Store Terraform remote state in Azure

Hi, as a “Notes From the Field” this post is pretty sparse.  I will look to build a more complete Terraform post at some point.

Today I have been looking at how to store Terraform remote state in an Azure Storage Account.

Terraform Version 0.8.7

You will need:

  1. Your Azure Subscription Id
  2. An Azure Service Principal with permissions to manage Azure
  3. Your Azure Tenant id
  4. A storage account
  5. A container within the storage account called “tfstate” (you can call it something else but will need to change the commands below)
  6. The Resource Group for the storage account

When you have the information you need to tell Terraform that it needs to use a remote store for the state.

For a *nix system

terraform remote config \

-backend=azure \

-backend-config=”storage_account_name=<STORAGE ACCOUNT NAME>” \

-backend-config=”container_name=tfstate” \

-backend-config=”key=<STORAGE ACCOUNT KEY>” \

-backend-config=”resource_group_name=<RESOURCE GROUP NAME>” \

-backend-config=”arm_subscription_id=<SUBSCRIPTION NAME>” \

-backend-config=”arm_client_id=<SPN ID>” \

-backend-config=’arm_client_secret=<SPN PASSWORD>’ \

-backend-config=”arm_tenant_id=<TENANT ID>”

For PowerShell

terraform remote config `

-backend=azure `

-backend-config=”storage_account_name=<STORAGE ACCOUNT NAME>” `

-backend-config=”container_name=tfstate” `

-backend-config=”key=<STORAGE ACCOUNT KEY>” `

-backend-config=”resource_group_name=<RESOURCE GROUP NAME>” `

-backend-config=”arm_subscription_id=<SUBSCRIPTION NAME>” `

-backend-config=”arm_client_id=<SPN ID>” `

-backend-config=’arm_client_secret=<SPN PASSWORD>’ `

-backend-config=”arm_tenant_id=<TENANT ID>”

You can off just run it all on one line without either the “\” or the “`” but its pretty hard to read!

In my tests you don’t need to include the remote in the tf file now.

Version v0.9.5

*nix

terraform init \

-backend=true \

-backend-config=”backend=azure” \

-backend-config=”storage_account_name=<YOUR ACCOUNT KEY>” \

-backend-config=”container_name=tfstate” \

-backend-config=”key=prod.terraform.tfstate” \

-backend-config=”access_key=<YOUR ACCESS KEY>”

Powershell

terraform init `

-backend=true `

-backend-config=”backend=azure”`

-backend-config=”storage_account_name=<YOUR ACCOUNT KEY>” `

-backend-config=”container_name=tfstate”`

-backend-config=”key=prod.terraform.tfstate” `

-backend-config=”access_key=<YOUR ACCESS KEY>”

TF File

terraform {
backend “azure” {
storage_account_name = “<NAME OF STORAGE ACCOUNT>”
container_name = “<CONTAINER NAME>”
key = “<NAME OF TF STATE FILE – e.g.,prod.terraform.tfstate>”
access_key = “<STORAGE ACCCOUNT KEY>”
}
}

Ian

 

No Comments

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.