How To: Deploy Servers to Azure with OneFuse and Terraform

Knowledge Base, Terraform


In this article we will go over how to deploy Servers to Azure with OneFuse and Terraform. We will only be using Naming and Static Property Sets (SPS) Groups in this article, but more Modules can be added to your TF files.


We will assume you already have an Azure subscription and have the required ID/Access you need. We will also assume that you have OneFuse and Terraform configured

OneFuse Configuration/Validation

Validate Naming Sequence and Naming Policy

Log into OneFuse and go to the Naming section under Modules

In our example Naming Policy below, you can see some templated {{}} values in the Naming Template section. These will be explained when we get to the Static Property Sets (SPS)

We kept the Naming Sequence very generic for this test (Maximum Length is 3, Padding Character is 0, etc). You can also see the same template values in the Unique Key section (minus the sequence) which will be explained in the next section.

Now that we’ve verified that our Naming Policy/Sequence looks good, we can move to the Static Property Sets (SPS).

Validate Static Property Sets (SPS)

Log into OneFuse and go to the Static Property Sets section under Templating

Locate the Static Property Set that you’re going to be using and view/edit it

In the example below, we’re using a Static Property Set (SPS) that is specific for Azure. In the Static Property Set section is where we’re going to be passing in the values for those properties that we templated in the Naming Policy/Sequence.

Now that we’ve verified our Static Property sets, we’re good to continue on to the Terraform configuration

Terraform Configuration/Validation

TF File Verification/Modification

Open up your Terraform files in the text editor of your choice and verify that you have the correct settings. If any settings need to be changed, feel free to do so at this time (You can use my examples below for reference)

We’re setting the OneFuse and Azure Providers in the file and populating the data and resource objects for Naming and Static Property Sets. file

terraform {
  required_providers {
    onefuse = {
      source  = "CloudBoltSoftware/onefuse"
      version = ">= 1.20.0"
    azurerm = {
      source = "hashicorp/azurerm"
      version = ">= 2.26"
  required_version = ">= 0.13"

provider "onefuse" {
  scheme     = var.onefuse_scheme
  address    = var.onefuse_address
  port       = var.onefuse_port
  user       = var.onefuse_user
  password   = var.onefuse_password
  verify_ssl = var.onefuse_verify_ssl

// OneFuse Static Property Set
data "onefuse_static_property_set" "azure" {
  name = "Azure"

// Naming Policy data source
data "onefuse_naming_policy" "machine" {
  name = "NamingPolicy"

resource "onefuse_naming" "machine-name" {
  naming_policy_id        = // Refers to onefuse_naming_policy data source to retrieve ID
  dns_suffix              = ""
  template_properties = {
    name              =
    cloud             =

In the file below, we’re passing in the Subscription ID, Tenant ID, Client ID and Client Secret from our file, but you can pass them with other methods. We were having issues with permissions so we decided to use the skip provider registration property.

Note: Please see link(s) in Additional Information section on other ways to pass the values file (Azure Provider)

# Configure the Microsoft Azure Provider
provider "azurerm" {
    features {}
    subscription_id             = var.subscription_id
    client_id                   = var.client_id
    client_secret               = var.client_secret
    tenant_id                   = var.tenant_id
    skip_provider_registration  = true

# Create (and display) an SSH key
resource "tls_private_key" "example_ssh" {
  algorithm = "RSA"
  rsa_bits = 4096

# Create virtual machine
resource "azurerm_linux_virtual_machine" "myterraformvm" {
    name                  =
    location              = "eastus"
    resource_group_name   = "Terraform"
    network_interface_ids = ["/subscriptions/424728d8-daf2-4ffb-92d9-80680574c0c1/resourceGroups/Terraform/providers/Microsoft.Network/networkInterfaces/test512"]
    size                  = "Standard_DS1_v2"

    os_disk {
        name              = "myOsDisk"
        caching           = "ReadWrite"
        storage_account_type = "Premium_LRS"

    source_image_reference {
        publisher = "Canonical"
        offer     = "UbuntuServer"
        sku       = "18.04-LTS"
        version   = "latest"

    computer_name  =
    admin_username = "azureuser"
    disable_password_authentication = true

    admin_ssh_key {
        username       = "azureuser"
        public_key     = tls_private_key.example_ssh.public_key_openssh

    tags = {
        environment = "Terraform Demo"

I have not included the file because it includes a lot of information that is valid for my environment.

Once we have verified everything, we can continue on to the next step of building the server with Terraform

Building Server with Terraform

Open your console window (we will be using Visual Studio Code in this example) and go to the directory of your TF files

Once you’re there, we will run terraform init

Terraform init will initialize all of the providers and you can see in the below screenshot that OneFuse 1.2 and Azure 2.58.0 were initialized.

If you see a message that says Terraform has been successfully initialized!, then we’re good to continue to the next step.

  • If you see a Registry service unreachable message, please make sure you can connect out to the internet and try the terraform init again

Now that everything is initialized, we’ll run terraform plan to make sure everything looks good with the build before we do the apply

  • The terraform plan output is very long so it was not included here

Take a look through the output from the terraform plan and make sure that everything looks correct

If all looks good with the terraform plan, we’ll do a terraform apply now to build the server

If the terraform apply completed successfully, you should see a message saying “Apply Complete!

If you receive Error: Error checking for presence of existing resource group, make sure the account you’re using has the correct permissions (See Additional Information section on permissions)

AWS/OneFuse Validation

Log into Azure and verify that the server is there and that you can connect to it

Log back into OneFuse and go to the Naming section under Modules.

Scroll down to the bottom and look for the Managed Names section. Verify that the Managed Object (MO) exists for your new server

We can see the correct name is listed and that it used the correct Naming Policy that we passed in

Additional information

Questions or comments? Visit our

Comments are closed.

Skip to toolbar