storageAccount: <span class="s1">'mademisg'</span> containerName: <span class="s1">'mademistatefiles'</span> </code></pre> </div> <p>These variables store reusable values for the backend configuration.<br> If tomorrow you change your storage account or service connection, you only need to update it once here.</p> <p><strong>3. Dev Stage</strong></p> <ul> <li> <strong><code>Init</code></strong>: Initializes Terraform with AzureRM backend and points to the Dev state file.</li> <li> <strong><code>Plan</code></strong>: Runs terraform plan using dev.tfvars.</li> <li> <strong><code>Manual Validation</code></strong>: Waits for approval before applying changes.</li> <li> <strong><code>Apply</code></strong>: Applies the infrastructure changes on Dev.</li> </ul> <p><strong>4. Prod Stage</strong></p> <ul> <li> <strong><em>Depends on Dev</em></strong> → Ensures that only after successful Dev deployment, Prod stage runs.</li> <li> <strong><em>Manual Validation</em></strong>: Extra safety check before deploying to Prod.</li> <li> <strong><em>Init + Apply</em></strong>: Runs Terraform init and applies changes using prod.tfvars.</li> </ul> <h3> ✅ Why This Approach? </h3> <ul> <li> <strong><em>Governance</em></strong> → Manual approvals ensure no accidental changes hit production.</li> <li> <strong><em>Reusability</em></strong> → Variables make the pipeline maintainable.</li> <li> <strong><em>Safety</em></strong> → Dev is always tested first before Prod.</li> <li> <strong><em>Automation + Control</em></strong> → Combines Terraform automation with human oversight.</li> </ul> <h3> 🎯 Final Thoughts </h3> <p>This pipeline strikes a balance between automation and manual governance. It’s a solid starting point for teams looking to deploy infrastructure with Terraform while keeping production safe.</p> <p>From here, you can also enhance it by:</p> <ul> <li>Adding linting &amp; validation steps before plan.</li> <li>Integrating policy checks with tools like Terraform Cloud or OPA.</li> <li>Using templates for even more reusability.</li> </ul> <p>👉 <strong>Follow me on</strong> <br></p> <div class="table-wrapper-paragraph"><table> <tr> <td> <a href="https://github.com/techmademi" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3291%2F3291695.png" alt="GitHub" width="128" height="128"> </a> </td> <td> <a href="https://www.linkedin.com/in/deepak83s143/" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3536%2F3536505.png" alt="LinkedIn" width="128" height="128"> </a> </td> <td> <a href="https://www.youtube.com/@MademiTech" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3670%2F3670147.png" alt="YouTube" width="128" height="128"> </a> </td> </tr> </table></div> devops azure cicd terraform Deepak Sharma Tue, 19 Aug 2025 11:05:25 +0000 https://forem.com/techmademi/terraform-module-example-resource-group-creation-on-azure-281 https://forem.com/techmademi/terraform-module-example-resource-group-creation-on-azure-281 <p>This project demonstrates how to create an <strong>Azure Resource Group</strong> using <strong>Terraform modules</strong>.<br><br> By using modules, we can organize our code better, promote reusability, and simplify management of infrastructure.</p> <h2> 📂 Project Structure </h2> <p>parent_module/<br> │── main.tf<br> │<br> └── modules/<br> └──── resource_group/<br> ├────── resource_group.tf<br> ├────── variables.tf</p> <h2> 🔹 1. <code>main.tf</code> (in parent_module directory) </h2> <p>This is the <strong>root configuration</strong> file where we call our module.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">module</span> <span class="s2">"rg_create"</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"../modules/resource_group"</span> <span class="nx">rg_name</span> <span class="p">=</span> <span class="s2">"mademi-rg1"</span> <span class="nx">rg_location</span> <span class="p">=</span> <span class="s2">"centralus"</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation: </h3> <ul> <li> <code>module "rg_create"</code> → Declares a module block named rg_create.</li> <li> <code>source = "../modules/resource_group"</code> → Points to the directory where our module is located.</li> <li> <code>rg_name</code> → Resource Group name passed to the module (mademi-rg1).</li> <li> <code>rg_location</code> → Azure region where the Resource Group will be created (centralus).</li> </ul> <h2> 🔹 2. resource_group.tf (inside modules/resource_group) </h2> <p>This file defines the actual resource that Terraform will create.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">resource</span> <span class="s2">"azurerm_resource_group"</span> <span class="s2">"mademi-rg"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">rg_name</span> <span class="nx">location</span> <span class="p">=</span> <span class="nx">var</span><span class="p">.</span><span class="nx">rg_location</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation: </h3> <ul> <li> <code>azurerm_resource_group</code> → Azure Resource Group resource type.</li> <li> <code>name</code> → Uses the value of the variable rg_name.</li> <li> <code>location</code> → Uses the value of the variable rg_location.</li> </ul> <h2> 🔹 3. variables.tf (inside modules/resource_group) </h2> <p>This file declares the input variables that the module will accept.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight hcl"><code><span class="nx">variable</span> <span class="s2">"rg_name"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> <span class="nx">variable</span> <span class="s2">"rg_location"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="nx">string</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation: </h3> <ul> <li> <code>rg_name</code> → The name of the Resource Group (string type).</li> <li> <code>rg_location</code> → The Azure region (string type).</li> </ul> <p>These variables are provided from the parent module (<code>main.tf</code>).</p> <h3> ⚙️ How to Run </h3> <ol> <li> <p><strong>Initialize Terraform (downloads Azure provider and module dependencies)</strong>:<br> </p> <pre class="highlight shell"><code>terraform init </code></pre> </li> <li> <p><strong>Validate configuration</strong>:<br> </p> <pre class="highlight shell"><code>terraform validate </code></pre> </li> <li> <p><strong>Preview changes</strong>:<br> </p> <pre class="highlight shell"><code>terraform plan </code></pre> </li> <li> <p>Apply changes (create resource group):<br> </p> <pre class="highlight shell"><code>terraform apply <span class="nt">--auto-approve</span> </code></pre> </li> </ol> <h2> ✅ Final Output </h2> <p>Terraform will create an Azure Resource Group named:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mademi-rg1 </code></pre> </div> <p>in the region:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>centralus </code></pre> </div> <h2> 📘 Key Learning </h2> <ul> <li>Modules in Terraform make code reusable and clean.</li> <li>Instead of writing resources directly in the root main.tf, you can package them into modules and pass values as variables.</li> <li>This is especially useful when you manage large infrastructure with multiple environments.</li> </ul> <p>👉 <strong>This setup can be extended further by adding</strong>:</p> <ul> <li>Virtual Networks</li> <li>Storage Accounts</li> <li>Virtual Machines</li> <li>and other Azure resources inside modules.</li> </ul> <p>👉 <strong>Follow me on</strong> <br></p> <div class="table-wrapper-paragraph"><table> <tr> <td> <a href="https://github.com/techmademi" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3291%2F3291695.png" alt="GitHub" width="128" height="128"> </a> </td> <td> <a href="https://www.linkedin.com/in/deepak83s143/" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3536%2F3536505.png" alt="LinkedIn" width="128" height="128"> </a> </td> <td> <a href="https://www.youtube.com/@MademiTech" rel="noopener noreferrer"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn-icons-png.flaticon.com%2F128%2F3670%2F3670147.png" alt="YouTube" width="128" height="128"> </a> </td> </tr> </table></div> terraform azure azuredevops cicd