Implicit dependencies with Azure using terraform

Managing your infrastructure in Azure can be a complex task, especially as your infrastructure grows and becomes more complex. However, with Terraform, you can simplify your Azure infrastructure management and ensure that your resources are created and managed in a more efficient and reliable way.

One key feature of Terraform is implicit dependencies, which allows you to define relationships between resources without explicitly specifying them in your configuration. In this blog post, we will explore some examples on how implicit dependencies work in Azure using Terraform.

We will walk through several examples of implicit dependencies, including resource associations, network security groups, and network interface. In Terraform, implicit dependencies are relationships between resources that are not explicitly defined in the configuration but are inferred based on the configuration. In Azure, there are several implicit dependencies between resources that Terraform automatically handles for you. Here are some examples:

• Virtual Networks and Subnets: When you create a subnet, it must be associated with a virtual network. Therefore, when you define a subnet resource in Terraform, it implicitly depends on the virtual network resource that it is associated with.

resource "azurerm_virtual_network" "mct_vnet" {
  name                = "mct-vnet"
  address_space       = ["10.0.0.0/16"]
  location            = "westus2"
  resource_group_name = "mct-rg"
}

resource "azurerm_subnet" "mct_subnet" {
  name           = "mct-subnet"
  address_prefix = "10.0.1.0/24"
  virtual_network_name = azurerm_virtual_network.mct_vnet.name
  resource_group_name  = "mct-rg"
}

• Network Security Groups and Subnets: When you associate a network security group (NSG) with a subnet, the NSG rules apply to all the resources within the subnet. Therefore, when you define an NSG resource in Terraform, it implicitly depends on the subnet resource that it is associated with.

resource "azurerm_network_security_group" "mct_nsg" {
  name                = "mct-nsg"
  location            = "westus2"
  resource_group_name = "mct-rg"
}

resource "azurerm_subnet_network_security_group_association" "mct_nsg_association" {
  subnet_id                 = azurerm_subnet.mct_subnet.id
  network_security_group_id = azurerm_network_security_group.mct_nsg.id
}

• Virtual Machines and Network Interfaces: When you create a virtual machine, it must have at least one network interface. Therefore, when you define a virtual machine resource in Terraform, it implicitly depends on the network interface resource that is associated with it.

resource "azurerm_network_interface" "mct_nic" {
  name                = "mct-nic"
  location            = "westus2"
  resource_group_name = "mctrg"

  ip_configuration {
    name                          = "mct-ip"
    subnet_id                     = azurerm_subnet.mct_subnet.id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "azurerm_virtual_machine" "mct_vm" {
  name                  = "mct-vm"
  location              = "westus2"
  resource_group_name   = "mct-rg"
  network_interface_ids = [azurerm_network_interface.mct_nic.id]

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  storage_os_disk {
    name              = "mct-osdisk"
    create_option     = "FromImage"
    caching           = "ReadWrite"
    managed_disk_type = "Standard_LRS"
  }
}

These are just a few examples of implicit dependencies between resources in Azure using Terraform. By understanding and leveraging implicit dependencies, you can simplify your Terraform configuration and ensure that your resources are created in the correct order.

Understanding and leveraging implicit dependencies with example code.

After writing your code and saving your .tf file.
Step 1: run terraform init, terraform plan and terraform apply
step 2: run terraform graph This will enable you generate a visual representation of either a configuration or execution plan.
step 3: Take the output and goto WebGraphviz, put it int the box and click on the button generate graph!

The webgraphviz output looks like the image below.

Conclusion

Implicit dependencies are a powerful feature of Terraform that can simplify your Azure infrastructure management and ensure that your resources are created and managed in a more efficient and reliable way. By allowing you to define relationships between resources without explicitly specifying them in your configuration, Terraform can ensure that resources are created in the correct order and that all dependencies are satisfied. When effectively created, implicit dependencies can help to ensure that your infrastructure is created and managed correctly, minimizing errors, delays, and security vulnerabilities. By leveraging this feature of Terraform, you can take advantage of the benefits of Azure infrastructure while simplifying your management and improving your infrastructure's reliability.

Comments

[Lawal Owolabi Yusuf]

Thanks for sharing this valuable insight!