Azure Authentication and Authorization
Overview
Terrateam needs permission to access resources in your Azure account.
Prerequisites
These instructions require you to run commands from a terminal.
Create a Terrateam Service Principal
A dedicated service principal and client secret is used to access Azure resources.
- Login to the Azure CLI
- Get your Subscription ID
Example output:
- Export your Subscription ID
- Set the Subscription ID
- Create a
terrateam
service principal
Example output:
Record the following to use below:
appID
maps toARM_CLIENT_ID
password
maps toARM_CLIENT_SECRET
tenant
maps toARM_TENANT_ID
Add Credentials to GitHub Secrets
Credentials are securely stored in GitHub Secrets and exposed as obfuscated environment variables in the Terrateam GitHub Action runtime environment.
- Export your Terraform
organization/repo
combination as an environment variable.
- Create the Azure Subscription ID GitHub Secret
- Create the Azure Client ID (
appID
) GitHub Secret
- Create the Azure Client Secret (
password
) GitHub Secret
- Create the Azure Tenant ID (
tenant
) GitHub Secret
Azure Terraform Provider
The Azure Terraform provider
will detect and use the ARM_*
GitHub Secrets automatically set in the Terrateam GitHub
Action runtime environment.