Deploy an Azure Resource Manager template

From Authoring Azure Resource Manager Templates:

Azure applications typically require a combination of resources (such as a database server, database, or website) to meet the desired goals. Rather than deploying and managing each resource separately, you can create an Azure Resource Manager template that deploys and provisions all of the resources for your application in a single, coordinated operation.

Octopus Deploy supports deploying Azure Resource Manager (ARM) templates via the Deploy an Azure Resource Manager template step type. For information about adding a step to the deployment process, see the add step section. The instructions there apply equally to a runbook process too.

Create Azure resources runbook

To create a runbook to deploy resources to Azure using the Deploy an Azure Resource Manager template step:

1. Navigate to your Project, then Operations ➜ Runbooks ➜ Add Runbook.

2. Give the runbook a name and click SAVE.

   Before creating the step, you must have created an Azure Service Principal Account.

3. Click DEFINE YOUR RUNBOOK PROCESS, then click ADD STEP.

4. Add the step by clicking Azure ➜ Deploy an Azure Resource Manager template, or search for the step.

   

5. Give the step a name.

6. Choose the Execution Location on which to run this step.

7. In the Azure section, choose the Account to use.

   

   Azure accounts can be referenced in a project through a project variable of the type Azure account.

   The step will allow you to bind the account to an Azure account variable, using the binding syntax. By using a variable for the account, you can have different accounts used across different environments or regions using scoping.

8. Select the Resource Group to place the created resources in. This can be selected from the drop-down of available resources or bound to a variable. The resource group must exist when the step is executed.

9. Set the Deployment Mode. It can be either Incremental or Complete.

10. Choose the Template Source. It can be either JSON entered directly into the step, or a file contained in a package.

11. Enter any values for parameters if they are present.

Configure any other settings for the step such as Environment run conditions and click SAVE.

Template entered as JSON

By selecting Source Code as the Template Source, you can enter your template directly as JSON.

The JSON will be parsed, and your parameters will appear dynamically as fields in the Parameters section.

The parameter fields will show text boxes or select-lists as appropriate. You can enter values directly, or bind the parameters to Octopus Variables (e.g. see the siteName parameter in the image above).

Sensitive data

The field displayed when “From Octopus” option is selected stores data as plain text so sensitive data shouldn’t be typed directly into it. Instead, the value of the parameter should be provided either via a Sensitive Variable if the value is stored in Octopus or via Azure Key Vault if the value is stored outside of Octopus. Azure Resource Group Templates provide out of the box integration with Azure Key Vault.

Template contained in a package

By selecting File inside a Package as the Template Source, you can select a package which will contain your template and parameter JSON files.

The Template Path and Parameters Path fields should contain the relative path to these files within the package.

Parameter file format

The Parameter JSON file can be in one of two formats:

• With Schema
• Without Schema

Example with Schema

{
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "collation": {
            "value": "SQL_Latin1_General_CP1_CI_AS"
        },
        "administratorLoginPassword": {
            "value": "#{PasswordStoredAsSensitiveVariableInOctopus}"
        },
        "administratorLogin": {
            "value": "#{Login}"
        },
        "databaseName": {
            "value": "#{DatabaseName}"
        },
        "anotherSecretStoredInAzureKeyVault": {
            "reference": {
                "keyVault": {
                    "id": "#{KeyVaultResourceId}"
                },
                "secretName": "SecretName"
            }
        }
    }
}

Example without Schema

{
    "collation": {
        "value": "SQL_Latin1_General_CP1_CI_AS"
    },
    "administratorLoginPassword": {
        "value": "#{PasswordStoredAsSensitiveVariable}"
    },
    "administratorLogin": {
        "value": "admin"
    },
    "databaseName": {
        "value": "#{DatabaseName}"
    },
    "anotherSecretStoredInAzureKeyVault": {
        "reference": {
            "keyVault": {
                "id": "#{KeyVaultResourceId}"
            },
            "secretName": "SecretName"
        }
    }
}

Accessing ARM template output parameters

Any outputs from the ARM template step are made available as Octopus output-variables automatically. For example, an output Foo would be available as:

Octopus.Action[Arm Template Step Name].Output.AzureRmOutputs[Foo]

Note, you need to replace Arm Template Step Name with the name of your ARM step template.

Using linked templates

Azure Resource Manager supports the concept of linking templates. In this model you create a main template which links to other templates and parameters files via URI. This can be a really useful way to break your ARM templates into manageable components. In this case you would configure Octopus to deploy your main template, and the Azure Resource Manager will download any linked templates and parameters files as required to complete the deployment.

Learn more

• Generate an Octopus guide for Azure and the rest of your CI/CD pipeline.

Help us continuously improve

Please let us know if you have any feedback about this page.

Send feedback

Page updated on Sunday, January 1, 2023