Course Outline
Module 1: Introduction to Infrastructure as Code and Terraform
- Core concepts and advantages of IaC for on-premises and hybrid environments.
- Overview of Terraform: providers, resources, state management, and lifecycle.
- Installation of Terraform, Azure CLI, and other required tools.
- First practical exercise: writing a simple Terraform configuration and applying it locally.
Module 2: HashiCorp Configuration Language (HCL) and Configuration Basics
- HCL syntax, resources, attributes, and expressions.
- Usage of variables, outputs, locals, and type constraints.
- Utilizing the Terraform CLI: commands for init, plan, apply, destroy, and fmt.
- Hands-on lab: constructing a parameterized configuration for both on-premises and Azure resources.
Module 3: Providers, Resources, and Azure Provider Fundamentals
- Understanding providers and provider configuration, with a focus on the AzureRM provider.
- Mapping infrastructure components to Terraform resources, covering networking, compute, and storage.
- Managing Azure authentication and service principals for automation purposes.
- Hands-on exercise: provisioning an Azure virtual network and a simple VM via Terraform.
Module 4: State Management, Backends, and Collaboration
- Terraform state: its purpose, format, and lifecycle considerations.
- Remote backends using Azure Storage Accounts and strategies for state locking.
- Utilizing workspaces, environments, and collaboration patterns for team workflows.
- Lab: configuring remote state in Azure Storage and executing multi-user workflows.
Module 5: Modularization, Reusability, and Best Practices
- Drafting and consuming Terraform modules.
- Module inputs and outputs, versioning strategies, and registry patterns.
- Folder layout, naming conventions, and maintaining a clean repository structure.
- Hands-on exercise: creating a reusable module for Azure VM, disk, and network, and testing it across environments.
Module 6: Managing Azure Virtual Devices and On-Prem Integration
- Managing Azure Virtual Machines, Virtual Desktop components, and device lifecycle via Terraform.
- Patterns for hybrid device management, connecting on-premises resources with Azure-managed devices.
- Integrating volumetric or device management systems through data sources and external providers.
- Lab: deploying a fleet of Azure VMs to represent operator units and configuring inventory tagging and basic monitoring.
Module 7: CI/CD, Automation, and Deployment Pipelines
- Integrating Terraform with CI/CD systems such as GitHub Actions and Azure DevOps pipelines.
- Automating plan and apply processes using secured secrets and service principals.
- Basics of Policy as Code (Sentinel or Open Policy Agent patterns) and pre-deployment checks.
- Hands-on exercise: creating a GitHub Actions workflow to plan and apply Terraform against a sandbox subscription.
Module 8: Security, Secrets, and Operational Practices
- Secrets management: integrating Azure Key Vault and preventing sensitive data exposure in state files.
- Access control, Role-Based Access Control (RBAC), and enforcing least privilege for automation accounts.
- Drift detection, state reconciliation, and foundational remediation practices.
- Checklist for backup, auditing, and governance of Terraform-managed infrastructure.
Module 9: Testing, Debugging, and Troubleshooting
- Debugging Terraform configurations and effectively interpreting plan diffs.
- Approaches to unit and integration testing (terraform validate, tflint, kitchen-terraform).
- Common error patterns and strategies for resolution.
- Lab: running validation and linting tools to identify and fix issues.
Module 10: Capstone Project — Hybrid Deployment Scenario
- Design exercise: planning an on-premises and Azure device deployment using established patterns.
- Implementing core components using modules, remote state, and CI/CD pipeline snippets.
- Presenting the solution, discussing trade-offs, and reviewing the operational runbook.
Summary and Next Steps
Requirements
- A foundational understanding of networking and virtualization concepts.
- Familiarity with command-line interfaces on Windows or Linux.
- Basic knowledge of cloud or on-premises infrastructure principles.
Audience
- System administrators and platform engineers.
- DevOps practitioners who are starting their journey with Infrastructure as Code.
- IT teams responsible for managing hybrid infrastructure (on-premises and Azure).
Testimonials (3)
pacing for the most part was fantastic. Michal was very good at ensuring the audience were engaged and ensured everyone was following along for the most part
Asif Shaikh - Carpmaels & Ransford
Course - Terraform on Microsoft Azure
Checking all the details in practice - by writing real code
Michal Pipala - EY
Course - Advanced Terraform: Efficient Infrastructure as Code
the instructor was very well prepared
