Time
2 hours 48 minutes
Difficulty
Intermediate
CEU/CPE
3

Video Transcription

00:00
So we previously pasted the access key value into our set environment. We're gonna go ahead and cut and paste the storage account name value into our terra form file. This has this randomly generated I. D. So yours is gonna look a little bit different. The container name itself TF state tea Estate.
00:19
That's fine. We can keep that. As is
00:21
the last piece of information is the key. And really, this isn't the access key. This is the name of the Terra form state file. And so we're gonna go ahead and call it a Dev. Terra formed TF State is the name of the file on this where it comes down to having different state files for different environments
00:40
and then even putting different access controls around those state files.
00:44
One thing you may notice is, hey, why are we hard coating the strings and the values of these variables? It wouldn't really be a good idea to make reference to bar, bar, dot storage, account, name, container, name and so forth. I said it would be a good idea. Um,
01:03
and especially when you take into account what we learned about variables and environments and so forth.
01:07
But terra form does not support that. Things do need to be string liberals A to this point, the language for for reasons that are a little deep to discuss at this point. But the way the constructs in the parsing process goes, it can't evaluate the variables at this point.
01:27
So
01:29
we're just gonna leave these hard coded as is I'm gonna come down to the command prompt. We are in the 05 directory. Gonna just run Terra Form and Mitt. Right? So we have this were initializing this very simplistic. It's It's okay. I've got a remote back end, and all I'm gonna do is define a particular resource group, right? So
01:49
I'm running to reform in it. You can see
01:51
Look at this, Successfully configured. Hopefully you're seeing something like this. Configure the back end of zero r M. If you don't have a message successful than it's having a tough time accessing that that remote storage back end. So maybe some of the values you put in here are wrong.
02:07
Also, double check and make sure you have the environment. Variable arm access key.
02:13
At this point, we haven't deployed anything.
02:15
We just took a naturalization and made sure that the remote back in is there.
02:21
What I want to do is shoot over to the user portal and let's take a look at the resource group that was created during the whole bootstrapping process. And sure enough, here we have our storage container. Oh, our storage accounts And then
02:38
you can watch is I'm navigating here. I'm gonna look at the different containers, the blob service,
02:43
and there's the TF state file. So these air the blobs that were set up,
02:49
um, for us, and this is what's gonna be holding the the remote state file.
02:55
As you can see, there are no blobs just yet. We haven't run the actual terra form apply process. We're gonna go ahead and do that right now. So if you can return to the consul, we're gonna run terra form apply Very simplistic, really. Should just say I'm gonna create a resource group. Right? But what we're trying to do here
03:15
is go through the whole exercise of
03:17
having ah, remote back. And sure enough, it's gonna create the resource group were going to say the value of Yes. So what we're expecting to see here when we look back at that blob is a file called the Deaf Terra Form TF state. So the whole the deployment took place successfully.
03:37
And sure enough, there is the tea estate. If we were to examine it,
03:39
it would look very akin to the TF state that we were looking on earlier in this lesson.
03:46
So that
03:47
covers the core things of state.
03:52
Hopefully, you feel pretty comfortable about that. The only other note I really want to make about the Terra form state file is you noticed we looked at it. It was a Jason format.
04:02
It doesn't encrypt anything. So when you have keys and key values,
04:08
they're going to be captured in plain text in the terra Form state file. And when we started out talking about this key and putting some access controls around it,
04:16
that is a very important issue to take into account, especially in your higher level environments, because that state file could very well have keys if you're setting up servers, for example, giving him an SS H key or some other sort of private keys, and you don't want people to have access to view those
04:36
If you open up,
04:38
even if it's not a right access, but just to read only access to your production TF state file. Theoretically, someone can get to it and read the contents of it and then figure out what your keys are. So this is a known shortcoming of the TF state file, something to certainly keep into account
04:55
as we close out our conversation regarding the Terra form state file.

Up Next

Fundamentals of Terraform

In this Terraform training course, students will learn the basics of the tool through hands-on labs, become comfortable with its core language features, learn how Terraform fits into the cloud tooling landscape.

Instructed By

Instructor Profile Image
James Leone
Cloud, IoT & DevSecOps at Abbott
Instructor