This was exactly what I needed before my kick-off meeting tomorrow. Just at the right time, thank you! Edit: I was about to yolo this into production :( Can you perhaps make a video about how to upgrade safely? Would be awesome! :)
Ugh the whole not allowing a subscription_id argument in azure_rm for resources has been a pain. All the different Microsoft defenders are enabled at the subscription level only. So if I want to enable Azure Defender for servers for example on 100 subscriptions with Terraform I'd have to make 100 sub provider blocks 😐. Ended up using Powershell instead mixed in with some Azure policy.
Right now AzAPI is all you can do. But I think if we make the subscription ID as optional attribute to every resource it would make your life easier. We wouldn't have a provider block scoped to a subscription any longer! It would be like the GCP provider where you could just add the target subscription ID to any resource you provision.
@@azure-terraformer Yeah, been swamped with near complete rewrite stack modules of my environments ...thanks to all I've learned here (and there too), then summer holidays kicked in, time off, and I'm back :D
Random question thats been bugging me, is it ok to setup a module resource wrapper just for the simple purpose of reducing duplicate code when creating 3 env's? prd, uat, dev, etc..
Thank you! Great advice on pinning the current version to 3.x, and treat 4.x as migration - so cannot rush for it.
Definitely! No need to rush!!! 😁
This was exactly what I needed before my kick-off meeting tomorrow. Just at the right time, thank you!
Edit: I was about to yolo this into production :( Can you perhaps make a video about how to upgrade safely? Would be awesome! :)
🤣😭🫣 Don't Yolo! 🙏❤️🤓
I'll see what I can do. For starters, pin your 3.x version ASAP!
Ugh the whole not allowing a subscription_id argument in azure_rm for resources has been a pain. All the different Microsoft defenders are enabled at the subscription level only. So if I want to enable Azure Defender for servers for example on 100 subscriptions with Terraform I'd have to make 100 sub provider blocks 😐. Ended up using Powershell instead mixed in with some Azure policy.
Right now AzAPI is all you can do. But I think if we make the subscription ID as optional attribute to every resource it would make your life easier. We wouldn't have a provider block scoped to a subscription any longer! It would be like the GCP provider where you could just add the target subscription ID to any resource you provision.
Thank you!
You're welcome! Long time no see @mloskot!!! 😁
@@azure-terraformer Yeah, been swamped with near complete rewrite stack modules of my environments ...thanks to all I've learned here (and there too), then summer holidays kicked in, time off, and I'm back :D
With advanced LandingZone deployments (especially large scale AVD), we need to be able to target multiple subscriptions.
Optional subscription FTW!!!!
Random question thats been bugging me, is it ok to setup a module resource wrapper just for the simple purpose of reducing duplicate code when creating 3 env's? prd, uat, dev, etc..
I agree that the subscription id should be optional.