Azure DevOps Journey with AKS and Terraform

Costhigh

Deployability ci cd ready

Status cloud lab

Validation test -f README.md

Azure DevOps AKS Terraform .NET azure terraform azure-devops

Use the guide first.

The full learning guide is on this page. Open the repository files only when a step asks you to inspect code, fork the project, or download raw assets.

Read safety guide Project files on GitHub

Project Guide

This tutorial/lab setup is going to take you through a DevOps journey using Azure DevOps. From setting up your pipeline to deploying an application to your Azure Kubernetes cluster!

What you will learn

In this tutorial/lab, you will learn:

• Initial setup of Azure DevOps to begin deploying to Azure using Pipelines as code
• Deploy Azure resources using Terraform modules
• Deploy a test application to Azure Kubernetes Service
• An understanding of CI/CD with automated application deployments
• Test your deployed Azure resources using automated testing
• Reviewing monitoring and alerting using Application & Container Insights

🛡️ 2026 DevSecOps Enhancements (What You Will Learn)

This repository has been upgraded to model 2026 Cloud Security protocols. While progressing through the labs, note the following architectural improvements:

1. Unprivileged AKS Deployments: Our Kubernetes manifests no longer run applications as root. We actively drop all unnecessary kernel capabilities to restrict blast radius during a potential container breakout.
2. Terraform Cloud Backends: Legacy local state files or basic storage accounts have been migrated to utilize secure, encrypted, and locked remote Terraform backends to prevent state corruption across CI/CD runners.
3. Automated Infrastructure Scanning: The pipeline is pre-configured to easily adopt tfsec/checkov steps before applying the Azure infrastructure.

This setup is based on a somewhat “real-life” scenario and setup mirrors an example of a real-world setup!

Tutorial/labs format

Prior to starting the tutorial/labs - please review the below Prerequisites

Labs are found here, complete each one in number sequence 1…2…3…etc

1. Initial Setup starts you off with setting up:

   • Azure DevOps Setup

     • Azure DevOps Organisation Setup
     • Azure DevOps Project Creation
     • Azure Service Principal Creation

   • Azure Terraform setup

     • Create Blob Storage location for Terraform State file

   • Create Azure AD Group for AKS Admins

     • Create Azure AD AKS Admin Group

2. Setup Azure DevOps Pipeline The purpose of this lab is to create all of the Azure cloud services you’ll need from an environment/infrastructure perspective to run the test application.

   • Pipeline setup
     • Setup Azure DevOps Pipeline

3. Deploy Application to Azure Container Registry Deploy sample Application to Container Registry.

   • Deploy Application to Azure Container Registry
     • Build the Docker Image Locally
     • Run The Docker Image Locally
     • Deploy sample Application to Container Registry

4. Deploy Application to Azure Kubernetes Cluster

   • Add AKS ACR Role assignment

     • Terraform to add role assignment for AKS managed identity to access the deployed ACR

   • Add Application Insights to Terraform

     • Application Insights will be used to monitor the application once deployed!

   • Add Azure Key Vault to Terraform

     • Azure Key Vault will be used to store secrets used within your Azure DevOps Variable Group.

   • Update Pipeline to Deploy Application to AKS

     • Update Pipeline to Deploy asp Application to AKS

5. Introduce CI/CD

   • Introducing CI/CD to your pipeline

     • Begin CI/CD with Pipeline Trigger for automatic pipeline runs

   • Automated deployment of your AKS Application

     • In previous labs; the application was initially manually setup for its build tag. In CI/CD, this would be automated and the Application on the AKS cluster would update each time the pipeline has been ran.

6. Testing your deployed Azure Infrastructure

   • Testing Infrastructure using Inspec

     • Using Inspec-Azure to test your Azure Resources

   • Inspec Testing using Azure DevOps Pipeline

     • Run Inspec-Tests using Azure DevOps
     • View Inspec reports in Azure DevOps

7. Monitoring and Alerting

   • Azure Application Insights

     • Using Application Insights to view telemetry data!

   • Azure Application Insights Availability Tests

     • Configure availability test using Application Insights

   • Log Analytics Container Insights

     • Reviewing Log Analytics Container Insights

CI/CD

You will learn how to setup and configure a pipeline that involves CI/CD

1. Developer changes application source code.
2. Application is committed to the source code repository in Azure Repos.
3. Continuous integration triggers application build
4. Continuous deployment within Azure Pipelines triggers an automated deployment with environment-specific configuration values.
5. Updated Application is deployed to environment specific Kubernetes cluster
6. Application Insights collects and analyzes health, performance, and usage data.
7. Azure Monitor collects and analyzes health, performance, and usage data.

Thank you

Thank you for taking the time to work on this tutorial/labs. Let me know what you thought!

Author by DevCloud Ninjas

Ensure to follow me on GitHub. Please star/share this repository!