Project Bicep vs Terraform Thorsten Hans @ThorstenHans Consultant

Cloud-Native Consultant @ Thinktecture #Azure #Kubernetes #Cloud-Native #Infrastructure-as-Code [email protected] thinktecture.com thorsten-hans.com @ThorstenHans Thorsten Hans

Project Bicep vs Terraform • Introduction • Comparing Bicep and Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

Introduction • Management of Infrastructure (services, servers, virtual networks,…) using source code • Address the problem of configuration drift • Infrastructure becomes reproducible and version controlled • Dev(Ops) teams can collaborate on infrastructural changes usign established / familiar tools like GitHub or Azure DevOps Infrastructure as Code

Introduction • Individual devs can spin up production-like environments in no time • Infrastructure knowledge will be shared across Dev(Ops) teams • Organizations can automate infrastructure provisioning • Dev(Ops) teams can rollback in the case of misconfiguration Infrastructure as Code P

Introduction • Infrastructure as Code toolset • Cloud-vendor agnostic (single language to manage Azure, AWS, GCP, Hetzner Cloud, …) • Open-source (additional paid offerings available, but not mandatory) • Fullfledged Infrastructure as Code lifecycle Terraform in a nutshell Write Plan Validate Apply Consume

Introduction • Domain Specific Language (DSL) for deploying Azure resources • Built for Azure – However, extension points are baked in for future integrations • Open-Source • Bicep compiles down to Azure Resource Manager (ARM) templates Project Bicep in a nutshell Write Plan with az Validate with az Apply with az Consume

Project Bicep vs Terraform • Introduction • Comparing Bicep and Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

Comparing Bicep and Terraform • Bicep and Terraform serve one purpose • Provision and mutate cloud infrastructures using code • Both can preview infrastructure modifications before mutating the cloud environment • Both use declarative approach • You describe the desired state Capabilities and differences

Comparing Bicep and Terraform With both, we can • read existing information (Services that your actual infrastructure depends on) • build re-usable components • automate infrastructure deployment and mutation in the context of Azure Capabilities and differences

Comparing Bicep and Terraform So if both tools exist to address the needs of Infrastructure as Code (IaC), where is the difference and which should I choose? Capabilities and differences

Project Bicep • Communicates directly with Azure ARM APIs • Projects have a scope (Resource Group, Subscription. Management Group, or Tenant) • The CLI is just repsonsible for source code specific stuff (decompile, publish, build) • Actual deployment is done using existing tools (Azure CLI, Azure PowerShell modules, or Azure Portal) • There are two deployment modes Complete or Incremental (incremental by default) Capabilities and differences

Terraform • It can provision all necessary infrastructure components (also in multi- and hybrid-cloud scenarios) by using so called providers • The AzureRM provider is an abstraction of Azure’s ARM API • The CLI addresses all needs (deployment, mutation, formatting, validating, removal, …) • Tracks infrastructure state using a “state file” that must be accessible from within CI • Terraform workspaces allow per environment modifications and are tracked independantly Capabilities and differences

Comparing Bicep and Terraform • Visual Studio Code has best experience for Terraform and Bicep • For both choices, first class extensions are available • Vast amount of community extensions for Terraform Developer Tooling

Developer Tooling - Visual Studio Code Extensions for - Terraform - Project Bicep Demo

Comparing Bicep and Terraform Both languages are • declarative • easy to read and learn • equipped with functions and expressions and fundamental control flow capabilities Language / Syntax

Project Bicep vs Terraform • Introduction • Comparing Bicep and Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

Comparing a sample architecture - Comparing a sample architecture that consists of three commonly used services in Azure - Azure Key Vault - Azure SQL Database - Azure App Service Demo

Project Bicep vs Terraform • Introduction • Comparing Bicep and Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points P

Should I pick Terraform or Project Bicep • Terraform addresses multi- and hybrid cloud scenarios • IMO Terraform is a bit more compact than Project Bicep • Anyways you will find yourself writing a lot of code when doing IaC • Terraform addresses all the needs using a single CLI Conclusion

Should I pick Terraform or Project Bicep • Are you working only with Azure -> use Project Bicep • Project Bicep is an Azure 1st class citizen • If a service or changes are released in preview, you can use them from day 1 • Project Bicep developer tooling is superior Conclusion

Q&A If you have further questions: shoot me a mail at [email protected] / [email protected] or tweet at @ThorstenHans