Microsoft Azure exposes a powerful API for creating and managing its Infrastructure as a Service platform. Using Puppet code, the azure arm (Azure Resource Manager) module enables you to interact with that API to create and destroy virtual machines, and to manage other resources.
The azure arm module is generated from the Microsoft Azure REST API specifications. For additional information, see the Azure documentation.
Classic (ASM) Azure is not supported.
Note: This module and the puppetlabs-azure module are mutually exclusive and should not be installed on the same machine. To avoid potential errors during a puppet run, install each module on separate machines.
To use this module, you need an Azure account. If you already have one, you can skip this section.
-
Sign up for an Azure account.
-
To generate a certificate for the Puppet module, install the Azure CLI which is a cross-platform node.js-based tool that works on Windows and Linux.
-
To authenticate with the Azure CLI, run the following command to receive the authentication code:
az login
-
Visit https://microsoft.com/devicelogin and enter the authentication code.
-
To get a subscription ID, run the
az account listcommand:$ az account list
[ { "cloudName": "AzureCloud", "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "isDefault": true, "name": "xxxx", "state": "Enabled", "tenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "user": { "name": "[email protected]", "type": "user" } } ] ```
To use the Resource Manager API instead, you need a service principal on the Active Directory. For more information, see the Azure documentation.
Set the following environment variables specific to your Azure installation (note the casing here).
export azure_subscription_id='your-subscription-id'
export azure_tenant_id='your-tenant-id'
export azure_client_id='your-client-id'
export azure_client_secret='your-client-secret'To install the azure arm module, run the following command:
puppet module install puppetlabs-azure_armThe azure arm module is compliant with the Puppet Development Kit (PDK), which provides the tool to help validate the modules's metadata, syntax, and style. When you run validations, the PDK output tells you which validations are running and notifies you of any errors, or warnings, it finds for each type of validation; syntax, code style, and metadata.
To run all validations against this module, run the following commands:
pdk validate ruby
pdk validate metadata
To change validation behavior, add options flags to the command. For a complete list of command options and usage information, see the PDK command reference.
To create or remove resources in your manifests, set the ensure parameter to present or absent. The stopped and running states are managed using the Microsoft Azure Portal. This functionality is available in the next Puppet Azure ARM release.
The examples directory contains the following usage examples:
- create_vm.pp to create 2 virtual machines.
- delete_vm.pp to delete the virtual machines.
- create_virtual_machine_extension.pp to create a virtual machine extension.
- create_aks.pp for creating the Azure Kubernetes Service (AKS).
- delete_aks.pp for deleting the Azure Kubernetes Service (AKS).
- create_resource_level_deployment.pp to deploy resources to a resource group in your Azure subscription.
- delete_resource_level_deployment.pp to delete a resource level deployment in your Azure subscription.
- task_example.sh contains a number of sample tasks, each using Puppet Bolt:
- list the available Azure operations.
- list virtual machines by location.
- create Azure storage accounts.
- create or delete resource level deployments.
Following the create_vm.pp example, use the puppet resource command on existing resources to determine which values to populate in custom manifests.
For example:
puppet resource azure_application_gatewayHere is a list of the types and providers with links to detailed descriptions for each one:
- azure_data_lake_store_account
- azure_firewall_rule
- azure_trusted_id_provider
- azure_virtual_network_rule
appservicecertificateorders.json
authorization-roleassignmentscalls.json
authorization-roledefinitionscalls.json
- azure_availability_set
- azure_dedicated_host
- azure_dedicated_host_group
- azure_image
- azure_proximity_placement_group
- azure_virtual_machine
- azure_virtual_machine_extension
- azure_virtual_machine_scale_set
- azure_virtual_machine_scale_set_extension
- azure_virtual_machine_scale_set_vm
- azure_cassandra_keyspace
- azure_cassandra_table
- azure_database_account
- azure_gremlin_database
- azure_gremlin_graph
- azure_mongo_db_collection
- azure_mongo_db_database
- azure_sql_container
- azure_sql_database
- azure_table
- azure_connector_mapping_resource_format
- azure_connector_resource_format
- azure_hub
- azure_kpi_resource_format
- azure_link_resource_format
- azure_prediction_resource_format
- azure_profile_resource_format
- azure_relationship_link_resource_format
- azure_relationship_resource_format
- azure_role_assignment_resource_format
- azure_view_resource_format
- azure_dataset_resource
- azure_factory
- azure_integration_runtime_resource
- azure_linked_service_resource
- azure_pipeline_resource
- azure_trigger_resource
disasterrecoveryconfigurations.json
- azure_bandwidth_schedule
- azure_data_box_edge_device
- azure_order
- azure_role
- azure_share
- azure_storage_account_credential
- azure_trigger
- azure_user
- azure_arm_disaster_recovery
- azure_authorization_rule
- azure_consumer_group
- azure_eh_namespace
- azure_eventhub
- azure_express_route_circuit
- azure_express_route_circuit_authorization
- azure_express_route_circuit_connection
- azure_express_route_circuit_peering
expressroutecrossconnection.json
- azure_backend_pool
- azure_front_door
- azure_frontend_endpoint
- azure_health_probe_settings_model
- azure_load_balancing_settings_model
- azure_routing_rule
- azure_gallery
- azure_gallery_application
- azure_gallery_application_version
- azure_gallery_image
- azure_gallery_image_version
- azure_assembly_definition
- azure_batch_configuration
- azure_integration_account
- azure_integration_account_agreement
- azure_integration_account_certificate
- azure_integration_account_map
- azure_integration_account_partner
- azure_integration_account_rosetta_net_process_configuration
- azure_integration_account_schema
- azure_integration_account_session
- azure_workflow
logicappsmanagementclient.json
- azure_environment
- azure_environment_setting
- azure_gallery_image
- azure_lab
- azure_lab_account
- azure_user
- azure_namespace_resource
- azure_notification_hub_resource
- azure_shared_access_authorization_rule_resource
- azure_redis_firewall_rule
- azure_redis_linked_server_with_properties
- azure_redis_patch_schedule
- azure_redis_resource
serverazureadadministrators.json
- azure_fabric
- azure_migration_item
- azure_network_mapping
- azure_policy
- azure_protection_container_mapping
- azure_recovery_plan
- azure_recovery_services_provider
- azure_replication_protected_item
- azure_storage_classification_mapping
- azure_v_center
- azure_certificate
- azure_certificate_order
- azure_certificate_order_certificate
- azure_csr
- azure_deployment
- azure_domain
- azure_host_name_binding
- azure_hosting_environment
- azure_relay_service_connection_entity
- azure_server_farm_with_rich_sku
- azure_site
- azure_site_source_control
- azure_vnet_info
- azure_vnet_route
- azure_arm_disaster_recovery
- azure_migration_config_properties
- azure_rule
- azure_sb_authorization_rule
- azure_sb_namespace
- azure_sb_queue
- azure_sb_subscription
- azure_sb_topic
smartdetectoralertrulesapi.json
- azure_cloud_endpoint
- azure_registered_server
- azure_server_endpoint
- azure_storage_sync_service
- azure_sync_group
- azure_access_control_record
- azure_backup_policy
- azure_backup_schedule
- azure_bandwidth_setting
- azure_manager
- azure_manager_extended_info
- azure_storage_account_credential
- azure_volume
- azure_volume_container
streamingpoliciesandstreaminglocators.json
- azure_access_policy_resource
- azure_environment_resource
- azure_event_source_resource
- azure_reference_data_set_resource
- azure_p2_s_vpn_gateway
- azure_p2_s_vpn_server_configuration
- azure_virtual_hub
- azure_virtual_wan
- azure_vpn_connection
- azure_vpn_gateway
- azure_vpn_site