[User Guide] Setting up the Backend for terraform state

How to Setup the backend for the building block's terraform state file

This page is concerning building blocks, which are based on terraform configuration language

Before embark on your journey with the building blocks, unlocking a vast realm of possibilities and unveiling the wonders it holds for you, you need to setup a storage to hold your terraform state file.

Depending on your provider, you can leverage one of the following Terraform modules to create your storage account.

Requirements

1. A cloud shell in Azure/GCP or web shell in AWS, or local machine with Terraform installed.

   • You can use this link to install terraform based on your OS.

2. Install your cloud provider's CLI with one of the following link:

   • Azure: How to install the Azure CLI
   • AWS: Install or update the latest version of the AWS CLI
   • GCP: Install the gcloud CLI

3. Make sure that git is also installed on your machine. check out this link

4. Clone the building block repository with git clone https://github.com/meshcloud/building-blocks.git

5. Navigate to the following path based on your environment:

   • Azure Storage account: "/azure/terraform/storage/azure-storage-account"

   • AWS S3 Bucket: "/aws/terraform/storage/s3-bucket"

   • GCS Bucket: "/gcp/terraform/storage/storage-bucket"

6. login to your environment from the CLI (e.g. for azure az login)

7. run terraform init, terraform plan and terraform apply to deploy the storage account

8. save the ouputs and insert them respectively in the backend.tf file as it discussed in this wiki page

How to configure backend.tf file for these providers

Here you can find an example of how to create a backend.tf file

1. Copy one of these examples over to a new backend.tf file. Change the required parameters with the values of the storage account that you already have in your environment or just created with the help of the previous section.
2. Either put this backend.tf file inside your terraform module folder or upload it as a static file input along with the other inputs inside your Building Block definition.
3. Make sure to include the necessary credentials required for accessing the storage account. For instance, for a storage account in Azure, you can add "ARM_CLIENT_ID" and "ARM_CLIENT_SECRET" of the Service Principal as an Environment Variable.

Important: When making use of an input parameter of type "File," it's important to note that the "Name" you assign to the input parameter will be used as the filename for the uploaded file. For example, if your Terraform code references a credential file as "key.json" in your terraform code, you should use the exact same name in your input "Name" field.

AWS S3 Bucket

terraform {
  backend "s3" {
    bucket = "<bucket name>"
    key    = "<Prefix of the state file name>"
    region = "<Location name>"
  }
}

Azure storage account:

terraform {
  backend "azurerm" {
    tenant_id            = "<Tenant ID>"
    subscription_id      = "<Subscription ID>"
    resource_group_name  = "<Name of the resource group holding the state file>"
    storage_account_name = "<Name of the Storage account holding the state file>"
    container_name       = "<Name of the Container holding the state file>"
    key                  = "<Prefix of the state file name>"
  }
}

GCS Bucket

terraform {
  backend "gcs" {
    bucket  = "<Name of the bucket holding the state file>"
    credentials = Local path to Google Cloud Platform account credentials in JSON format
    prefix  = "<Prefix of the state file name>"
  }
}