On previous articles I have used Azure policy to enforce and inherit tags on azure resources.
However sometimes you need to enforce Azure policy only on specific resources. For this purpose you can use logical expression. Lets examine how we can apply an azure policy only on virtual machine resources. Under the policy rule, you will need to search for the field that equals Microsoft.Compute/virtualMachines. By doing so you can target only the specific resource and then based on your logic you can perform actions.
Terraform is one of the best automation providers for DevOps purposes used by hundred of Engineers. It is an open source tool that can be used by anyone for free. In this article I will explain how to deploy windows and linux virtual machines on Azure using a Terraform template.
First things first you will need to have the az cli installed. Then you will have to set your subscription on your current powershell session.
az account set --subscription "12abc123-4567-1234-12345-asdr4334fsd"
Then you will need to create an app role assignment for your subscription. This will be used from terraform for the provision of the resources.
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/12abc123-4567-1234-12345-asdr4334fsd"
That’s all. You can now deploy your resources through terraform. In the links below I have provided my Github repository along with instructions for the template use.
A tricky part of the deployment is the vm image selection. In order to locate the available azure images names you can use: