Merge pull request #25830 from hashicorp/kt/secret-metadata-host

backend/azurerm: support loading environments from a metadata host

backend/remote-state/azure/arm_client.go

@@ -62,6 +62,7 @@ func buildArmClient(config BackendConfig) (*ArmClient, error) {
 		SubscriptionID:                config.SubscriptionID,
 		TenantID:                      config.TenantID,
 		CustomResourceManagerEndpoint: config.CustomResourceManagerEndpoint,
+		MetadataURL:                   config.MetadataHost,
 		Environment:                   config.Environment,
 		ClientSecretDocsLink:          "https://www.terraform.io/docs/providers/azurerm/guides/service_principal_client_secret.html",
 

backend/remote-state/azure/backend.go

@@ -30,6 +30,13 @@ func New() backend.Backend {
 				Description: "The blob key.",
 			},
 
+			"metadata_host": {
+				Type:        schema.TypeString,
+				Required:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARM_METADATA_HOST", ""),
+				Description: "The Metadata URL which will be used to obtain the Cloud Environment.",
+			},
+
 			"environment": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -186,6 +193,7 @@ type BackendConfig struct {
 	ClientCertificatePath         string
 	ClientSecret                  string
 	CustomResourceManagerEndpoint string
+	MetadataHost                  string
 	Environment                   string
 	MsiEndpoint                   string
 	ResourceGroupName             string
@@ -220,6 +228,7 @@ func (b *Backend) configure(ctx context.Context) error {
 		ClientCertificatePath:         data.Get("client_certificate_path").(string),
 		ClientSecret:                  clientSecret,
 		CustomResourceManagerEndpoint: data.Get("endpoint").(string),
+		MetadataHost:                  data.Get("metadata_host").(string),
 		Environment:                   data.Get("environment").(string),
 		MsiEndpoint:                   data.Get("msi_endpoint").(string),
 		ResourceGroupName:             data.Get("resource_group_name").(string),