This repository contains Terraform configuration for deploying a scalable startup infrastructure on Azure.

• Azure Kubernetes Service (AKS): Managed Kubernetes cluster for container orchestration
• Azure Container Registry (ACR): Private container registry for storing Docker images
• Application Gateway + WAF: Secure ingress with Web Application Firewall
• Key Vault: Secure storage for secrets and certificates
• Azure SQL: Managed SQL database service

• modules/: Reusable Terraform modules
  • aks/: Azure Kubernetes Service configuration
  • acr/: Azure Container Registry configuration
  • app_gateway/: Application Gateway with WAF configuration
  • key_vault/: Azure Key Vault configuration
  • azure_sql/: Azure SQL Database configuration
• environments/: Environment-specific configurations
  • dev/: Development environment
  • stage/: Staging environment
  • prod/: Production environment
• scripts/: Utility scripts
• pipelines/: CI/CD pipeline configurations

• Azure subscription
• Azure CLI
• Terraform (version >= 1.0.0)
• Azure DevOps account (for CI/CD pipelines)

Before initializing Terraform, you need to set up Azure Storage for the remote state:

cd InfraMaster
./scripts/setup-remote-state.sh dev eastus

This will create a storage account and container for the Terraform state, and output the commands needed to initialize Terraform.

To deploy manually to an environment:

cd InfraMaster/environments/dev
terraform init \
  -backend-config="resource_group_name=inframaster-tfstate-rg" \
  -backend-config="storage_account_name=inframasterstatdev" \
  -backend-config="container_name=tfstate" \
  -backend-config="key=inframaster-dev.tfstate"

# Plan the changes
terraform plan

# Apply the changes
terraform apply

The repository includes an Azure DevOps pipeline configuration in pipelines/azure-pipelines.yml that:

1. Validates the Terraform configuration
2. Creates a plan
3. Waits for approval
4. Applies the changes

To use this pipeline:

1. Import the repository into Azure DevOps
2. Create a service connection named Azure-Service-Connection with sufficient permissions
3. Create environments in Azure DevOps named dev, stage, and prod with appropriate approvals
4. Create a new pipeline using the existing azure-pipelines.yml file

To deploy this infrastructure, you'll need:

1. Azure subscription ID
2. Azure tenant ID
3. Service principal client ID and secret with Contributor access to your subscription

For local development, configure these credentials using Azure CLI:

az login
az account set --subscription <your-subscription-id>

For CI/CD pipelines, provide these credentials via the Azure DevOps service connection.

• All sensitive information is stored in Key Vault
• Network security is enforced through NSGs and Application Gateway WAF
• AKS is integrated with Azure AD for RBAC
• Secrets are referenced from Key Vault rather than being stored in Terraform code

To access the complete folder (including all Terraform files and app content), download the latest release here.

⚠️ Note: Some files are large and cannot be uploaded via Git directly, so they are available in the release ZIP.