Testing ARM templates

2 minute read

A few weeks ago I was looking at ways how I could test my ARM
templates. During my work I create a lot of these templates and it always a lot
of work to check them and comply with the best practices. Especially when we
work in teams and everybody has his own way of creating the templates.

After some research I found a blog post of: Olivier Miossec (a Microsoft Azure MVP). He was mentioning a tool called “ARM-TTK” which is being developed by Microsoft and is still in preview.

Reading this made me test the tool out.

ARM-TTK

ARM-TTK is written as a PowerShell Module that can be run in
Windows or Linux. When using Linux PowerShell Core needs to be installed.

The module is still in preview but Microsoft is actively
developing it on GitHub. Using this option everyone is allowed to test it and use
it in there on scenario’s.

To test it download the folder from the GitHub repository:

As you may know with the downloaded folder you can Import the module. As there is no online location yet you have to reference the file name.

Import-Module '[Path to the Module]'

Executing ARM-TTK

With the module loaded in our PowerShell session it is time to execute some test against some of the ARM templates I have. To run a test run the following command:

 Test-AzTemplate 'D:\temp\azuredeploy.json'

Running this command will give a result like the image below.

ARM-TTK

The tool uses a testing framework called Pester to test
certain scenario’s against the ARM template. Besides that the tool doesn’t use
the Azure context at this moment making it a very quick test framework with a
lot of great result. Some of the things it checks are:

  • JSON validation
  • apiVersions
    Should Be Recent
    : It will also show recent version you can use.
  • artifacts
    parameter
    : It checks the artifact parameters and whether they are used within
    the template.
  • Outputs Must Not Contain Secrets
  • Parameters Property Must Exist
  • Virtual Machines Should Not Be Preview

All together this looks like a really great tool that can be
extended very quickly and is really useful. Next step is creating this
extension within a Azure DevOps Pipeline task in order to use it CI and CD
scenario’s.