Welcome to our February Terraform on Azure bimonthly update! Sorry that this one took so long; moving forward, we plan to return the planned bimonthly cadence. We’ll once again open with updates in our major investment areas, then close with upcoming goals or plans. We will be aiming for the next update in April!
AzureRM provider
The resources exposed by the AzureRM provider are what most customers think of and include in their configurations when managing Azure infrastructure with Terraform. Azure is always adding new features and services so we work hard to ensure that you can manage these when they are generally available (GA).
A few highlights to call out, though there are certainly more updates than this:
- Support for Automation Software Update Configuration (v3.24)
- Support for configuring Tables in Log Analytics (v.3.86)
- Container App environments support Workload Profiles (v3.84)
- Support for Application Load Balancer (v3.86)
- Support for Red Hat OpenShift cluster (v3.89)
- Added validations for ingress traffic weight, which fixed a bug with container apps failing to deploy with ingress enabled (v3.87)
- Automation PowerShell 7.2 modules are now supported (v.3.85)
We’re currently on version 3.93 of the provider. For the latest updates, check out the release notes.
AzAPI provider
The AzAPI provider is a thin layer on top of the Azure ARM REST APIs. The AzAPI provider enables you to manage any Azure resource type using any API version. This provider complements the AzureRM provider by enabling the management of new or existing Azure resources and properties (including private preview). The AzAPI provider, along with the VsCode extension, language server and migration tool are critical tools to keep in your IaC toolbox to ensure that you can manage all of your Azure infrastructure using Terraform.
Latest Updates
We’ve embedded code samples to the VSCode extension, which will enable automatic loading of an existing code sample in the azapi provider GitHub repo.
We’re also happy to announce two new data source types, azapi_resource_id and azapi_resource_list.
azapi_resource_id helps parse through your Azure resource ID into subscription, resource group, and other useful attributes for you to take as outputs. For example, for an automationAccount:
data "azapi_resource_id" "account" {
  type        = "Microsoft.Automation/automationAccounts@2021-06-22"
  resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Automation/automationAccounts/automationAccount1"
}
output "account_name" {
  value = data.azapi_resource_id.account.name
}
output "account_resource_group" {
  value = data.azapi_resource_id.account.resource_group_name
}
output "account_subscription" {
  value = data.azapi_resource_id.account.subscription_id
}
output "account_parent_id" {
  value = data.azapi_resource_id.account.parent_id
}
Read more about it through the registry: azapi_resource_id | Data Sources | Azure/azapi | Terraform | Terraform Registry
azapi_resource_list helps point at a singular resource ID and get all related resources. For example, for a list of resources under a subscription:
data "azapi_resource_list" "listBySubscription" {
  type                   = "Microsoft.Automation/automationAccounts@2021-06-22"
  parent_id              = "/subscriptions/00000000-0000-0000-0000-000000000000"
  response_export_values = ["*"]
}
Check out more information at the registry: azapi_resource_list | Data Sources | Azure/azapi | Terraform | Terraform Registry
Lastly, we’ve added a vSupport endpoint block, which enables targeting of Gov or China cloud environments.
As always, make sure to check out the GitHub for release notes!
Usage Trends
We are thrilled to see that downloads has over tripled since our last blogpost! Thank you to everyone who has given the provider a try!
Data of snapshot from February 27th, 2024
Verified Modules
In the past months, the modules have undergone a merge with the broader Azure Verified Modules (AVM) effort. Thus, this section of updates will be focused on AVM moving forward. Per the webpage for AVM:
“Azure Verified Modules (AVM) is an initiative to consolidate and set the standards for what a good Infrastructure-as-Code module looks like.
Modules will then align to these standards, across languages (Bicep, Terraform etc.) and will then be classified as AVMs and available from their respective language specific registries.”
The current list of AVM Terraform modules stands at 22. For a list of available modules, please visit https://azure.github.io/Azure-Verified-Modules/indexes/terraform/tf-resource-modules/. This list also includes a list of planned modules that the team is prioritizing in the coming months.
For the GitHub of the AVM effort, visit https://github.com/Azure/Azure-Verified-Modules to learn details on how to contribute. We warmly welcome contributions from our community!
Community
The Terraform on Azure community is a key investment for our team in bringing the latest product updates, connecting you with other Terraform on Azure users, and enabling you to engage in ongoing feedback as we aim to improve your Terraform experience on Azure. This section will consistently speak on community related feedback or engagements. As always, register to join the community at https://aka.ms/AzureTerraform and the slack at https://aka.ms/joinaztfslack!
Community Calls
We’ve had two Terraform on Azure community calls since our previous post. The November community call featured Mark Tinderholt (aka Azure Terraformer) as he talked about the synergy of Ansible, Packer, and Terraform for your infrastructure experience!
The January community call recording featured Kieran and Jeffrey from StackQL, who talked about how it can accelerate your cloud development.
The March community call will have two sessions, both on Wednesday, March 13th. The first one at 9 am PT will be featuring our very own Matt White, while the second session at 4 pm PT will feature Arkahna’s Simone Bennett. Both presenters will be collaborating together to present on the same content: a deep dive into the Azure Landing Zone (ALZ). Register at https://aka.ms/aztfcc (this link points to the 9 am session)
Community Feedback
Our team is currently recruiting community members (meaning you!) for feedback!
- Copilot for Azure Deployment, IaC, and Migration
- The Azure product team is keen to understand your goals, challenges, and needs related to establishing and maintaining cloud infrastructures. Whether you’re using Azure, AWS, or other cloud platforms, your insights are invaluable to us. We also would like to explore how AI Copilot could help address your needs and pain-points.
If you’re interested in sharing your experiences and providing feedback, please take about 10-15 minutes to fill out the survey. Your participation will help shape the future of cloud services.Survey Link: https://aka.ms/DeploymentCopilot_SLBased on survey responses, we would like to extend an invitation to individuals who are the right fit to participate in our in-depth interviews.We appreciate your time and look forward to hearing your thoughts!
- Community conversations: AzAPI improvements
- 
If you use the AzAPI provider, we'd love to talk with you about some new improvements we're making and get your feedback. Please fill out this survey so we can get in touch!Survey Link: https://aka.ms/azapifeedback
Docs
New Landing-Page Table of Contents (TOC)
One of the best attributes of online documentation is the ability to more quickly respond to customer requests. One of the concerns we've heard from our customer polls and interviews is that discoverability (the ability to find articles) in the TOC could be more efficient. Therefore, we have refactored the Azure Terraform landing page TOC to match the Azure documentation landing page. The goal is to improve discoverability by using consistent TOC node names to group semantically related articles. As always keep that great feedback coming!
New and Updated Azure Terraform content
Since our last update, we have published the following new and updated articles:
Application Gateway
Azure Firewall
- Quickstart: Deploy Azure Firewall with Availability Zones - Terraform
- Quickstart: Create an Azure Firewall and IP Groups - Terraform
- Quickstart: Create an Azure Firewall with multiple public IP addresses - Terraform
Azure resource group
Azure Managed Lustre
Blob Storage
