IaC With
Azure Bicep
Rainer Stropek | @rstropek
Introduction
Rainer Stropek
- Passionate software developers for 25+ years
Β - Microsoft MVP, Regional Director
Β - Trainer, Teacher, Mentor
Β - π community
Advantages of IaC
- Repeatable
- For e.g. staging (dev/test/prod)
- Shareable
- Share blueprints, good practices
- Trackable
- Track changes in Git
- Azure tracks executions and results
- Easy to automate
- CI/CD integration
- Less "click-ops"
Advantages of Templates Over Scripts
- Declarative Language
- You define whatΒ you want, not how to get there
- Somewhat similar to SQL
- Validated before execution
- If you miss functionality: Extensible with PS or Bash scripts π
- Idempotency
- You can deploy the template many times
- Template represents the desired state
- Only changes are applied
- If you are unsure: What-if function π
- Automatic ordering and parallelization
- Don't worry of order, ARM will figure it out based on dependencies
Templates
- Azure native functionality: ARM Templates π
- JSON format π
- Huge gallery of quickstart templates π
- New language to make ARM Templates easier to write: Bicep
- NotΒ a replacement of ARM Templates, ARM becomes "IL"
- βDomain-specific language optimized for the task π, not just JSON
- Modular π
- Much better tooling support (e.g. VSCode)
- Some limitations compared to ARM Templates (e.g. no support for user-defined functions π)
- Possibility to decompile ARM Templates into Bicep π
Alternatives
- Open-source IaC platforms like Terraform π
- Use ARM behind the scenes
- Well-suited in multi-cloud organizations
- Code-based IaC
- Graphical solutions
- E.g. Cloud Maker π
-
There is no silver bullet!
- No "best practice" applicable to all orgs and projects!
- Many orgs will be polyglot
- Important that you do IaC at all!
Advantages of Azure Templates
- Valid for ARM Templates and Bicep
- Because Bicep is a transparent abstraction on top of the ARM platform
- "Day 0 support" for all resource providers
- You can deploy anyΒ Azure resource with ARM/Bicep, even preview
- Important: ARM Provider ReferenceΒ π
- No state DB or state files required
- All state is stored directly in Azure
Bicep
101
Bicep Tooling
Structure
- Similar to ARM Templates π
- DSL instead of JSON
- Different expression language
- Structure of a Bicep template
- Parameters to make templates generally usable
- Variables to define reusable values
- Resource definitionsΒ for your Azure resources
- OutputsΒ to return values from template execution
Structure
// this file can only be deployed at a subscription scope
targetScope = 'subscription'
@description('Name of the Resource Group to create')
param rgName string = 'DemoResourceGroup'
@description('Location for the Resource Group')
param rgLocation string = 'westeurope'
var dept = 'IT'
resource demoRG 'Microsoft.Resources/resourceGroups@2021-01-01' = {
name: rgName
location: rgLocation
tags: {
Dept: dept
Environment: 'Test'
}
}
output resourceID string = demoRG.id
Language Features
var list = 'a,b,c,d'
var arrayFromString = split(list, ',')
var find = 'findThisInString'
var found = contains(find, 'This')
var index = indexOf(find, 'This')
var indexNotFound = indexOf(find, 'NotFound')
var len = length(find)
var substr = substring(find, index, (len - index))
output arrayFromString array = [for i in arrayFromString: {
element: i
}]
output found string = found == true ? 'Found "this"' : 'Did not find "This"'
output index int = index
output indexNotFound int = indexNotFound
output substr string = substrFunctions π
Loops
Inline if
Language Features
Demo
Time!
Thank you!
Rainer Stropek | @rstropek