PSRule.Rules.Azure icon indicating copy to clipboard operation
PSRule.Rules.Azure copied to clipboard

Published 20 hours ago verified publisher icon Azure

Support for Terraform

Open BernieWhite opened this issue 3 years ago • 7 comments

This is tracking for adding support for Terraform HCL to PSRule originally discussed here Microsoft/PSRule#907 by @jbla9028.

Is your feature request related to a problem? Please describe. It appears that psrule can review a ARM or bicep template from the documentation. It seems like the only open to review terraform is to review the resources after the terraform code has applied the infrastructure. Can we get native terraform support?

Passing a target folder, along with variables, can psrule review a user's terraform code for compliance?

Describe the solution you'd like

Describe alternatives you've considered There are other solutions that will do this but psRule's syntax seems very easy to use, it would be great to leverage it with terraform.

Additional context

Continue reading the FAQ for details on in-flight support for Terraform.

If this issue is important to you please upvote the issue. We plan to investigate this issue to determine if this is something that should be integrated into PSRule for Azure.

Updated: 2023-08-26

Some questions to add to the research effort:

  • What do your current CI pipelines look like now?
  • Do you generate a plan in your terraform pipelines for deployment?
  • Do you use the azurerm or azapi providers?

BernieWhite avatar Jan 11 '22 09:01 BernieWhite

Having PSRules support for terraform scripts hosted on a repository will be extremely useful to check for rules validation even before we create actual resources on Azure.

vishalgoyal16444 avatar Mar 02 '22 05:03 vishalgoyal16444

Terraform being used widely for Azure as well, support for validating is very useful.

vannela avatar Apr 22 '22 04:04 vannela

I think we should focus on the Azure tooling first. There are still multiple problems with bicep and ARM syntax. First party tooling should be the focus and priority by now and maybe after Bicep 1.0, we can focus on third-party tools like Ansible, Pulumi or Terraform.

itpropro avatar Jun 22 '22 18:06 itpropro

Terraform really useful since often used in SAP on Azure implementations...

trstroem avatar Sep 23 '22 14:09 trstroem

Being able to test against Azure Policy would help eliminate a lot of Terraform headaches and errors. I bypass ARM entirely by using Terraform and avoid ARM wherever possible - TF is simply easier to use. We use azurerm exclusively.

MohnJadden avatar Oct 16 '23 13:10 MohnJadden

Being able to test against Azure Policy would help eliminate a lot of Terraform headaches and errors. I bypass ARM entirely by using Terraform and avoid ARM wherever possible - TF is simply easier to use. We use azurerm exclusively.

You are still using ARM REST APIs in the background, if you are using Terraform, just no ARM templates. If you don't like ARM template syntax, you can always use Bicep for simpler usage and much clearer syntax.

itpropro avatar Nov 06 '23 19:11 itpropro