IaC
Infrastructure as Code (IaC) bezeichnet die automatisierte und wiederholbare Bereitstellung von IT-Infrastruktur mithilfe von Code. Mit Bicep, einer domänenspezifischen Sprache von Microsoft, lassen sich Azure-Ressourcen deklarativ definieren. Dadurch können Infrastrukturen versioniert, nachvollziehbar und teamübergreifend verwaltet werden – ganz im Sinne von DevOps.
Was ist Bicep?
Bicep ist eine vereinfachte Sprache zur Definition von Azure-Ressourcen. Es ist ein Abstraktionslayer ĂĽber ARM-Templates (Azure Resource Manager).
Vorteile
Weniger Code
Bessere Lesbarkeit
IntelliSense-UnterstĂĽtzung in VS Code
Automatische Validierung und Vervollständigung
Ressourcengruppe anlegen
resource rg 'Microsoft.Resources/resourceGroups@2018-05-01' = {
location: location
name: name
}az deployment sub create \
--location switzerlandnorth \
--template-file main.bicep \
--parameters name=my-resource-groupContainer Registry
resource cr 'Microsoft.ContainerRegistry/registries@2025-04-01' = {
name: 'levexiscr'
location: 'switzerlandnorth'
sku: {
name: 'Basic'
}
properties: {
publicNetworkAccess: 'Enabled'
}
}az deployment group create \
--resource-group my-resource-group \
--template-file main.bicepVirtuelle Maschine
@description('Username for the Virtual Machine.')
param adminUsername string
@description('Password for the Virtual Machine.')
@secure()
param adminPassword string
resource networkInterface 'Microsoft.Network/networkInterfaces@2024-05-01' = {
name: 'sbaenl-nic'
location: 'switzerlandnorth'
properties: {
ipConfigurations: [
{
name: 'ipconfig1'
properties: {
subnet: {
id: virtualNetwork.properties.subnets[0].id
}
privateIPAllocationMethod: 'Dynamic'
publicIPAddress: {
id: publicIPAddress.id
}
}
}
]
networkSecurityGroup: {
id: networkSecurityGroup.id
}
}
}
resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2023-09-01' = {
name: 'sbaenl-nsg'
location: 'switzerlandnorth'
properties: {
securityRules: [
{
name: 'SSH'
properties: {
priority: 1000
protocol: 'Tcp'
access: 'Allow'
direction: 'Inbound'
sourceAddressPrefix: '*'
sourcePortRange: '*'
destinationAddressPrefix: '*'
destinationPortRange: '22'
}
}
]
}
}
resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-05-01' = {
name: 'sbaenl-vnet'
location: 'switzerlandnorth'
properties: {
addressSpace: {
addressPrefixes: [
'10.1.0.0/16'
]
}
subnets:[
{
name: 'sbaenl-subnet'
properties: {
addressPrefix: '10.1.0.0/24'
privateEndpointNetworkPolicies: 'Enabled'
privateLinkServiceNetworkPolicies: 'Enabled'
networkSecurityGroup: {
id: networkSecurityGroup.id
}
}
}
]
}
}
resource publicIPAddress 'Microsoft.Network/publicIPAddresses@2024-05-01' = {
name: 'sbaenl-pip'
location: 'switzerlandnorth'
sku: {
name: 'Basic'
}
properties: {
publicIPAllocationMethod: 'Dynamic'
publicIPAddressVersion: 'IPv4'
dnsSettings: {
domainNameLabel: toLower('sbaenl-vm-${uniqueString(resourceGroup().id)}')
}
idleTimeoutInMinutes: 4
}
}
resource vm 'Microsoft.Compute/virtualMachines@2024-11-01' = {
name: 'sbaenl-vm'
location: 'switzerlandnorth'
properties: {
hardwareProfile: {
vmSize: 'Standard_D2s_v3'
}
osProfile: {
computerName: 'sbaenl-vm'
adminUsername: adminUsername
adminPassword: adminPassword
}
storageProfile: {
imageReference: {
publisher: 'Canonical'
offer: '0001-com-ubuntu-server-jammy'
sku: '22_04-lts-gen2'
version: 'latest'
}
osDisk: {
createOption: 'FromImage'
managedDisk: {
storageAccountType: 'StandardSSD_LRS'
}
}
dataDisks: [
{
diskSizeGB: 64
lun: 0
createOption: 'Empty'
}
]
}
networkProfile: {
networkInterfaces: [
{
id: networkInterface.id
}
]
}
}
}az deployment group create \
--resource-group my-resource-group \
--template-file main.bicep
--parameters adminUsername=sbaenl adminPassword={RHbKa}!iQvL.^SZuletzt aktualisiert