I have reader access in Azure, and I need some guidance on how to determine which resources are managed by Terraform or Bicep. Any tips or strategies for tracking these deployments would be appreciated!
5 Answers
Tagging is the way to go, but don't overlook resource locks—they're super helpful too. You can include them in your Terraform deployments to ensure resources aren't modified or deleted without going through Terraform. Plus, setting up an Azure policy to enforce rules based on tags can take your tracking to the next level!
We also have our resources tagged with the name of the Azure DevOps repo. Trust me, it saves a lot of headache when you need to unravel what’s been deployed—activity logs can be tricky without that context!
Absolutely, tagging is key. By adding specific tags to your deployments, you can easily track them. I recommend defining a set of global tags and referencing them across your Bicep and Terraform manifests. It'll simplify management across your resources.
You're right, tagging is crucial. If your resources aren't tagged, you'll have to sift through activity logs to find what's been deployed. This can be a real pain—definitely make the tagging a priority from the start!
True that! And if you can't tag them, those logs can be a nightmare. Better to get organized early!
Tagging resources is a solid approach! If you implement tagging during your CI/CD process, it'll give you a good way to identify which resources you need to check. Lots of teams find it helps streamline tracking efforts.
That’s a great tip! Having a consistent tagging strategy makes a world of difference.