Add Azure environments using Terraform

You can add your Microsoft Azure environments to Sophos Cloud Optix using our Terraform template.

Restriction This feature might not be available for all customers yet.

You must use a version of Terraform that Sophos Cloud Optix supports. You can use the following versions:

  • 0.12
  • 0.13
  • 0.14

To add a Microsoft Azure environment, go to Settings, then click Add Environments > Azure.

Select Add an Microsoft Azure subscription using an approved Terraform version.

Sophos Cloud Optix takes you through the following steps:

  1. Download the Sophos Cloud Optix template.
  2. Register the Sophos Cloud Optix Microsoft Azure AD application.
  3. Create resources for exporting flow and activity logs to Sophos Cloud Optix.
  4. Generate the command to add your Microsoft Azure subscription to Sophos Cloud Optix.
  5. If you want to, you can add AKS clusters.

Known Terraform issues

You may encounter some known Terraform issues when adding Microsoft Azure environments. These won't prevent you from adding your environments to Sophos Cloud Optix.

  1. Interpolation warning.

    Terraform v0.13 and v0.14 give the following warning, which you can ignore.

    Warning: Version constraints inside provider configuration blocks are deprecated on line 6, in provider "azurerm": 6: version = "=2.20.0"

    Terraform versions earlier than 0.14 allowed provider version constraints inside the provider configuration block. This is no longer recommended and will be removed in a future version. You can stop this error from appearing by moving the provider version constraint into the required_providers block.

  2. You must turn off network watchers. If they are already turned on, you must import them into a Terraform state.
  3. Terraform for Microsoft Azure doesn't support Central India, West India, and South India, so network watchers aren't turned on in these regions. You can turn them on manually if you need flow logs in these regions.
  4. Errors when adding environments that have previously been removed from Sophos Cloud Optix.

    If you remove an environment from Sophos Cloud Optix using the Terraform destroy command, you may get the following error when you try to add it again.

    Code="DeploymentFailed" Message=" At least one resource deployment operation failed

    This is a known error logged with Hashicorp (issue #24663).

    To resolve the problem, run the Terraform destroy command more than once and make sure all Sophos Cloud Optix resources are deleted from your Microsoft Azure environment. Then add the environment again.