Local File System with Bicep
Follow these instructions to bootstrap a local file system folder ready to deploy your platform landing zone with Bicep.
Create a new folder on your local drive called
accelerator.Inside the accelerator create two folders called
configandoutput. You’ll store you input file inside config and the output folder will be the place that the accelerator stores files while it works.Inside the
configfolder create a new file calledinputs.yaml. You can usejsonif you prefer, but our examples here areyaml.# Windows New-Item -ItemType "file" c:\accelerator\config\inputs.yaml -Force New-Item -ItemType "directory" c:\accelerator\output # Linux/Mac New-Item -ItemType "file" /accelerator/config/inputs.yaml -Force New-Item -ItemType "directory" /accelerator/output📂accelerator ┣ 📂config ┃ ┗ 📜inputs.yaml ┗ 📂outputOpen your
inputs.yamlfile in Visual Studio Code (or your preferred editor) and copy the content from inputs-local.yaml into that file.Check through the file and update each input as required. It is mandatory to update items with placeholders surrounded by angle brackets
<>:The following inputs can also be supplied via environment variables. This may be useful for sensitive values you don’t wish to persist to a file. TheEnv Var Prefixdenotes the prefix the environment variable should have. The environment variable is formatting is<PREFIX>_<variable_name>, e.g.$env:ALZ_iac_type = "terraform"or$env:TF_VAR_github_personal_access_token = "*****...".Input Env Var Prefix Placeholder Description iac_typeALZbicepThis is the choice of biceporterraform. Keep this asbicepfor this example.bootstrap_module_nameALZalz_localThis is the choice of Version Control System. Keep this as alz_localfor this example.starter_module_nameALZcompleteThis is the choice of [Starter Modules][wiki_starter_modules], which is the baseline configuration you want for your Azure landing zone. Keep this as completefor this example.bootstrap_locationTF_VAR<region>Replace <region>with the Azure region where you would like to deploy the bootstrap resources in Azure. This field expects thenameof the region, such asuksouth. You can find a full list of names by runningaz account list-locations -o table.starter_locationsTF_VAR[<region-1>,<region-2>]Replace <region-1>and<region-2>with the Azure regions where you would like to deploy the starter module resources in Azure. This field expects thenameof the regions in and array, such as["uksouth", "ukwest"]. You can find a full list of names by runningaz account list-locations -o table.root_parent_management_group_idTF_VAR""This is the id of the management group that will be the parent of the management group structure created by the accelerator. If you are using the Tenant Root Groupmanagement group, you leave this as an empty string""or supply the tenant id.subscription_id_managementTF_VAR<management-subscription-id>Replace <management-subscription-id>with the id of the management subscription you created in the previous phase.subscription_id_identityTF_VAR<identity-subscription-id>Replace <identity-subscription-id>with the id of the identity subscription you created in the previous phase.subscription_id_connectivityTF_VAR<connectivity-subscription-id>Replace <connectivity-subscription-id>with the id of the connectivity subscription you created in the previous phase.target_directoryTF_VAR""This is the directory where the ALZ module code will be created. This defaults a directory called local-outputin the root of the accelerator output directory if not supplied.create_bootstrap_resources_in_azureTF_VARtrueThis determines whether the bootstrap will create the bootstrap resources in Azure. This defaults to true.bootstrap_subscription_idTF_VAR""Enter the id of the subscription in which you would like to deploy the bootstrap resources in Azure. If left blank, the subscription you are connected to via az loginwill be used. In most cases this is the management subscription, but you can specifiy a separate subscription if you prefer.service_nameTF_VARalzThis is used to build up the names of your Azure and Azure DevOps resources, for example rg-<service_name>-mgmt-uksouth-001. We recommend usingalzfor this.environment_nameTF_VARmgmtThis is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-<environment_name>-uksouth-001. We recommend usingmgmtfor this.postfix_numberTF_VAR1This is used to build up the names of your Azure and Azure DevOps resources, for example rg-alz-mgmt-uksouth-<postfix_number>. We recommend using1for this.grant_permissions_to_current_userTF_VARtrueThis determines whether the bootstrap will grant the current user permissions to the management group structure created by the accelerator. This defaults to trueso that the starter module can be immediately deployed from the local file system. Set this tofalseif you itend to wire up CI/CD with your own provider.Now head over to your chosen starter module documentation to get the specific inputs for that module. Come back here when you are done.
- [Bicep Complete Starter Module][wiki_starter_module_bicep_complete]
In your PowerShell Core (pwsh) terminal run the module:
# Windows (adjust the paths to match your setup) Deploy-Accelerator -inputs "c:\accelerator\config\inputs.yaml" -output "c:\accelerator\output" # Linux/Mac (adjust the paths to match your setup) Deploy-Accelerator -inputs "/accelerator/config/inputs.yaml" -output "/accelerator/output"You will see a Terraform
initandapplyhappen.There will be a pause after the
planphase you allow you to validate what is going to be deployed.If you are happy with the plan, then type
yesand hit enter.The Terraform will
applyand your environment will be bootstrapped.You will find the output in the
/accelerator/output/local-outputfolder if you didn’t specifiy a different location fortarget_directory.
Now head to Phase 3