When transitioning from Terraform to Bicep, one of the most common questions developers have is regarding state management. Specifically, how does Bicep keep track of the state of resources, especially when you're accustomed to Terraform's explicit state management system? In this article, we’ll dive into how Bicep handles state, address some common concerns, and provide practical examples to enhance your understanding.
How Does Bicep Track State?
1. No Explicit State File
Unlike Terraform, which uses a dedicated state file to keep track of your infrastructure's state, Bicep relies on Azure Resource Manager (ARM) to manage state implicitly. This means that when you deploy a Bicep file, ARM itself tracks the resources that have been created and their properties within the Azure infrastructure. Each deployment creates a new record in Azure's deployment history, which keeps track of the template and the parameters used.
2. What Happens When Resources Are Removed?
When you remove resources from your Bicep file, they don't get deleted immediately upon redeployment. Instead, Bicep and ARM follow a declarative model where the last deployed state is compared to the current template. If resources are omitted from the template during a new deployment, they are ignored rather than deleted.
Example:
If you had the following resources in your main.bicep
file:
resource appServiceApp 'Microsoft.Web/sites@2022-03-01' = {
name: appServiceAppName
location: location
// properties...
}
// Removed this resource in the next deployment
When you deploy the modified Bicep file, ARM will simply ignore appServiceApp
and retain it in the existing state.
3. Adding Existing Resources to State
To manage existing resources that were created outside of Bicep or to include them in your infrastructure as code strategy, you can use the Import feature in Bicep. However, you must ensure that these resources conform to the Bicep declaration.
Example:
If you have an existing storage account and want to incorporate it into your Bicep deployment, you can declare it as follows:
resource existingStorageAccount 'Microsoft.Storage/storageAccounts@2022-09-01' existing = {
name: 'your-existing-storage-account-name'
}
This declaration allows Bicep to reference and manage the existing resource without altering its state.
4. Where Does Bicep Store State?
Bicep itself doesn't store the state; the state is maintained by Azure Resource Manager. You can view the state of your deployments and resources through the Azure Portal, Azure CLI, or Azure PowerShell. Azure keeps track of what resources exist, their configurations, and the history of deployments made.
Practical Considerations
Benefits of Implicit State Management
- Simplicity: New users don't have to manage a state file, making initial deployment easier.
- Integration: Bicep naturally integrates with Azure, leveraging its existing resource management capabilities.
Challenges to Be Aware Of
- Resource Deletion: As noted, resources not present in the Bicep file during redeployment are not deleted. This can lead to resource bloat unless managed.
- Drift Management: Keeping track of external changes to resources is more challenging since there is no state file to reference, making drift detection more complex.
Example GitHub Action Deployment
In practice, deploying your Bicep file via GitHub Actions can be done as shown below:
- name: Deploy
uses: azure/arm-deploy@v2
with:
deploymentName: ${{ github.run_number }}
scope: resourcegroup
resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP_NAME }}
template: ./infrastructure/main.bicep
parameters: >
environmentType=${{ env.ENVIRONMENT }}
failOnStdErr: false
In this YAML snippet, you can see how the Bicep file is used in a CI/CD pipeline to automatically deploy resources into a designated resource group.
Conclusion
Understanding how Bicep tracks state is crucial for effective resource management in Azure. While Bicep abstracts away the complexities of state management, users must adapt to a more implicit model compared to Terraform's explicit state file management. By leveraging Bicep's integration with Azure's resource management capabilities, you can create robust and maintainable infrastructure as code.
Additional Resources
This foundational knowledge should empower you to use Bicep more effectively and recognize when additional considerations might be necessary. Embrace the transition, and happy coding!