Setting Up The Terraform Agent
How to set up a Terraform Cloud Agent on a private Azure infrastructure.
With a private Azure infrastructure, locked behind a firewall, I had no way of setting up Key Vaults and Storage Accounts. The Control and Data Planes that manage this access are subsequently locked down as private.
I needed to set up a Terraform Cloud Agent on my internal network to allow HCP access to perform runs and set up resources.
NOTE: The Agent and Container were set up once I had the Operations virtual network set up (see later) but I have added this here as it makes sense to include it as part of the Terraform set up.
Create Agent Pool
Click on Create Agent Pool in HCP.
Give it a name.
Give the token a meaningful description and click Create Token.
Copy the token information and store it in a secure password or key vault.
Create Azure Infrastructure & Container
Set up a virtual network or subnet to host your internal Container (where the Cloud Agent will be installed). Amend the firewall to allow all traffic from the virtual network container subnet to exit.
I chose to host my agent on a container instance on an internal virtual network.
Configured as follows:
Once set up, check the status of the container.
Then check the status in HCP. It should be populated with an external IP address.
Test Agent
Go to the Workspace in HCP and change it to use the Agent Pool. Run the Workspace to ensure it can pick up and use the Agent.
Mongo Whitelist
One more step I needed to do was whitelist the IP address of the Agent in Mongo, so it would allow the Agent to make the changes required to the Mongo infrastructure I was setting up.
The account can be found here under the Organisation
To edit, click on the three dots and Edit Permissions.
The Terraform Agent IP might change, so that would need to be added here.
Useful Links
https://developer.hashicorp.com/terraform/cloud-docs/agents/agents
https://developer.hashicorp.com/terraform/tutorials/cloud/cloud-agents
https://developer.hashicorp.com/terraform/cloud-docs/agents/agents