Azure Infrastructure as Code: With ARM templates and Bicep
Master ARM templates, Bicep, and other Azure Infrastructure-as-Code tools, techniques, and practices to build infrastructure on the Azure cloud.

In Azure Infrastructure as Code you will learn how to:

Create reusable infrastructure templates using advanced features of the ARM (Azure Resource Manager) syntax
Write templates with the Azure Bicep domain-specific language (DSL)
Test ARM and Bicep templates
Deploy templates using deployment pipelines
Guarantee repeated outcomes when you reuse templates to replicate infrastructure
Share templates between teams
Provision templates to provide standards and Azure Policy to enforce them
Orchestrate complex deployments using Azure DevOps and GitHub Actions
Pre-provision environments for other teams with deployment stacks

Azure Infrastructure as Code teaches you to use Azure’s native infrastructure as code (IaC) tools, like ARM and Bicep, to build, manage, and scale infrastructure with just a few lines of code. You’ll discover ARM templates, deployment stacks, and the powerful new language Bicep. See how easy they make it to create new environments, safely make infrastructure changes, govern your resources using Azure Policy, and prevent configuration drift. Loaded with in-depth coverage of syntax and lots of illustrative examples, this hands-on guide is a must-read for anyone looking to expand their knowledge of provisioning.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Automating tasks like provisioning servers, operating systems, and storage, saves time and radically increases consistency. The Infrastructure as Code (IaC) approach brings the tools and practices of application deployment, such as Github Actions, automated testing, and pipeline-driven deployments, to infrastructure components. With Azure’s native IaC tools, you can create whole new infrastructures with just a few lines of code using declarative specifications and an intuitive domain-specific language.

About the book
Azure Infrastructure as Code shows you how to manage and automate your infrastructure using Azure’s IaC tools. In this practical guide, you’ll discover how to set up Azure Resource Manager (ARM) templates and to script infrastructure creation using the Bicep DSL. You’ll also explore advanced topics such as testing, reusing templates, and defining policies as code. You’ll even build a complete CI/CD pipeline that can orchestrate a complex infrastructure deployment across multiple regions.

What's inside

Create reusable infrastructure templates
Write templates with the Azure Bicep domain-specific language
Deploy templates using deployment pipelines
Share templates between teams

About the reader
For operations, infrastructure, or software engineers with some Azure experience.

About the author
Henry Been is a freelance DevOps and Azure architect and consultant. Erwin Staal is an Azure architect and DevOps consultant. Eduard Keilholz is a cloud solution architect.

Table of Contents
PART 1 INTRODUCTION
1 Infrastructure as Code
2 Writing your first ARM template
PART 2 TAKING IT UP A NOTCH
3 Writing ARM templates
4 Deploying ARM templates
5 Writing advanced ARM templates
6 Simplifying ARM templates using the Bicep DSL
7 Complex deployments using Azure DevOps
8 Complex deployments using GitHub Actions
9 Testing ARM templates
PART 3 ADVANCED TOPICS
10 Template specs and Bicep registries: Building a repository of templates
11 Using deployment stacks for grouping resources
12 Governing your subscriptions using Azure Policy
13 Case studies
1140101071
Azure Infrastructure as Code: With ARM templates and Bicep
Master ARM templates, Bicep, and other Azure Infrastructure-as-Code tools, techniques, and practices to build infrastructure on the Azure cloud.

In Azure Infrastructure as Code you will learn how to:

Create reusable infrastructure templates using advanced features of the ARM (Azure Resource Manager) syntax
Write templates with the Azure Bicep domain-specific language (DSL)
Test ARM and Bicep templates
Deploy templates using deployment pipelines
Guarantee repeated outcomes when you reuse templates to replicate infrastructure
Share templates between teams
Provision templates to provide standards and Azure Policy to enforce them
Orchestrate complex deployments using Azure DevOps and GitHub Actions
Pre-provision environments for other teams with deployment stacks

Azure Infrastructure as Code teaches you to use Azure’s native infrastructure as code (IaC) tools, like ARM and Bicep, to build, manage, and scale infrastructure with just a few lines of code. You’ll discover ARM templates, deployment stacks, and the powerful new language Bicep. See how easy they make it to create new environments, safely make infrastructure changes, govern your resources using Azure Policy, and prevent configuration drift. Loaded with in-depth coverage of syntax and lots of illustrative examples, this hands-on guide is a must-read for anyone looking to expand their knowledge of provisioning.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Automating tasks like provisioning servers, operating systems, and storage, saves time and radically increases consistency. The Infrastructure as Code (IaC) approach brings the tools and practices of application deployment, such as Github Actions, automated testing, and pipeline-driven deployments, to infrastructure components. With Azure’s native IaC tools, you can create whole new infrastructures with just a few lines of code using declarative specifications and an intuitive domain-specific language.

About the book
Azure Infrastructure as Code shows you how to manage and automate your infrastructure using Azure’s IaC tools. In this practical guide, you’ll discover how to set up Azure Resource Manager (ARM) templates and to script infrastructure creation using the Bicep DSL. You’ll also explore advanced topics such as testing, reusing templates, and defining policies as code. You’ll even build a complete CI/CD pipeline that can orchestrate a complex infrastructure deployment across multiple regions.

What's inside

Create reusable infrastructure templates
Write templates with the Azure Bicep domain-specific language
Deploy templates using deployment pipelines
Share templates between teams

About the reader
For operations, infrastructure, or software engineers with some Azure experience.

About the author
Henry Been is a freelance DevOps and Azure architect and consultant. Erwin Staal is an Azure architect and DevOps consultant. Eduard Keilholz is a cloud solution architect.

Table of Contents
PART 1 INTRODUCTION
1 Infrastructure as Code
2 Writing your first ARM template
PART 2 TAKING IT UP A NOTCH
3 Writing ARM templates
4 Deploying ARM templates
5 Writing advanced ARM templates
6 Simplifying ARM templates using the Bicep DSL
7 Complex deployments using Azure DevOps
8 Complex deployments using GitHub Actions
9 Testing ARM templates
PART 3 ADVANCED TOPICS
10 Template specs and Bicep registries: Building a repository of templates
11 Using deployment stacks for grouping resources
12 Governing your subscriptions using Azure Policy
13 Case studies
59.99 In Stock
Azure Infrastructure as Code: With ARM templates and Bicep

Azure Infrastructure as Code: With ARM templates and Bicep

Azure Infrastructure as Code: With ARM templates and Bicep
Add to Wishlist
Azure Infrastructure as Code: With ARM templates and Bicep

Azure Infrastructure as Code: With ARM templates and Bicep

Overview

Master ARM templates, Bicep, and other Azure Infrastructure-as-Code tools, techniques, and practices to build infrastructure on the Azure cloud.

In Azure Infrastructure as Code you will learn how to:

Create reusable infrastructure templates using advanced features of the ARM (Azure Resource Manager) syntax
Write templates with the Azure Bicep domain-specific language (DSL)
Test ARM and Bicep templates
Deploy templates using deployment pipelines
Guarantee repeated outcomes when you reuse templates to replicate infrastructure
Share templates between teams
Provision templates to provide standards and Azure Policy to enforce them
Orchestrate complex deployments using Azure DevOps and GitHub Actions
Pre-provision environments for other teams with deployment stacks

Azure Infrastructure as Code teaches you to use Azure’s native infrastructure as code (IaC) tools, like ARM and Bicep, to build, manage, and scale infrastructure with just a few lines of code. You’ll discover ARM templates, deployment stacks, and the powerful new language Bicep. See how easy they make it to create new environments, safely make infrastructure changes, govern your resources using Azure Policy, and prevent configuration drift. Loaded with in-depth coverage of syntax and lots of illustrative examples, this hands-on guide is a must-read for anyone looking to expand their knowledge of provisioning.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Automating tasks like provisioning servers, operating systems, and storage, saves time and radically increases consistency. The Infrastructure as Code (IaC) approach brings the tools and practices of application deployment, such as Github Actions, automated testing, and pipeline-driven deployments, to infrastructure components. With Azure’s native IaC tools, you can create whole new infrastructures with just a few lines of code using declarative specifications and an intuitive domain-specific language.

About the book
Azure Infrastructure as Code shows you how to manage and automate your infrastructure using Azure’s IaC tools. In this practical guide, you’ll discover how to set up Azure Resource Manager (ARM) templates and to script infrastructure creation using the Bicep DSL. You’ll also explore advanced topics such as testing, reusing templates, and defining policies as code. You’ll even build a complete CI/CD pipeline that can orchestrate a complex infrastructure deployment across multiple regions.

What's inside

Create reusable infrastructure templates
Write templates with the Azure Bicep domain-specific language
Deploy templates using deployment pipelines
Share templates between teams

About the reader
For operations, infrastructure, or software engineers with some Azure experience.

About the author
Henry Been is a freelance DevOps and Azure architect and consultant. Erwin Staal is an Azure architect and DevOps consultant. Eduard Keilholz is a cloud solution architect.

Table of Contents
PART 1 INTRODUCTION
1 Infrastructure as Code
2 Writing your first ARM template
PART 2 TAKING IT UP A NOTCH
3 Writing ARM templates
4 Deploying ARM templates
5 Writing advanced ARM templates
6 Simplifying ARM templates using the Bicep DSL
7 Complex deployments using Azure DevOps
8 Complex deployments using GitHub Actions
9 Testing ARM templates
PART 3 ADVANCED TOPICS
10 Template specs and Bicep registries: Building a repository of templates
11 Using deployment stacks for grouping resources
12 Governing your subscriptions using Azure Policy
13 Case studies

Product Details

ISBN-13: 9781617299421
Publisher: Manning
Publication date: 08/02/2022
Pages: 368
Product dimensions: 7.38(w) x 9.25(h) x 1.00(d)

About the Author

Erwin Staal is an Azure architect and DevOps consultant with more than 10 years of experience in both small and large organizations. As a DevOps consultant, he helps companies with the implementation of DevOps and continuous delivery.

Eduard Keilholz is a cloud solution architect who creates highly performant software. His focus is on the Microsoft development stack, mainly C# and the Microsoft Azure Cloud. He speaks at national and international conferences, and in 2020 he was recognized by Microsoft with the Microsoft MVP Award for Azure

Table of Contents

Foreword xii

Preface xiv

Acknowledgments xvi

About this book xvii

About the authors xxi

About the cover illustration xxii

Part 1 Introduction 1

1 Infrastructure as Code 3

1.1 Working with infrastructure 4

DevOps 5

Preventing configuration drift 7

1.2 The benefits of Infrastructure as Code 8

IaC allows for automation 9

IaC allows for a declarative approach 9

IaC provides a human-readable format 10

1.3 The Azure Resource Manager 11

Control plane and data plane 11

ARM templates 12

The Bicep language 13

Azure Service Management (ASM is not ARM) 13

1.4 Other tools 14

AWS CloudFormation 14

Google Cloud Deployment Manager 14

Terraform 15

Pulumi 16

Choosing between cloud-specific and multi-cloud solutions 16

2 Writing your first ARM template 18

2.1 Working with JSON files 19

Installing the ARM templates extension in VS Code 20

2.2 Writing ARM templates in VS Code 20

Adding a resource 22

Leveraging IntelliSense in VS Code 24

2.3 Deploying an ARM template 25

2.4 Monitoring template deployments 27

2.5 Finding example templates 28

2.6 Visualizing templates 29

Part 2 Taking it up a notch 33

3 Writing ARM templates 35

3.1 Resources 36

Child resources 38

3.2 Parameters 39

Parameter types 40

Limiting and describing parameter values 45

Specifying parameter values 46

3.3 Variables 50

3.4 Outputs 52

3.5 Functions 54

Expressions 54

Built-in functions 56

User-defined functions 64

4 Deploying ARM templates 66

4.1 An overview of the deployment process 67

4.2 Submitting a deployment 68

Choosing a deployment scope 68

Submitting a template using different tools 70

4.3 The execution phase 75

Role-based access control 76

Azure Policy 79

Resource locks 81

Resource provisioning 82

4.4 The clean-up phase 82

Incremental deployment mode 83

Complete deployment mode 83

Combining deployment modes 84

4.5 Template validation and what-if deployments 85

Validating an ARM template 85

What-if deployments 86

4.6 Troubleshooting template deployments 87

5 Writing advanced ARM templates 89

5.1 Deploying to multiple scopes using nested templates 90

Nested templates on a management group 94

Evaluation scope 96

Outputs 99

5.2 How to structure solutions 99

Small to medium solutions 99

Large solutions 100

5.3 Modularizing templates with linked templates 102

Using a URI 103

Using a relative path 106

5.4 Deploying resources in order 107

Explicit deployment ordering 107

Implicit deployment ordering 109

5.5 Conditionally deploying resources 109

Applying conditions to output 112

5.6 Using loops to create multiple resources 112

Using copy on variables 114

Using copy on properties 115

Using copy on output 116

Waiting for a loop to finish, using dependsOn 117

5.7 Deployment scripts 118

5.8 Reverse engineering a template 125

Exporting templates 125

Using Resource Explorer 126

Using the JSON view 127

For a new resource 127

6 Simplifying ARM templates using the Bicep DSL 129

6.1 Bicep: A transpiler 130

Deploying 132

Transpiling 132

Decompiling 133

6.2 Bicep syntax differences 134

Parameters 134

Variables 135

Outputs 135

Conditions 135

Loops 136

Targeting different scopes 138

Known limitations 138

6.3 Other improvements with Bicep 138

Referencing resources, parameters, and variables 138

Using references in variables and outputs 139

Referencing existing resources 141

Dependency management 141

String interpolation 141

No mandatory grouping 142

Comments 143

Using the contents of other files 144

6.4 Modules 145

Deploying to another scope 146

Debugging Bicep deployments 146

6.5 A larger Bicep example 147

AppConfiguration.bicep 148

ApplicationInsights.bicep 149

Configuration.bicep 151

7 Complex deployments using Azure DevOps 155

7.1 Meet Toma Toe Pizzas 156

7.2 Crafting the Bicep files 157

Describing the App Service plan 157

Describing the App Service 159

Finalizing the template 160

7.3 Storing templates in source control 162

7.4 Automated build and release pipelines 163

Using triggers 164

Creating tasks 165

Grouping tasks in a job 166

Creating service connections 167

8 Configuring Azure DevOps to run your pipeline 171

7.5 Adding logical phases to your pipeline 173

Identifying the logical phases 173

Accessing artifacts from different jobs 175

Transpiling Bicep in a pipeline stage 175

Deploying a template from a pipeline artifact 176

7.6 Adding the Traffic Manager 178

Deploying the Traffic Manager 181

7.7 Creating a real-world example pipeline 182

Completing the pipeline 182

8 Complex deployments using GitHub Actions 188

8.1 Forking a repository 189

8.2 Getting to know GitHub Actions 190

Workflow events 190

Runners 191

Jobs 191

Steps 191

Actions 191

8.3 Building a GitHub Actions workflow 191

Adding a job to a GitHub Actions workflow 192

8.4 The deployment phase in GitHub Actions 193

Connecting to Azure from your GitHub workflow 194

Generating a service principal using the Azure CLI 194

8.5 Deploying ARM templates from GitHub Actions 195

Completing the deployment 198

9 Testing ARM templates 201

9.1 Static analysis and validation 203

Visual Studio Code extensions 204

Validation using PowerShell or Azure CLI 207

ARM template test toolkit 208

Custom tests using Pester 212

9.2 Unit tests 216

9.3 Integration tests 218

9.4 End-to-end tests 222

9.5 Pester in CI/CD 229

Part 3 Advanced Topics 235

10 Template specs and Bicep registries: Building a repository of templates 237

10.1 Use case: A repository of compliant resources 238

10.2 Creating a template spec 239

Listing template specs 242

Template spec versions 243

Creating a template spec from multiple ARM templates 243

Deploying a template spec using IaC is impractical 246

10.3 Deploying a template spec 246

Deploying template specs from an ARM or Bicep template 248

Upgrading to a newer version of the template spec 253

10.4 An alternative: A Bicep registry 253

10.5 Sharing templates using a package manager 255

Publishing an ARM template as a package 256

Deploying an ARM template that is in a package 259

Yet another approach 260

10.6 Design considerations 260

Choosing an approach 261

Pros and cons of template specs 261

Pros and cons of using a Bicep registry 261

Pros and cons of using a package manager 262

11 Using deployment stacks for grouping resources 263

11.1 Grouping resources by their lifetime 264

Complete deployment mode is not good enough 266

Deployment stacks to the rescue! 267

Creating a deployment stack 268

Updating a deployment stack 269

Removing a deployment stack 270

11.2 Provisioning resources for others, but disallowing updates 271

Azure Blueprints: A first solution 272

11.3 The future of deployment stacks 274

12 Governing your subscriptions using Azure Policy 275

12.1 Azure Policy 277

Policy definitions 278

Initiatives or policy sets 280

Assignment 280

12.2 Examining the built-in policies and initiatives 284

12.3 Using custom policies 287

Creating a custom policy 287

Testing a policy 290

12.4 Using the different effects 294

Append effect 294

Audit effect 295

AuditIfNotExists effect 297

DeployIfNotExists effect 298

Disabled effect 301

Modify effect 301

12.5 Creating your own initiative 304

12.6 Assigning a policy or initiative 305

12.7 Reviewing compliance status 308

Remediating noncompliant resources 310

Creating an exemption 311

13 Case studies 316

13.1 Building an Azure foundation 317

The management group layout 317

Assigning a policy initiative 319

Creating a management subscription 321

Creating workload subscriptions 322

13.2 Subscription level deployments 324

Configuring budgets 324

Configuring Microsoft Defender for Cloud 325

Creating resource groups and providing access 327

13.3 Creating a highly-available microservice architecture 327

Resources organized in resource groups 329

Networking with Bicep 332

Using the existing keyword to set access to a Key Vault 333

Index 337

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Parallel, Distributed, and Supercomputing
Computers
Computers - General & Miscellaneous
Parallel, Distributed, and Supercomputing

Customer Reviews