AZURE Buckets Managed By Terraform

Terraform code that creates and maintains infrastructure for stores, using Azure Blob Storage which is an object storage service provided by Azure in multiple geographical regions.


  • Adding Azure as store options requires you to have a storage account with Microsoft Azure. This is where your data is stored in the containers (equivalent of buckets in AWS S3). You can start with the free account for now.
  • The Terraform CLI (1.2.0+) installed.
  • The Azure CLI installed.
  • Terraform Basics
  • Login to azure cli terraform requires that azure cli and active token which is generated by login

State File

When using Terraform it needs to keep track of the infrastructure it's creating. It does this by means of a statefile. This file is just a simple JSON file (though its extension is terraform.tfstate) that defines the infrastructure that has been created by Terraform and any proposed changes. By default, this file is stored on the local machine where terraform commands are run and should be checked into git or any other source code management system used. More of the purpose of the state file can be explained here. Terraform compares your configuration with the state file and your existing infrastructure to create plans and make changes to your infrastructure. When you run terraform apply or terraform destroy against your initialized configuration, Terraform writes metadata about your configuration to the state file and updates your infrastructure resources accordingly.

Sensitive Data in State File

The state file can handle sensitive data, if creating storage_account with access key and connection string this will be stored in plain text in the state file. So recommend keeping state file secure.


Terraform Backends Keep State File Secure

If the state file is deleted terraform will lose track of the infrastructure it has created, so it is important to keep state file in safe place where it wont be deleted, like Terraform backends. Also since it is just a simple file, it can actually be edited by anyone that has access to it and this might cause unwanted behaviors in the state of your infrastructure. This is not ideal for collaboration as git conflicts may arise if multiple developers are modifying their own local copy of the file. Terraform introduce multiple online storage locations for this file called backends, and AZURE can be used as a backend to safely store your state file.