Skip to content
/ azure-terraform-backend-template Public

ARM template that creates an Azure Storage account to store Terraform state files

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

equinor/azure-terraform-backend-template

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
.github
.github
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
azuredeploy.json
azuredeploy.json
 
 
main.bicep
main.bicep
 
 

Repository files navigation

Azure Terraform Backend Template

Conventional Commits

Deploy to Azure

Azure Resource Manager (ARM) template that creates an Azure Storage account to store Terraform state files:

  • Creates a storage account with the specified name.
  • Configures the storage account according to security recommendations.
  • Creates a blob container with the specified name.
  • Grants access to the storage account for specified user, group and service principals.
  • Creates a read-only lock to prevent changes to the storage account.

Prerequisites

Usage

Create Azure Storage account

  1. Login to Azure:

    az login

  2. Set active subscription:

    az account set --name <SUBSCRIPTION_NAME>

  3. Create resource group:

    az group create --name <RESOURCE_GROUP_NAME> --location <LOCATION>

    Requires Azure role Contributor at subscription.

  4. Create a deployment at resource group from the template URI:

    az deployment group create --name terraform-backend --resource-group <RESOURCE_GROUP_NAME> --template-uri https://raw.githubusercontent.com/equinor/azure-terraform-backend-template/refs/heads/main/azuredeploy.json --parameters storageAccountName=<STORAGE_ACCOUNT_NAME>

    Requires Azure role Owner at resource group.

Configure Terraform backend

  1. Create a Terraform configuration file main.tf and add the following backend configuration:

    terraform {
  backend "azurerm" {
    resource_group_name  = "<RESOURCE_GROUP_NAME>"
    storage_account_name = "<STORAGE_ACCOUNT_NAME>"
    container_name       = "tfstate"
    key                  = "terraform.tfstate"
    use_azuread_auth     = true
  }
}

  2. Initialize Terraform backend:

    terraform init

Parameters

Name Description Type Default
storageAccountName The name of the storage account to create. string
containerName The name of the blob container to create. string tfstate
ipRules An array of IP addresses or ranges that should be granted access to the storage account. If empty, all IP addresses and ranges will be granted access to the storage account. array []
principalIds An array of object IDs for user, group or service principals that should be granted access to the storage account. array []

Outputs

Name Description Type
storageAccountName The name of the storage account that was created. string
containerName The name of the blob container that was created. string

References

Contributing

See contributing guidelines.

License

This project is licensed under the terms of the MIT license.

About

ARM template that creates an Azure Storage account to store Terraform state files

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v0.2.1 Latest
Jan 10, 2025
+ 2 releases

Contributors 2

  •  
  •  

Languages