TerraformHow-ToBeginner · 4 min read

How to Use Azure Blob Backend in Terraform for State Storage

To use azurerm backend in Terraform, configure the backend block with your Azure Storage account details including storage_account_name, container_name, and key. This setup stores Terraform state files in Azure Blob Storage, enabling safe state management and collaboration.

📐

Syntax

The backend block in Terraform configures where Terraform stores its state file. For Azure Blob Storage, you use azurerm as the backend type. You must specify:

storage_account_name: Your Azure Storage account name.
container_name: The blob container where state files are saved.
key: The name of the state file inside the container.
resource_group_name: The resource group of the storage account.

This setup ensures Terraform state is stored remotely and securely.

terraform

terraform {
  backend "azurerm" {
    resource_group_name   = "myResourceGroup"
    storage_account_name  = "mystorageaccount"
    container_name        = "tfstate"
    key                   = "terraform.tfstate"
  }
}

💻

Example

This example shows a complete Terraform configuration that uses Azure Blob Storage as the backend. It includes the backend configuration and a simple resource to demonstrate state management.

terraform

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
  }

  backend "azurerm" {
    resource_group_name   = "example-resources"
    storage_account_name  = "examplestorageacct"
    container_name        = "tfstate"
    key                   = "prod.terraform.tfstate"
  }
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "East US"
}

Output

Terraform will initialize the backend and store the state file in the specified Azure Blob Storage container. The resource group will be created in Azure when applied.

⚠️

Common Pitfalls

Common mistakes when using Azure Blob backend in Terraform include:

Not creating the storage account or container before initializing Terraform backend.
Using incorrect resource_group_name or storage_account_name causing backend initialization failure.
Missing permissions for Terraform to access the storage account.
Forgetting to run terraform init after backend configuration changes.

Always ensure the Azure resources exist and your credentials have proper access.

terraform

terraform {
  backend "azurerm" {
    resource_group_name   = "wrong-group"
    storage_account_name  = "wrongstorage"
    container_name        = "tfstate"
    key                   = "terraform.tfstate"
  }
}

# Corrected version:
terraform {
  backend "azurerm" {
    resource_group_name   = "correct-group"
    storage_account_name  = "correctstorage"
    container_name        = "tfstate"
    key                   = "terraform.tfstate"
  }
}

📊

Quick Reference

Remember these tips when using Azure Blob backend in Terraform:

Always create the storage account and container before backend setup.
Use terraform init to initialize or update backend configuration.
Ensure your Azure credentials have Storage Blob Data Contributor role.
Use a unique key for each environment to avoid state conflicts.

✅

Key Takeaways

Configure the backend block with correct Azure Storage account, container, and key to use Azure Blob backend.

Create the storage account and container in Azure before initializing Terraform backend.

Run terraform init after backend changes to properly configure remote state storage.

Ensure Terraform has proper permissions to access the Azure Blob Storage.

Use unique state file keys to separate environments and avoid conflicts.