I often get asked by colleagues about the fastest way to deploy a set of core networking components into Azure, especially when these components need to connect to a hub network. For those who have attempted this, deploying components such as:
- Virtual Networks (VNet)
- Subnets
- IP Groups
- Route Tables
- UDRs
- NSGs
- Route Table assignments
- NSG assignments
…through the Azure portal can be a tedious and time-consuming process, particularly when multiple VNets and subnets are involved. Although different organizations have varying networking designs, I prefer to route all traffic between subnets within a VNet to a hub firewall. This approach enhances security and visibility but also requires more complex routing configurations due to the need for additional routing tables.
In this blog post, I’d like to share some Terraform modules I’ve used in the past. These modules simplify the deployment and configuration of the aforementioned components. While most enterprise organizations likely have repositories that cover more extensive configurations, I hope this information will be helpful for anyone looking to deploy a spoke network for a separate solution and seeking a quick, declarative way to create these resources.
The following is a sample topology representing the Terraform modules and dev.tfvars that can be used for deployment:
The following is a snippet of a spreadsheet outlining the address space and subnets:
The Terraform code can be found here at my repo: https://github.com/terenceluk/terraform-VNet-Subnet-Route-Table-UDR-NSG-Network-Setup
Simply update the provider.tf and dev.tfvars file with the required configuration and run terraform apply -var-file=”dev.tfvars” (optional -auto-approve) to deploy.
