HashiCorp Terraform is an extremely powerful IaC tool for managing Microsoft Azure infrastructure through code, from the command-line, and from CI/CD tools like GitHub Actions or Terraform Cloud. Terraform is great for managing and deploying the configurations for Microsoft Azure resources, but tools like the Azure Portal are still needed to view the real Azure environment and to check on monitoring those resources.
This means the management experiences between Terraform and Azure Portal are a little disconnected. The Terraform project provisions and updates the configuration of Azure resources, then the Azure Resource Group for those Azure resources needs to be known by the DevOps Engineer or Site Reliability Engineer (SRE) that’s responsible for managing the Azure environment.
The HashiCorp Terraform project knows what Azure Subscription is being used and the name of the Azure Resource Group (or even multiple resource groups) for the resources managed within the Azure environment. Setting up Terraform outputs to return the Azure Subscription and Resource Group names can be helpful directing the DevOps Engineers and SREs to where the associated Azure environment for the Terraform project resides. Then these names could be used to lookup the environment within the Azure Portal.
Data Source for Azure Subscription Information: Within the Terraform project, the
azurerm_subscriptionresource can be used with adatablock to create a data source that allows the Terraform project to reference the Azure Subscription information; likenameandtenant_id.
Here’s a couple Terraform outputs that put this into practice:
# Data source for the Azure Subscription
data azurerm_subscription "current" { }
# Output the Azure Subscription name
output "azure_subscription_name" {
value = data.azurerm_subscription.current.display_name
}
# Output the Azure Resource Group name
output "azure_resource_group_name" {
value = azurerm_resource_group.b59_rg.name
}Now that the Terraform project outputs the Azure Subscription name and Azure Resource Group name for the infrastructure environment, these can then be used to locate these resources within the Azure Portal for manual review of the configurations or monitoring purposes.
However, what if it was even easier? What if you could have the Terraform project build and output the full URL to the Azure environment directly to the Azure Portal?
Output Azure Portal Links from Terraform
As shown above, the Terraform project is able to reference the Azure Subscription and Azure Resource Group for the infrastructure environment being managed. After all, Terraform needs these in order to provision and manage the Azure resource configurations.
Now, these references can be used to add a new Terraform output to the project that builds and outputs a full URL that can be used to navigate directly to the Azure environment. This URL can be built using the URL format used by the Azure Portal website, along with both the Azure Subscription tenant_id and the Azure Resource Group id.
To make the Terraform output build the correct Azure Portal URL, it needs to be in this format:
https://portal.azure.com/#@<subscription-id>/resources<resource-id>Remember, to setup the Terraform code to replace the placeholders with the correct values:
<subscription-id>: This is where the Azure Subscription Tenant ID needs to go. This can be referenced from thetenant_idproperty on the Azure Subscription (azurerm_subscription) data source.<resouce-id>: This is where the full Azure Resource ID for the Azure resource needs to go. This can be referenced from theidproperty of any Azure Resource within the Terraform project. Such as theidof the Azure Resource Group (azurerm_resource_group). Theidwill be comprised of the unique GUID identifier of the resource prefixed by the Azure Resource Management (ARM) resource type information.
Here’s a final example of the Terraform code to make your Terraform project output the URL to the Azure Portal for your Azure Resource Group in the Azure environment:
data azurerm_subscription "current" { }
output "azure_resource_group_url" {
value = "https://portal.azure.com/#@${data.azurerm_subscription.current.tenant_id}/resource${azurerm_resource_group.b59_rg.id}"
}Be sure, to replace the Azure Resource Group reference with the one from your own Terraform project when pasting this example in.
Here’s a screenshot of the output at the command-line when running terraform apply showing the output of the Azure Portal URL:
Simply copy / paste this URL into the browser, and it’ll navigate you directly to that Azure Resource Group within your Azure Subscription.
Conclusion
This is a neat trick that helps lower the frustration in navigating between the deployment pipelines that run the Terraform apply to make changes to the Azure environment and navigating to that environment within the Azure Portal. Generally, you’ll want to put the URL / link to the Azure environment within the workloads documentation, but outputting it from the Terraform project itself, when deployments are run, makes it easy to navigate to the environment within the Azure Portal while looking at the infrastructure deployment logs.
I hope you find this useful. Happy Terraforming!
GitHub Actions: Get Current Branch Name for Git Repo
Deploying Hub-and-Spoke Network Topology in Microsoft Azure using Terraform
How to become a DevOps Engineer
GitHub Certifications – Prove Your Expertise
How to become a Site Reliability Engineer (SRE)
