Using ARM templates in a DTAP environment

More and more customers don’t settle with just an Office 365 / Azure tenant as their production environment. They often have one or more additional tenants (or subscriptions) to have an Acceptance, Test and/or Development environment. When it comes to deploying Azure resources, Azure Resource Management (ARM) templates are very convenient. Even more so, in a DTAP environment.

What is a ARM template?

The Azure Resource Management template is a JSON file defining the resources that need to be deployed to a Resource Group. For each resource you can define dependencies. With these, all resources can be deployed consistently and repeatedly.

The template consists of several main elements:

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {},
    "variables": {},
    "resources": [],
    "outputs": {}
}

Parameters define the input for your template, such as the location of your resources or the user name for your Azure VM.

Variables are used throughout the template and you can build values that can complex expressions. They provide you lots of flexibility as you can use functions to construct your value.

Resources is the element that defines your resources to be deployed, such as a storage account, virtual machine and azure web sites.

Outputs can be used to return values that have been created during deployment. One example can be the public IP address of the created Azure Virtual Machine.

Schematically, it looks like this.

image

More information about the syntax: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authoring-templates 

Passing the environment as a parameter

Let’s assume you have defined your environments as PRD, ACC, TST and DEV. You can use this value as a parameter and then use it in the variables that constructs the name of the resource. Example:

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "environment": {
            "defaultValue": "DEV",
            "allowedValues": [
                "DEV",
                "TST",
                "ACC",
                "PRD"
            ],
            "type": "string"
        }
    },
    "variables": {
        "virtualNetworkName": "[toUpper(concat('MAV-VNET-', parameters('environment'), '-WE'))]"
    },
    "resources": [],
    "outputs": {}
}

It may be obvious that a naming convention is crucial to have consistency in all your deployments. Having this mentioned, you might be thinking about other parameters, such as the location or department/company which may be part of the resource naming.

Deploying the template

There are several ways to deploy your ARM template: the Azure Portal, PowerShell, Visual Studio Team Services or 3rd party tools, such as Octopus Deploy. Since I am a fan of PowerShell, I will use it here.

The main cmdlet we need is New-AzureRmResourceGroupDeployment. You have to provide at least the name of the resource group and  the template file, but it is very convenient to provide the template parameters as well. The template parameters can be a static JSON file or it can be a hash table object.

Example of a PowerShell script:

$OptionalParameters = New-Object -TypeName Hashtable
$OptionalParameters['department'] = "MAV"
$OptionalParameters['environment'] = "DEV"
$OptionalParameters['location'] = "westeurope"
$OptionalParameters['region'] = "WE"

#Deploying resources with the resource management file
$ResourceGroupName = ("MAV-RG-ARMDEMO-$($Environment)").ToUpper()
$TemplateFile = [System.IO.Path]::Combine($PSScriptRoot, ".\MAV-ARMDEMO-Template.json")
$deploymentName = ((Get-ChildItem $TemplateFile).BaseName + '-' + ((Get-Date).ToUniversalTime()).ToString('MMdd-HHmm'))
$result = New-AzureRmResourceGroupDeployment -Name $deploymentName `
    -ResourceGroupName $ResourceGroupName `
    -TemplateFile $TemplateFile `
    -TemplateParameterObject $OptionalParameters 


[Note: the parameter hash table must have the exact parameter names as defined in your template]

When we execute the script for the environment DEV, it looks like this:

image

And when we execute it for Production…

image

When we take a look in the Azure Portal, we can see that both the Resource Groups are deployed.

image

image

You can take a test drive yourself, the script is available on my Assets page

Summary

For deploying Azure resources, ARM templates are the way to go. It’s a JSON file with main elements such as parameters, variables and resources. Parameters is your input values for the templates and this way you can provide a DTAP environment value.

Share