Terraform project for creating Azure Resources
Hassan BOLAJRAF
Posted on July 20, 2024
Notes I highlighted screenshots with a yellow color to focus on some important informations. You can check other posts on my personal website: https://hbolajraf.net You can download the Terraform project from Here
Description
This Terraform script automates the provisioning of Azure resources required for implementing a real-time financial transaction monitoring system using Azure Event Hub. The script will create the following resources:
- Azure Event Hub Namespace
- Azure Event Hub
- Azure Event Hub shared access policy
- Azure Blob Storage Account (for checkpoints)
- Azure Storage Container (within the Blob Storage account)
Prerequisites
- Terraform installed on your machine
- Azure CLI installed and authenticated
The terraform folder project will have the following structure :
Terraform_Project
│ .terraform.lock.hcl # Lock file generated by Terraform to track provider dependencies
│ main.tf # Main Terraform configuration file that contains the Azure resources to be created
│ outputs.tf # Output definitions for Terraform
│ provider.tf # Provider configuration for Terraform
│ terraform.tfstate # State file to track the resources managed by Terraform
│ terraform.tfstate.backup # Backup of the Terraform state file
│ variables.tf # Variable definitions for Terraform
│
└── .terraform # Directory containing Terraform's internal files
Usage Instructions
1. Pre-requisites:
- Install Terraform and configure Azure CLI with appropriate credentials.
2. Customization:
- Modify variables (
resource_group_name
,location
,eventhub_namespace_name
, etc.) as per your naming conventions and preferences.
3. Deployment:
3.1 Run terraform init
to initialize the Terraform configuration.
3.2 Run az login --tenant XXXXXXXX-XXXXX-XXXXX-XXXXX-XXXXXXXX --use-device-code
in order to connect to Azure using Azure CLI.
3.3 Run terraform plan
to review the resources that will be created.
3.4 Run terraform apply
to provision the Azure resources.
3.4.1 Then validate Perform apply action :
3.4.2 Check the created ressources :
3.5 Run terraform destroy
When you no longer need the resources, clean up by destroying them with Terraform.
3.5.1 Then validate destroy all resources action :
3.5.2 TCheck the destroyed ressources :
4. Outputs:
- After deployment, Terraform will output connection strings (
eventhub_namespace_connection_string
,eventhub_connection_string
,storage_account_connection_string
) which can be used in your C# applications.
Terraform Code
Step 1: Initialize Terraform
Create a new directory and save the following files in it. Run terraform init
to initialize the configuration.
Step 2: Provider Configuration
Create a file named provider.tf
:
# provider.tf
# Specify the provider (Azure)
provider "azurerm" {
features {}
}
Step 3: Resource Configuration
Create a file named main.tf
:
# main.tf
# Create a resource group
resource "azurerm_resource_group" "rg" {
name = var.resource_group_name
location = var.location
}
# Create an Event Hub namespace
resource "azurerm_eventhub_namespace" "eventhub_namespace" {
name = var.eventhub_namespace_name
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
sku = "Standard"
capacity = 1
}
# Create an Event Hub within the namespace
resource "azurerm_eventhub" "eventhub" {
name = var.eventhub_name
namespace_name = azurerm_eventhub_namespace.eventhub_namespace.name
resource_group_name = azurerm_resource_group.rg.name
partition_count = 4
message_retention = 1 # Specify message retention in days
}
# Create a shared access policy within the Event Hub namespace
resource "azurerm_eventhub_namespace_authorization_rule" "authorization_rule" {
name = "eventhub-policy"
namespace_name = azurerm_eventhub_namespace.eventhub_namespace.name
resource_group_name = azurerm_resource_group.rg.name
listen = true # Adjust permissions as per your requirements
}
# Create a storage account for checkpoints
resource "azurerm_storage_account" "storage_account" {
name = var.storage_account_name
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
account_tier = "Standard"
account_replication_type = "LRS"
}
# Create a blob container within the storage account
resource "azurerm_storage_container" "container" {
name = var.container_name
storage_account_name = azurerm_storage_account.storage_account.name
container_access_type = "private"
}
Step 4: Variables Configuration
Create a file named variables.tf
:
# variables.tf
# Define variables (you may customize these)
variable "resource_group_name" {
default = "hbolajraf-rg-eventhub-demo"
}
variable "location" {
default = "East US" # Replace with your preferred Azure region
}
variable "eventhub_namespace_name" {
default = "hbolajraf-eventhub-ns-demo"
}
variable "eventhub_name" {
default = "hbolajraf-financial-transactions"
}
variable "storage_account_name" {
default = "hbolajraf007storageacct"
}
variable "container_name" {
default = "hbolajraf-eventhub-checkpoints"
}
Step 4: Output Configuration
Create a file named outputs.tf
:
# outputs.tf
# Output the connection strings (for producer and consumer applications)
output "eventhub_namespace_connection_string" {
value = azurerm_eventhub_namespace.eventhub_namespace.default_primary_connection_string
sensitive = true
}
output "eventhub_connection_string" {
value = azurerm_eventhub_namespace_authorization_rule.authorization_rule.primary_connection_string
sensitive = true
}
output "storage_account_connection_string" {
value = azurerm_storage_account.storage_account.primary_connection_string
sensitive = true
}
output "blob_container_name" {
value = azurerm_storage_container.container.name
}
What Next ?
This Terraform script automates the setup of Azure resources, making it easier to deploy and manage the infrastructure required for real-time financial transaction monitoring in banking using Azure Event Hub. Adjustments can be made to suit specific requirements or security policies within your organization.
Posted on July 20, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.