This repository demonstrates how to set up remote state for use with Terraform by Terraform, this time in Azure. usage: |- Add a reference to this module to your tf code, like this:
module "statebucket" {
source = "JamesWoolfenden/statebucket/azure"
version = "0.2.0"
account_tier = "Standard"
account_replication_type = "LRS"
location = "UK South"
resource_group_name = "terraform"
common_tags = var.common_tags
}This module implements the common_tags scheme. In the the example implementation examplea.auto.tfvars you'll find a basic map described:
common_tags = {
environment = "Production"
}Expand on these values to tag all your taggable resources.
This module should be run before nearly anything else as it sets up the remote state store. To do this it needs to be run twice. The first time to create the storage and also its own remote state file. The second run pushes its own state to the state store.
This project is 100% Open Source and licensed under the APACHE2.
No requirements.
| Name | Version |
|---|---|
| azurerm | n/a |
| local | n/a |
| template | n/a |
No modules.
| Name | Type |
|---|---|
| azurerm_resource_group.terraform | resource |
| azurerm_storage_account.terraform | resource |
| azurerm_storage_container.terraform | resource |
| local_file.remote_state | resource |
| azurerm_subscription.current | data source |
| template_file.remote_state | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| account_replication_type | Defaults to LRS, refer to azurerm provider docs for azurerm_storage_account to see valid values. | string |
"LRS" |
no |
| account_tier | Defaults to Standard, refer to azurerm provider docs for azurerm_storage_account to see valid values. | string |
"Standard" |
no |
| common_tags | This is a map type for applying tags on resources | map(any) |
n/a | yes |
| enable_https_traffic_only | Set traffic to be encrypted | string |
true |
no |
| location | Azure Region to use, defaults to UK South | string |
"UK South" |
no |
| resource_group_name | Name of resource group in which to deploy storage account. | string |
"terraform" |
no |
| Name | Description |
|---|---|
| resource_group | n/a |
| storage_account | n/a |
| storage_container | n/a |
| subscription_id | n/a |
The Terraform resource required is:
resource "azurerm_role_definition" "terraform_pike" {
role_definition_id = local.uuid
name = "terraform_pike"
scope = data.azurerm_subscription.primary.id
permissions {
actions = [
"Microsoft.Resources/subscriptions/providers/read",
"Microsoft.Resources/subscriptions/resourcegroups/delete",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Resources/subscriptions/resourcegroups/write",
"Microsoft.Storage/storageAccounts/blobServices/read",
"Microsoft.Storage/storageAccounts/delete",
"Microsoft.Storage/storageAccounts/fileServices/read",
"Microsoft.Storage/storageAccounts/listKeys/action",
"Microsoft.Storage/storageAccounts/read",
"Microsoft.Storage/storageAccounts/write"]
not_actions = []
}
assignable_scopes = [
data.azurerm_subscription.primary.id,
]
}
locals {
uuid = uuid()
}
data "azurerm_subscription" "primary" {
}
Check out these related projects.
For additional context, refer to some of these links.
Got a question?
File a GitHub issue.
Please use the issue tracker to report any bugs or file feature requests.
Copyright © 2019-2022 James Woolfenden
See LICENSE for full details.
Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
