Azure setup - prerequisites

Szymon Rożek
Sep 17, 2024
2 min read

Updated: Sep 24, 2024

This article is for everyone who wants to set up an Azure environment to work with my use cases and sample Azure architectures. Besides, it is also a good tutorial if you want to start working with anything in Azure. I tried to keep this article as simple as possible with step-by-step configuration and proper reference links so everything can be understandable. Have fun!

Basic knowledge of Azure, Terraform, and CI/CD concepts is required to access my samples.

Azure setup
- Azure portal account
- Azure subscription
- Azure DevOps
- Azure DevOps terraform extension (How to do this )
- Service connection from Azure DevOps to Azure with Contributor role on a subscription level:

Azure devops connection — Azure Devops connection

I created my automatically using following method:

New Workload Identity federation connection

An object should be automatically created within Azure Entra ID and assigned to the selected Subscription with the Contributor role.

In most cases, Terraform will be used to manage the IaC, so we need to create a resource group with a storage account to store the state. Let's create a resource group named rg-{workloadname}-cmn-01 and a storage account named sttf{workloadname}cmn01.

Next step is creating Variable group name with names of the resource group and storage account as below:

Azure Devops Variable group name — ADO Variable group name

Terraform repository with modules I use for azure resources deployment
User Access Administrator role assigned to our Azure DevOps principal on a Subscription level which was generated for service connection. We need that role, so our deployment pipelines can assign roles for our connections to be secure. I recommend to make it on a more granular level so roles can be assigned only for service principals and only some of them. In my case it will look like this:

azure roles Entra Id — Role on a Subscription level

Conditions and principal types for a role

Azure roles conditioned access — Final review

Repositories setup:

Download the sample solution that you are interested in from my github.

You can import it directly into the Azure Devops by clicking Import repository.

how to import repository azure devops — Repository import

After importing the file and setting up the necessary Azure Devops values, you can proceed to create pipelines.

New pipeline in azure devops — New pipeline

Select source as Azure Repos and create pipeline from exisitng ones. As a starter pipeline pick /IaC/azure-pipelines.yaml

To be sure that everything will work change project_prefix default variable as some of the resources are global unique so they cannot be created twice within an Azure.

With that steps you should get green pipelines and your resources deployed to cloud!

I believe that you have completed all the necessary setup steps and that your Azure environment is ready for the upcoming tasks. If you encounter any difficulties, don't hesitate to leave a comment or contact me.

Azure setup

Comments