Mastering Azure VM Provisioning: Lessons from 5 Common Terraform Errors

How I Provisioned My First Azure VM with Terraform (And the 5 Errors That Taught Me More Than Any Tutorial)

Engineer Vivian Chiamaka Okose successfully deployed a fully networked Ubuntu 20.04 LTS VM on Azure using HashiCorp Terraform. The process automated six distinct resources, including Virtual Networks and Network Interfaces, through a single declarative configuration file.

Why This Matters

While Infrastructure as Code (IaC) promises seamless deployment, actual implementation frequently collides with cloud provider constraints like regional SKU availability and subscription quotas. This technical reality requires engineers to move beyond tutorials and utilize platform-specific CLI queries to verify image offers and hypervisor compatibility. Transitioning to a declarative model ensures reproducibility, but only if the engineer can navigate the underlying platform limitations that state files alone cannot resolve.

Key Insights

• Public IP Quota Limits: Azure free-tier subscriptions default to a zero-limit for Basic SKU IPs, requiring an explicit shift to Standard SKU (2026).
• SKU Availability Constraints: VM sizes such as Standard_B1s are frequently restricted by region, necessitating the use of ‘az vm list-skus’ to identify functional alternatives.
• Hypervisor Generation Mismatch: Modern D-series VMs require Generation 2 images, making legacy Gen1 images like Ubuntu 18.04 incompatible with newer hardware.
• Regional Image Naming: The ‘UbuntuServer’ offer is legacy; modern Gen2 images require specific offer strings like ‘0001-com-ubuntu-server-focal’ to be found in specific regions.
• Terraform State Management: Child resources like OS disks can block resource group deletion if not explicitly flagged with ‘delete_os_disk_on_termination’ within the VM resource block.

Working Examples

Azure VM resource configuration with automated disk cleanup and Gen2 image support.

resource "azurerm_virtual_machine" "vm" {
  name = "terraform-vm"
  location = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.nic.id]
  vm_size = "Standard_D2ads_v7"
  delete_os_disk_on_termination = true
  delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "Canonical"
    offer = "0001-com-ubuntu-server-focal"
    sku = "20_04-lts-gen2"
    version = "latest"
  }
}

Azure CLI command to verify regional availability of specific Gen2 Linux images.

az vm image list --location uksouth --publisher Canonical --offer 0001-com-ubuntu-server-focal --all --output table | grep "gen2"

Practical Applications

• Infrastructure Scaling: Use declarative HCL to reproduce consistent environments across multiple regions. Pitfall: Hardcoding locations instead of using resource references like ‘azurerm_resource_group.rg.location’ leads to configuration drift.
• Pre-deployment Auditing: Utilize ‘terraform plan’ to visualize resource changes (+, ~, -) before applying to production. Pitfall: Mismanaging state for child resources like OS disks can lead to orphaned disks and unexpected billing leaks.
• Dynamic Resource Discovery: Leverage Azure CLI tools to query available SKUs rather than relying on outdated tutorial documentation. Pitfall: Attempting to deploy restricted SKUs results in ‘SkuNotAvailable’ errors that stall CI/CD pipelines.

References:

• https://dev.to/vivian_okose/how-i-provisioned-my-first-azure-vm-with-terraform-and-the-5-errors-that-taught-me-more-than-any-32fe