Curriculum Overview: Infrastructure as Code (IaC) in Microsoft Azure
Describe infrastructure as code (IaC)
Curriculum Overview: Infrastructure as Code (IaC) in Microsoft Azure
This curriculum provides a comprehensive pathway to understanding how infrastructure is managed as a software engineering discipline. Moving away from manual portal configurations, learners will explore the automation, repeatability, and reliability offered by Infrastructure as Code (IaC) within the Azure ecosystem.
Prerequisites
Before diving into Infrastructure as Code, students should possess the following foundational knowledge:
- Basic Cloud Concepts: Understanding of IaaS, PaaS, and SaaS models.
- Azure Resource Hierarchy: Knowledge of Management Groups, Subscriptions, Resource Groups, and Resources.
- Command Line Familiarity: Basic comfort with terminal interfaces (Bash or PowerShell).
- JSON Basics: Understanding the structure of JavaScript Object Notation (keys, values, arrays) as it relates to ARM templates.
Module Breakdown
| Module | Title | Focus Area | Difficulty |
|---|---|---|---|
| 1 | Introduction to IaC | Manual vs. Automated deployments | Beginner |
| 2 | Azure Management Tools | CLI, PowerShell, and Cloud Shell | Intermediate |
| 3 | ARM Templates | Declarative syntax and JSON structure | Intermediate |
| 4 | Bicep & Advanced IaC | Modularization and simplified syntax | Advanced |
| 5 | Lifecycle & Governance | Version control and Azure Policy integration | Advanced |
Visual Overview of the IaC Workflow
Learning Objectives per Module
Module 1: Introduction to IaC
- Define the concept of Idempotency (ensuring consistent results regardless of the starting state).
- Compare manual "Click-Ops" in the Azure Portal against scripted deployments.
- Explain how IaC reduces human error and configuration drift.
Module 2: Azure Management Tools
- Differentiate between the Azure CLI (cross-platform) and Azure PowerShell.
- Utilize Azure Cloud Shell to manage resources directly from the browser.
- Identify use cases for command-line management vs. portal management.
Module 3: Azure Resource Manager (ARM) & Templates
- Describe the role of the Azure Resource Manager as the central management layer.
- Analyze the structure of an ARM template (parameters, variables, resources, outputs).
- Deploy a multi-resource environment using a single JSON file.
Module 4: The Evolution of IaC (Bicep)
- Understand why Bicep was created as a domain-specific language (DSL) to replace complex ARM JSON.
- Convert existing ARM templates into Bicep files.
- Apply modular design to reuse infrastructure code across different projects.
Success Metrics
To demonstrate mastery of this curriculum, the learner must be able to:
- Deploy a Virtual Network and associated subnets using only a template, with zero manual portal intervention.
- Maintain Version History: Successfully commit an infrastructure change to a Git repository and describe the roll-back process.
- Explain Resource Locking: Describe how resource locks interact with IaC deployments to prevent accidental deletion.
- Validate Templates: Use the
what-ifoperation to predict the outcome of a deployment before it is executed.
Real-World Application
In a professional environment, IaC is the backbone of modern DevOps. Its application ensures that environments are identical across the development lifecycle.
[!IMPORTANT] Without IaC, organizations suffer from "snowflake servers"—manually configured environments that are impossible to replicate exactly in a disaster recovery scenario.
Use Case: Rapid Disaster Recovery
- Standardization: Engineering teams can hand off code to Operations with the guarantee that the environment will look the same.
- Cost Management: Automated scripts can "tear down" development environments at the end of the day and "spin them up" in the morning, saving on cloud consumption costs.
- Auditability: Every change to the infrastructure is recorded in the version control history, providing a clear audit trail for compliance and security teams.