This requires an Azure tenant, the azure cli, and the bicep tool.
It is all best run directly from the devcontainer included with this project as it already has the bicep and pwsh commands and a decent shell environment to work from.
If you still want to use this locally you can setup the azure cli via ./configure.sh and it will automatically install the bicep extension binary to ./.local/bin/bicep.
Build an ARM template from the local aks.bicep file and drop it into the local ./dist folder:
bicep build aks.bicep --outdir dist
The output json can be reviewed manually. You can also run a bicep deployment directly from the cli or powershell using a what-if mode that will show which changes will be made.
NOTE You will need to create a target resource group and local ssh key pair for this next part. Nothing will be deployed into your tenant other than the resource group and ssh key.
az group create --name "bicep-aks-demo" --location "eastus2"
pubkey=$(az sshkey create --name "mySSHKey" --resource-group "bicep-aks-demo" | jq '.publicKey' -r)
# review changes via what-if
az deployment group create --resource-group "bicep-aks-demo" --template-file aks.bicep --parameters dnsPrefix='' linuxAdminUsername=someadmin sshRSAPublicKey="${pubkey}" --what-if
# Powershell alternative
pwsh
Install-Module Az.Resources -Force
Import-Module Az.Resources
Connect-AzAccount -UseDeviceAuthentication
New-AzResourceGroupDeployment -ResourceGroupName "bicep-aks-demo" -TemplateFile ./dist/aks.json --what-ifClean things up (remove the resource group)
az group delete --name "bicep-aks-demo"Here is a short table of differences between the technologies.
| Task | Bicep | Terraform |
|---|---|---|
| Define a resource | resource storageAccount 'Microsoft.Storage/storageAccounts@2020-08-01' = { ... } |
resource "azurerm_storage_account" "example" { ... } |
| Set resource properties | name: 'my-storage-account' |
name = "my-storage-account" |
| Reference a resource | resourceGroup().resources|where(name == 'my-storage-account') |
azurerm_storage_account.example.id |
| Output a resource value | output storageAccountKey string = storageAccount.listKeys().key1 |
output "storage_account_key" { value = azurerm_storage_account.example.primary_access_key } |
| Module declaration | module myModule 'my-module.bicep' = { ... } |
module "my_module" { source = file("./my-module.tf") } |
| Parameter declaration | param storageAccountName string |
variable "storage_account_name" { type = string } |
| Deployment | az deployment group create --name my-deployment --resource-group my-resource-group --template-file main.bicep |
terraform apply -var "storage_account_name=my-storage-account" |
| Data Source | resource stg 'Microsoft.Storage/storageAccounts@2023-04-01' existing = {} |
data "aws_ami" "example" { } |