HomeTerraform Moduleremote-backend

remote-backend

avinor/remote-backend/azurerm

Terraform Module HCL AZURERM

Terraform module to deploy a remote backend storage for Azure

Install
module "remote-backend" {
source = "avinor/remote-backend/azurerm"
version = "3.0.0"
}
plain text: /constructs/tfmod-avinor-remote-backend-azurerm/install.txt
⭐ Source on GitHub 📦 Registry page
README

Remote backend Terraform module to deploy a remote backend storage with Key Vault to manage SAS Token and key rotation. To access the remote state retrieve the SAS Token from Key Vault, do not use the access keys on storage account. SAS Token retrieved from Key Vault grants 1 day access, after that it will have to be refreshed. The access keys on storage account will automatically rotate on a 30 day schedule, this can be adjusted with the input variable key_rotation_days. Each backend creates a new storage account and Key Vault. The Key Vault can also be used for storing other secrets related to terraform. Use the access_policies variable to define users that should have access. It is recommended to read Secure access to a key vault documentation for which policies to apply. Terraform has

Inputs (9)
NameTypeDescriptionDefault
resource_group_namestringName of resource group to deploy resources in. required
locationstringAzure location where resources should be deployed. required
namestringName of backend storage account. required
enable_advanced_threat_protectionboolBoolean flag which controls if advanced threat protection is enabled.false
key_rotation_daysnumberNumber of days between key rotations on storage account30
log_analytics_workspace_idstringSpecifies the ID of a Log Analytics Workspace where Diagnostics Data should be snull
tagsmap(string)Tags to apply to all resources created.{}
access_policieslist(object({ object_id Map of access policies for an object_id (user, service principal, security group[]
network_rulesobject({ bypass = set(stNetwork rules to apply to storage account.null
Outputs (1)
vault_id — Vault id for the remote state key vault.
Resources (9)
azurerm_advanced_threat_protectionazurerm_key_vaultazurerm_key_vault_access_policyazurerm_monitor_diagnostic_settingazurerm_resource_groupazurerm_role_assignmentazurerm_storage_accountazurerm_storage_containernull_resource
Topics & Tags
terraformazureterraform-module
Details
FrameworkTerraform Module
LanguageHCL
Version3.0.0
Cloud AZURERM
★ Stars6
Forks14
Total downloads6.1k
Inputs9
Outputs1
Resources9
Examples3
LicenseApache-2.0
Namespaceavinor
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952azure
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581azure
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210azure
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform
Tools
⚖ Compare with another construct → 📋 View data schema