Azure
To use Terrateam with Azure, authentication and authorization need to be configured for your Azure account. Setup only takes a few minutes.
Prerequisites
Before you begin, ensure you have the following:
Create a Terrateam Service Principal
A dedicated service principal and client secret is used to access Azure resources.
- Login to the Azure CLI
az login
- Get your Subscription ID
Example output:az account list[{"cloudName": "AzureCloud","id": "00000000-0000-0000-0000-000000000000","isDefault": true,"name": "PAYG Subscription","state": "Enabled","tenantId": "00000000-0000-0000-0000-000000000000","user": {"name": "user@example.com","type": "user"}}]
- Export your Subscription ID
export SUBSCRIPTION_ID="<subscription-id>"
- Set the Subscription ID
az account set --subscription "$SUBSCRIPTION_ID"
- Create a
terrateam
service principalExample output:az ad sp create-for-rbac --role="Contributor" \--scopes="/subscriptions/$SUBSCRIPTION_ID"Record the following to use in the next step:{"appId": "00000000-0000-0000-0000-000000000000","displayName": "azure-cli-2017-06-05-10-41-15","name": "http://azure-cli-2017-06-05-10-41-15","password": "0000-0000-0000-0000-000000000000","tenant": "00000000-0000-0000-0000-000000000000"}appID
maps toARM_CLIENT_ID
password
maps toARM_CLIENT_SECRET
tenant
maps toARM_TENANT_ID
Add Credentials to GitHub Secrets
Credentials are securely stored in GitHub Secrets and exposed as obfuscated environment variables in the Terrateam GitHub Action runtime environment.
- Export your Terraform
organization/repo
combination as an environment variable.export REPO="<OWNER/REPO>" - Create the Azure Subscription ID GitHub Secret
gh secret --repo "$REPO" set ARM_SUBSCRIPTION_ID --body "$SUBSCRIPTION_ID"
- Create the Azure Client ID (
appID
) GitHub Secretgh secret --repo "$REPO" set ARM_CLIENT_ID - Create the Azure Client Secret (
password
) GitHub Secretgh secret --repo "$REPO" set ARM_CLIENT_SECRET - Create the Azure Tenant ID (
tenant
) GitHub Secretgh secret --repo "$REPO" set ARM_TENANT_ID
You are now able to use Terrateam for plan and apply operations against Azure resources.