Introduction to IaC: Deploying Data infrastructure to Azure using Terraform (Part 3 - Azure SQL Database)
In Part 1, we explain the basics and prerrequisites to work with Terraform.
In Part 2, we created our first Azure resource.
On this post we will create an Azure SQL Database and configure it so we can access it right away.
Example 2: Deploy and configure an Azure SQL database
To create an Azure SQL database, we need at least the following:
- Resource group (we already have it from the previous example)
- Azure SQL Server
- Azure SQL database
- At least one firewall rule
We can obtain code snippets on each resource from the Terraform provider documentation we checked on the previous example: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
We proceed to add each component on the main.tf file (do not delete the previous code we have there)
At the end we should have something like this (just check resource names and parameters to match what you want.)
We execute Terraform plan:
Notice how this time three resources will be added, and no action will be taken for the resource group.
We execute terraform apply -auto-approve
If everything is ok, we should see the process completing successfully:
To validate it, navigate to Azure portal (or using SSMS) and validate you can access the database:
Since we also included a firewall rule for our laptop, we should access without issues:
Destroying our infrastructure
This is a demo and I do not want to incur on additional costs, so I will bring down all the infrastructure. In a real-world scenario probably, you will just remove individual resources instead of everything, but this is how we delete everything:
Same as apply, we can use the -auto-approve flag, but I do not recommend it for destroy activities.
If you want to destroy just one resource (like in a real-word scenario), use the -target='resource.name' flag.
You can validate resources that have been removed by checking in Azure portal.
As you noticed, this approach has a lot of information to digest, and IaC is just used to provision the underlying infrastructure in an automated and repeatable way.
To create database objects and populate tables with data, that is another part of the CI/CD pipeline, there are other tools for that, which we can discuss in the next posts.
As a suggested practice, you can try to deploy different resources to other providers like an AWS S3 bucket (we will make another posts for that as well).
Stay in touch for next articles where we will discuss sourcing and Terraform Cloud, and how to secure sensitive data.