In order for my code in the orginal post to work, I did the following:
- Upgraded the version of terraform I was using from 0.12.10 to 0.12.21
- Upgraded the Azure CLI
- Remove terraform { backend “azurerm” {} } from main.tf
- Changed Backend.tfvars to Backend.tf
- Created a new App Registration in Azure AD
- Azure Active Directory → App Registrations → New Registration
- Create Client Secret for new App Registration
- Add app registration to specific Azure Subscription under Access Control (IAM) - Add - Add Role Assignemnt
- Added app registration as an Owner of that subscription
- Configured Backend.tf as follows:
terraform {
backend “azurerm” {
storage_account_name = “storageAccountName”
resource_group_name = “resourceGroupName”
container_name = “storage container”
key = “folder within storage container\nameOfFile.tfstate”
client_id = “id of app registration”
client_secret = “client secret of app registration”
subscription_id = “Azure subscription ID”
tenant_id = “Azure tenant ID”
}
}
- Within main.tf, configured the Azure provider as follows:
provider “azurerm” {
version = “=1.44.0”
subscription_id = “Azure subscription ID”
client_id = “id of app registration”
client_secret = “client secret of app registration”
tenant_id = “Azure tenant ID”
}
I have confirmed these changes work within numerous repos in our Azure Subscriptions