This project provisions a simple 3-tier architecture in Azure using Terraform. It includes a virtual network, subnets, NSGs, and a web VM with NGINX.
- Azure CLI
- Terraform CLI
- Azure Subscription
git clone https://github.com/atulkamble/Azure-Terraform-Project
cd Azure-Terraform-ProjectHereβs a complete Azure Terraform project with code and documentation, ideal for deploying a basic 3-tier architecture (web, app, and database) using Azure Virtual Network, Virtual Machines, and Network Security Groups. This project can serve as a solid starting point for real-world scenarios.
βββ LICENSE
βββ README.md
βββ commands.md
βββ main.tf
βββ outputs.tf
βββ scripts
βΒ Β βββ install_nginx.sh
βββ terraform.tfstate
βββ terraform.tfstate.backup
βββ terraform.tfvars
βββ variables.tf
- Resource Group
- Virtual Network with Subnets (Web, App, DB)
- Network Security Groups (NSGs)
- Public IP for Web Tier
- Virtual Machines in each tier
- NGINX installed on Web VMs (via provisioner)
- Output of public IP of Web VMs
provider "azurerm" {
features {}
subscription_id = "cc57cd42-dede-4674-b810-a0fbde41504a"
}
resource "azurerm_resource_group" "rg" {
name = var.resource_group_name
location = var.location
}
resource "azurerm_virtual_network" "vnet" {
name = "vnet-main"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
}
resource "azurerm_subnet" "web" {
name = "web-subnet"
resource_group_name = azurerm_resource_group.rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_public_ip" "web_pip" {
name = "web-pip"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_network_interface" "web_nic" {
name = "web-nic"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
ip_configuration {
name = "web-ip-config"
subnet_id = azurerm_subnet.web.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.web_pip.id
}
}
resource "azurerm_network_security_group" "web_nsg" {
name = "web-nsg"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule {
name = "AllowHTTP"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "80"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "AllowSSH"
priority = 110
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
resource "azurerm_network_interface_security_group_association" "web_nic_nsg" {
network_interface_id = azurerm_network_interface.web_nic.id
network_security_group_id = azurerm_network_security_group.web_nsg.id
}
resource "azurerm_linux_virtual_machine" "web_vm" {
name = "web-vm"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
size = "Standard_B1s"
admin_username = var.admin_username
admin_password = var.admin_password # Using a password for authentication
network_interface_ids = [azurerm_network_interface.web_nic.id]
disable_password_authentication = false # Enable password authentication
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update -y",
"sudo apt-get install -y nginx",
"echo '<h1>Provisioned by Terraform (Atul)</h1>' | sudo tee /var/www/html/index.html"
]
connection {
type = "ssh"
user = var.admin_username
password = var.admin_password
host = azurerm_public_ip.web_pip.ip_address
}
}
}
variable "resource_group_name" {
description = "The name of the resource group"
type = string
}
variable "location" {
description = "The Azure region where resources will be deployed"
type = string
default = "East US" # Change this if needed
}
variable "admin_username" {
description = "Admin username for the VM"
type = string
default = "azureuser"
}
variable "admin_password" {
description = "Admin password for the VM"
type = string
sensitive = true
}
resource_group_name = "my-resource-group"
location = "East US"
admin_username = "azureuser"
admin_password = "SecurePassw0rd!"output "web_vm_public_ip" {
value = azurerm_public_ip.web_pip.ip_address
}# Azure 3-Tier Infrastructure using Terraform
## π‘ Description
This project provisions a simple 3-tier architecture in Azure using Terraform. It includes a virtual network, subnets, NSGs, and a web VM with NGINX.
## β
Prerequisites
- Azure CLI
- Terraform CLI
- Azure Subscription
## π How to Use
### 1. Clone the repo
```bash
git clone https://github.com/atulkamble/Azure-Terraform-Project
cd Azure-Terraform-Projectaz loginterraform initterraform plan
terraform applyOnce applied, get the public IP from the output and open in browser:
terraform output web_vm_public_ipmain.tf: Infrastructure codevariables.tf: Input variablesoutputs.tf: Output valuesterraform.tfvars: Sensitive valuesscripts/install_nginx.sh: Script to install NGINX
Ensure passwords and sensitive info are stored securely (consider using Azure Key Vault).
- Add App and DB Tier
- Add Load Balancer
- Use Key Vault for secrets
- Add autoscaling and monitoring
---
## Want to Expand It?
Let me know if you want to:
- Add Azure Load Balancer or Application Gateway
- Use Azure Database for MySQL/PostgreSQL instead of VM
- Deploy multi-VM scale sets with autoscaling
- Integrate with Azure DevOps Pipelines
Would you like me to zip and share the whole project for download or create a GitHub repo link format for copy-paste?