Using Terraform Cloud for state management
Workspace configuration
You can use Terraform Cloud or Terraform Enterprise to support Azure Terraform SRE landing zones state files.
Current support is for levels 3 and 4 (composition must be done with a launchpad stored on CAF Azure Storage Account).
For a landing zone in a given level, we can read and compose from Terraform state files on CAF Azure Storage account for the lower level. We are planning to support composition from lower levels stored on TFC/TFE storage in a future update.
Workspace Execution Mode
Please make you select the Execution Mode to be local in Terraform Cloud or Terraform Enterprise Configuration, this is currently the only supported method.
Steps to enable configuration
- Login to Terraform Cloud/Enterprise
terraform login
- Export the token and environment information
The following commands allow you to define the configuration for your TFC organization, hostname and the name of the workspace where to store the Terraform state files
export TERRAFORM_CONFIG="$HOME/.terraform.d/credentials.tfrc.json"
export TFC_organization="contoso" #name of your TFC/TFE organization.
export TFC_hostname="tfc.contoso.local" #optional, only for TFE.
export TF_VAR_workspace"networking-virtualwan-vwan-level2" #name of the workspace where to store the state file.
- Run your
rovercommand
For any particular rover command you are using, add the -tfc parameter to switch to TFC/TFE storage instead of CAF Azure Storage hierarchy.
rover ... -tfc
Workspace Creation
You can create your Terraform Cloud organization and workspaces manually, or if you are looking after an automated way to create them, you can use the Azure Terraform SRE TFC/TFE Addon.