resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

website: adding the new fields to azurerm

This commit is contained in:
Matthew Frahry 2021-03-22 09:53:52 -07:00
parent b0b0a44a67
commit a978d4ee99
1 changed files with 61 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
website/docs/language/settings/backends/azurerm.html.md
View File

@ -28,6 +28,8 @@ terraform {
} }
``` ```
---
When authenticating using Managed Service Identity (MSI): When authenticating using Managed Service Identity (MSI):
```hcl ```hcl
@ -43,6 +45,27 @@ terraform {
} }
``` ```
---
When authenticating using Azure AD Authentication:
```hcl
terraform {
backend "azurerm" {
storage_account_name = "abcd1234"
container_name = "tfstate"
key = "prod.terraform.tfstate"
use_azuread_auth = true
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
-> **Note:** When using AzureAD for Authentication to Storage you also need to ensure the `XXX` and `XXX` roles are assigned.
---
When authenticating using the Access Key associated with the Storage Account: When authenticating using the Access Key associated with the Storage Account:
```hcl ```hcl
@ -59,6 +82,8 @@ terraform {
} }
``` ```
---
When authenticating using a SAS Token associated with the Storage Account: When authenticating using a SAS Token associated with the Storage Account:
```hcl ```hcl
@ -92,6 +117,8 @@ data "terraform_remote_state" "foo" {
} }
``` ```
---
When authenticating using Managed Service Identity (MSI): When authenticating using Managed Service Identity (MSI):
```hcl ```hcl
@ -102,12 +129,34 @@ data "terraform_remote_state" "foo" {
container_name = "terraform-state" container_name = "terraform-state"
key = "prod.terraform.tfstate" key = "prod.terraform.tfstate"
use_msi = true use_msi = true
subscription_id = "00000000-0000-0000-0000-000000000000" subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000" tenant_id = "00000000-0000-0000-0000-000000000000"
} }
} }
``` ```
---
When authenticating using AzureAD Authentication:
```hcl
data "terraform_remote_state" "foo" {
backend = "azurerm"
config = {
storage_account_name = "terraform123abc"
container_name = "terraform-state"
key = "prod.terraform.tfstate"
use_azuread_auth = true
subscription_id = "00000000-0000-0000-0000-000000000000"
tenant_id = "00000000-0000-0000-0000-000000000000"
}
}
```
-> **Note:** When using AzureAD for Authentication to Storage you also need to ensure the `XXX` and `XXX` roles are assigned.
---
When authenticating using the Access Key associated with the Storage Account: When authenticating using the Access Key associated with the Storage Account:
```hcl ```hcl
@ -125,6 +174,8 @@ data "terraform_remote_state" "foo" {
} }
``` ```
---
When authenticating using a SAS Token associated with the Storage Account: When authenticating using a SAS Token associated with the Storage Account:
```hcl ```hcl
@ -186,6 +237,14 @@ When authenticating using the Storage Account's Access Key - the following field
--- ---
When authenticating using AzureAD Authentication - the following fields are also supported:
* `use_azuread_auth` - (Optional) Should AzureAD Authentication be used to access the Blob Storage Account. This can also be sourced from the `ARM_USE_AZUREAD` environment variable.
-> **Note:** When using AzureAD for Authentication to Storage you also need to ensure the `XXX` and `XXX` roles are assigned.
---
When authenticating using a Service Principal with a Client Certificate - the following fields are also supported: When authenticating using a Service Principal with a Client Certificate - the following fields are also supported:
* `resource_group_name` - (Required) The Name of the Resource Group in which the Storage Account exists. * `resource_group_name` - (Required) The Name of the Resource Group in which the Storage Account exists.