github.com/adrian-bl/terraform@v0.7.0-rc2.0.20160705220747-de0a34fc3517/website/source/docs/providers/azurerm/index.html.markdown (about)

     1  ---
     2  layout: "azurerm"
     3  page_title: "Provider: Azure Resource Manager"
     4  sidebar_current: "docs-azurerm-index"
     5  description: |-
     6    The Azure Resource Manager provider is used to interact with the many resources supported by Azure, via the ARM API. This supercedes the Azure provider, which interacts with Azure using the Service Management API. The provider needs to be configured with a credentials file, or credentials needed to generate OAuth tokens for the ARM API.
     7  ---
     8  
     9  # Azure Resource Manager Provider
    10  
    11  The Azure Resource Manager provider is used to interact with the many resources
    12  supported by Azure, via the ARM API. This supercedes the Azure provider, which
    13  interacts with Azure using the Service Management API. The provider needs to be
    14  configured with the credentials needed to generate OAuth tokens for the ARM API.
    15  
    16  Use the navigation to the left to read about the available resources.
    17  
    18  ## Example Usage
    19  
    20  ```
    21  # Configure the Azure Resource Manager Provider
    22  provider "azurerm" {
    23    subscription_id = "..."
    24    client_id       = "..."
    25    client_secret   = "..."
    26    tenant_id       = "..."
    27  }
    28  
    29  # Create a resource group
    30  resource "azurerm_resource_group" "production" {
    31      name     = "production"
    32      location = "West US"
    33  }
    34  
    35  # Create a virtual network in the web_servers resource group
    36  resource "azurerm_virtual_network" "network" {
    37    name                = "productionNetwork"
    38    address_space       = ["10.0.0.0/16"]
    39    location            = "West US"
    40    resource_group_name = "${azurerm_resource_group.production.name}"
    41  
    42    subnet {
    43      name           = "subnet1"
    44      address_prefix = "10.0.1.0/24"
    45    }
    46  
    47    subnet {
    48      name           = "subnet2"
    49      address_prefix = "10.0.2.0/24"
    50    }
    51  
    52    subnet {
    53      name           = "subnet3"
    54      address_prefix = "10.0.3.0/24"
    55    }
    56  }
    57  
    58  ```
    59  
    60  ## Argument Reference
    61  
    62  The following arguments are supported:
    63  
    64  * `subscription_id` - (Optional) The subscription ID to use. It can also
    65    be sourced from the `ARM_SUBSCRIPTION_ID` environment variable.
    66  
    67  * `client_id` - (Optional) The client ID to use. It can also be sourced from
    68    the `ARM_CLIENT_ID` environment variable.
    69  
    70  * `client_secret` - (Optional) The client secret to use. It can also be sourced from
    71    the `ARM_CLIENT_SECRET` environment variable.
    72  
    73  * `tenant_id` - (Optional) The tenant ID to use. It can also be sourced from the
    74    `ARM_TENANT_ID` environment variable.
    75  
    76  ## Creating Credentials
    77  
    78  Azure requires that an application is added to Azure Active Directory to generate the `client_id`, `client_secret`, and `tenant_id` needed by Terraform (`subscription_id` can be recovered from your Azure account details).
    79  
    80  Using the 'Classic' Portal:
    81  
    82  - Select **Active Directory** from the left pane and select the directory you wish to use
    83  - Select **Applications** from the options at the top of the page
    84  - Select **Add** from the bottom of the page. Choose **Add an application my organization is developing**
    85  - Add a friendly name for the application e.g. **Terraform**. Leave **Web Application And/Or Web API** selected and click the arrow for the next page
    86  - Add two valid URIs. These aren't used an can be anything e.g. http://terra.form. Click the arrow to complete the wizard
    87  - You should now be on the page for the application. Click on **Configure** at the top of the page. Scroll down to the middle of the page where you will see the value for `client_id`
    88  - In the **Keys** section of the page, select a suitable duration and click **Save** at the bottom of the page. This will then display the value for `client_secret`. This will disappear once you move off the page
    89  - Click **View Endpoints** at the bottom of the page. This will display a list of URIs. Extract the GUID from the bottom URI for **OAUTH 2.0 AUTHORIZATION ENDPOINT**. This is the `tenant_id`
    90  
    91  To enable the application for use with Azure RM, you now need to switch to the 'New' Portal:
    92  
    93  - Select **Subscriptions** from the left panel. Select the subscription that you want to use. In the Subscription details pane, click **All Settings** and then **Users**
    94  - Click **Add** and then select an appropriate role for the tasks you want to complete with Terraform. You can find details on the built in roles [here](https://azure.microsoft.com/en-gb/documentation/articles/role-based-access-built-in-roles/)
    95  - Type in the name of the application added in the 'Classic' Portal. You need to type this as it won't be shown in the user list. Click on the appropriate user in the list and then click **Select**
    96  - Click **OK** in the **Add Access** panel. The changes will now be saved   
    97  
    98  Microsoft have a more complete guide in the Azure documentation: [Create Active Directory application and service principle](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/)
    99  
   100  ## Testing
   101  
   102  Credentials must be provided via the `ARM_SUBSCRIPTION_ID`, `ARM_CLIENT_ID`,
   103  `ARM_CLIENT_SECRET` and `ARM_TENANT_ID` environment variables in order to run
   104  acceptance tests.