Testing ARM templates

A few weeks ago I was looking at ways how I could test my ARM templates. During my work I create a lot of these templates and it always a lot of work to check them and comply with the best practices. Especially when we work in teams and everybody has his own way of creating the templates.

After some research I found a blog post of: Olivier Miossec (a Microsoft Azure MVP). He was mentioning a tool called “ARM-TTK” which is being developed by Microsoft and is still in preview.

Reading this made me test the tool out.

ARM-TTK

ARM-TTK is written as a PowerShell Module that can be run in Windows or Linux. When using Linux PowerShell Core needs to be installed.

The module is still in preview but Microsoft is actively developing it on GitHub. Using this option everyone is allowed to test it and use it in there on scenario’s.

To test it download the folder from the GitHub repository:

• https://github.com/Azure/azure-quickstart-templates/tree/master/test/arm-ttk

As you may know with the downloaded folder you can Import the module. As there is no online location yet you have to reference the file name.

Import-Module '[Path to the Module]'

Executing ARM-TTK

With the module loaded in our PowerShell session it is time to execute some test against some of the ARM templates I have. To run a test run the following command:

 Test-AzTemplate 'D:\temp\azuredeploy.json'

Running this command will give a result like the image below.

The tool uses a testing framework called Pester to test certain scenario’s against the ARM template. Besides that the tool doesn’t use the Azure context at this moment making it a very quick test framework with a lot of great result. Some of the things it checks are:

• JSON validation
• apiVersions Should Be Recent: It will also show recent version you can use.
• artifacts parameter: It checks the artifact parameters and whether they are used within the template.
• Outputs Must Not Contain Secrets
• Parameters Property Must Exist
• Virtual Machines Should Not Be Preview

All together this looks like a really great tool that can be extended very quickly and is really useful. Next step is creating this extension within a Azure DevOps Pipeline task in order to use it CI and CD scenario’s.