Saving tfstate in storage created by the same terraform

Terraform
1

Hi,
Since last year I had a chance to work with terraform to some extent. During that time there was one question that was returning to me every time I had to build a new environment. The question was why I can’t save tfstate to the container in the cloud (Azure in that case) that was created by the same terraform. Example of what I have in mind.


terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=2.46.0"
    }
  }
  backend "azurerm" {
    resource_group_name  = azurerm_resource_group.tfstate.name
    storage_account_name = azurerm_storage_account.tfstate.name
    container_name       = azurerm_storage_container.tfstate.name
    key                  = terraform.tfstate
  }
}

provider "azurerm" {
  features {}
}

resource "random_string" "resource_code" {
  length  = 5
  special = false
  upper   = false
}

resource "azurerm_resource_group" "tfstate" {
  name     = "tfstate"
  location = "East US"
}

resource "azurerm_storage_account" "tfstate" {
  name                     = "tfstate${random_string.resource_code.result}"
  resource_group_name      = azurerm_resource_group.tfstate.name
  location                 = azurerm_resource_group.tfstate.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
  allow_blob_public_access = true

}

resource "azurerm_storage_container" "tfstate" {
  name                  = "tfstate"
  storage_account_name  = azurerm_storage_account.tfstate.name
  container_access_type = "blob"
}
2

Because that would be a circular dependency. You’d be telling Terraform to use the container before it was created.

3

Arent tfstate is created after successful infrastructure deployment?

4

It still needs to read the storage at the beginning of every Terraform run, including the first, to confirm the starting point (even if that’s nothing), and be able to save it back at any point during a run if an error occurs.