How to use Terraform to configure Azure Virtual Desktop

What is Terraform and why should you use it?

Terraform is a product of HashiCorp and has become popular in the infrastructure-as-code market. With Terraform, you can define, preview and deploy your cloud infrastructure as code. Terraform can ease the deployment process of your workloads by saving you from manually clicking through Azure. It automates the deployment in a way that can save a good bit of time.

A question you might ask is why to use Terraform and not, for example, just use PowerShell. Well, there is a big difference with just a scripting language. Yes, you can get the same result with a PowerShell script but Terraform makes deploying your infrastructure much easier. It doesn't require a lot of scripting knowledge. You define which resources you need and then Terraform will ask you for the bare minimum input to create those resources. These inputs are then saved in a variables file. This means that if you need to re-create your environment -- for example, to build a test environment -- you only need to make a copy of your variables file and change some variables such as name.

Yes, you can get the same result with a PowerShell script but Terraform makes deploying your infrastructure much easier.

Another task that Terraform does well is check that everything is correct before finalizing the deployment via the plan command. It will look at your variables and your configuration, and review your overall plan to determine if it will create the desired environment.

The last big advantage of using Terraform is using it over multiple clouds and infrastructure environments. With Terraform, you can deploy your workload as easily on Microsoft Azure as on Amazon AWS or on premises on vSphere. You don't need to learn new command lines -- you just need to know what the Terraform resources are called. This makes Terraform way more powerful, easy to use and predictable than just creating a PowerShell script.

Microsoft fully supports Terraform. You can access the Terraform command line directly from the cloud shell. This means you don't need anything except an Azure subscription to start using Terraform with Azure.

The power of Terraform with AVD

Microsoft offers a guide that explains how you can create a full AVD environment in seconds from the code. Suppose you also automate the creation of your AVD image with, for example, Packer. In that case, you can then use Terraform to create your environment from scratch to a complete production environment without the need to click anywhere in Azure, including host virtual machines with your image.

A great advantage of doing this is that if a worst-case scenario happens -- for example, someone deletes your environment -- you can get back up in no time. You have defined the end state of your AVD environment within Terraform, and you can get back to that state quickly if needed. This makes Azure migrations much easier and faster. Of course, you still need to consider the data that users need within your AVD environment. This might still require a separate data migration.

With your variables file for AVD, you can also easily create a full develop, test, accept and produce (OTAP) environment by just redeploying your AVD environment with other variables, which is a huge plus and can provide cost savings. You can delete your OTAP environment in the cloud when it's unnecessary, and you don't need to pay for the cost of keeping it in the cloud. When you need it, just run your Terraform script, and you have your environment. This is using the power of the cloud together with infrastructure as code to easily save money.

Combining Terraform with other tools

Terraform shines when used in tandem with other tools such as GitHub, Azure DevOps and Ansible. Of course, you can use Terraform standalone, but combining these tools will lead to a more stable and predictable environment.

GitHub

Since Terraform is based on code, it's super handy to save this code into a Git repository like GitHub. With the power of Git, you can see who edits your Terraform HCL files, including the configuration and variables. You can make different versions of the files -- or branches -- and test the deployments. And revert changes made in the files easily. Combining GitHub and Terraform is almost a no-brainer.

Did you also know that you can deploy new GitHub repositories with Terraform? So, you can also use it the other way around, making the match perfect. And, of course, the Terraform release is also on the HashiCorp GitHub page.

Azure DevOps

Azure DevOps is an all-inclusive automation platform built on DevOps principles. Azure DevOps lets you use boards to track user stories and changes for your environment. You can link these boards to artifacts in repos and pipelines. These artifacts can be Terraform HCL files that are saved in the repos, which automatically have Git support.

The Azure DevOps pipelines use Terraform commands to deploy infrastructure. You can think of Azure DevOps as adding Git, change administration and the ability to combine Terraform with other tools like PowerShell all in one system. This makes Azure DevOps a powerful and complete system for any cloud deployment.

Ansible

Ansible is also a powerful automation tool you can combine with Terraform. It allows you to combine Terraform with other command-line tools like Packer, etc. One of the great things about Ansible is that it's open source, and you can use it without costs, just like Terraform.

Of course, both Ansible and Terraform have paid plans to use their tools. Terraform is a great tool to create infrastructure quickly in the cloud. But Ansible allows you to, for example, deploy applications on that infrastructure and maintain governance to check if your deployment is functioning correctly. You don't always want to completely rebuild your entire platform when there is just one change, and with Ansible, you can just automate that change on your entire platform. It also comes with monitoring and the ability to log tickets or solve problems.