Skip to main content

Initializers 

import cdktn

cdktn.AzurermBackend(
  scope: Construct,
  container_name: str,
  key: str,
  storage_account_name: str,
  access_key: str = None,
  client_certificate_password: str = None,
  client_certificate_path: str = None,
  client_id: str = None,
  client_secret: str = None,
  endpoint: str = None,
  environment: str = None,
  metadata_host: str = None,
  msi_endpoint: str = None,
  oidc_request_token: str = None,
  oidc_request_url: str = None,
  oidc_token: str = None,
  oidc_token_file_path: str = None,
  resource_group_name: str = None,
  sas_token: str = None,
  snapshot: bool = None,
  subscription_id: str = None,
  tenant_id: str = None,
  use_azuread_auth: bool = None,
  use_microsoft_graph: bool = None,
  use_msi: bool = None,
  use_oidc: bool = None
)
NameTypeDescription
scopeconstructs.ConstructNo description.
container_namestr(Required) The Name of the Storage Container within the Storage Account.
keystr(Required) The name of the Blob used to retrieve/store Terraform’s State file inside the Storage Container.
storage_account_namestr(Required) The Name of the Storage Account.
access_keystraccess_key - (Optional) The Access Key used to access the Blob Storage Account.
client_certificate_passwordstr(Optional) The password associated with the Client Certificate specified in client_certificate_path.
client_certificate_pathstr(Optional) The path to the PFX file used as the Client Certificate when authenticating as a Service Principal.
client_idstr(Optional) The Client ID of the Service Principal.
client_secretstr(Optional) The Client Secret of the Service Principal.
endpointstr(Optional) The Custom Endpoint for Azure Resource Manager. This can also be sourced from the ARM_ENDPOINT environment variable.
environmentstr(Optional) The Azure Environment which should be used.
metadata_hoststr(Optional) The Hostname of the Azure Metadata Service (for example management.azure.com), used to obtain the Cloud Environment when using a Custom Azure Environment. This can also be sourced from the ARM_METADATA_HOSTNAME Environment Variable.).
msi_endpointstr(Optional) The path to a custom Managed Service Identity endpoint which is automatically determined if not specified.
oidc_request_tokenstr(Optional) The bearer token for the request to the OIDC provider.
oidc_request_urlstr(Optional) The URL for the OIDC provider from which to request an ID token.
oidc_tokenstr(Optional) The ID token when authenticating using OpenID Connect (OIDC).
oidc_token_file_pathstr(Optional) The path to a file containing an ID token when authenticating using OpenID Connect (OIDC).
resource_group_namestr(Required) The Name of the Resource Group in which the Storage Account exists.
sas_tokenstr(Optional) The SAS Token used to access the Blob Storage Account.
snapshotbool(Optional) Should the Blob used to store the Terraform Statefile be snapshotted before use?
subscription_idstr(Optional) The Subscription ID in which the Storage Account exists.
tenant_idstr(Optional) The Tenant ID in which the Subscription exists.
use_azuread_authbool(Optional) Should AzureAD Authentication be used to access the Blob Storage Account.
use_microsoft_graphbool(Optional) Should MSAL be used for authentication instead of ADAL, and should Microsoft Graph be used instead of Azure Active Directory Graph?
use_msibool(Optional) Should Managed Service Identity authentication be used?
use_oidcbool(Optional) Should OIDC authentication be used? This can also be sourced from the ARM_USE_OIDC environment variable.

scopeRequired

  • Type: constructs.Construct

container_nameRequired

  • Type: str
(Required) The Name of the Storage Container within the Storage Account.

keyRequired

  • Type: str
(Required) The name of the Blob used to retrieve/store Terraform’s State file inside the Storage Container.

storage_account_nameRequired

  • Type: str
(Required) The Name of the Storage Account.

access_keyOptional

  • Type: str
access_key - (Optional) The Access Key used to access the Blob Storage Account. This can also be sourced from the ARM_ACCESS_KEY environment variable.

client_certificate_passwordOptional

  • Type: str
(Optional) The password associated with the Client Certificate specified in client_certificate_path. This can also be sourced from the ARM_CLIENT_CERTIFICATE_PASSWORD environment variable.

client_certificate_pathOptional

  • Type: str
(Optional) The path to the PFX file used as the Client Certificate when authenticating as a Service Principal. This can also be sourced from the ARM_CLIENT_CERTIFICATE_PATH environment variable.

client_idOptional

  • Type: str
(Optional) The Client ID of the Service Principal. This can also be sourced from the ARM_CLIENT_ID environment variable.

client_secretOptional

  • Type: str
(Optional) The Client Secret of the Service Principal. This can also be sourced from the ARM_CLIENT_SECRET environment variable.

endpointOptional

  • Type: str
(Optional) The Custom Endpoint for Azure Resource Manager. This can also be sourced from the ARM_ENDPOINT environment variable. NOTE: An endpoint should only be configured when using Azure Stack.

environmentOptional

  • Type: str
(Optional) The Azure Environment which should be used. This can also be sourced from the ARM_ENVIRONMENT environment variable. Possible values are public, china, german, stack and usgovernment. Defaults to public.

metadata_hostOptional

  • Type: str
(Optional) The Hostname of the Azure Metadata Service (for example management.azure.com), used to obtain the Cloud Environment when using a Custom Azure Environment. This can also be sourced from the ARM_METADATA_HOSTNAME Environment Variable.).

msi_endpointOptional

  • Type: str
(Optional) The path to a custom Managed Service Identity endpoint which is automatically determined if not specified. This can also be sourced from the ARM_MSI_ENDPOINT environment variable.

oidc_request_tokenOptional

  • Type: str
(Optional) The bearer token for the request to the OIDC provider. This can also be sourced from the ARM_OIDC_REQUEST_TOKEN or ACTIONS_ID_TOKEN_REQUEST_TOKEN environment variables.

oidc_request_urlOptional

  • Type: str
(Optional) The URL for the OIDC provider from which to request an ID token. This can also be sourced from the ARM_OIDC_REQUEST_URL or ACTIONS_ID_TOKEN_REQUEST_URL environment variables.

oidc_tokenOptional

  • Type: str
(Optional) The ID token when authenticating using OpenID Connect (OIDC). This can also be sourced from the ARM_OIDC_TOKEN environment variable.

oidc_token_file_pathOptional

  • Type: str
(Optional) The path to a file containing an ID token when authenticating using OpenID Connect (OIDC). This can also be sourced from the ARM_OIDC_TOKEN_FILE_PATH environment variable.

resource_group_nameOptional

  • Type: str
(Required) The Name of the Resource Group in which the Storage Account exists.

sas_tokenOptional

  • Type: str
(Optional) The SAS Token used to access the Blob Storage Account. This can also be sourced from the ARM_SAS_TOKEN environment variable.

snapshotOptional

  • Type: bool
(Optional) Should the Blob used to store the Terraform Statefile be snapshotted before use? Defaults to false. This value can also be sourced from the ARM_SNAPSHOT environment variable.

subscription_idOptional

  • Type: str
(Optional) The Subscription ID in which the Storage Account exists. This can also be sourced from the ARM_SUBSCRIPTION_ID environment variable.

tenant_idOptional

  • Type: str
(Optional) The Tenant ID in which the Subscription exists. This can also be sourced from the ARM_TENANT_ID environment variable.

use_azuread_authOptional

  • Type: bool
(Optional) Should AzureAD Authentication be used to access the Blob Storage Account. This can also be sourced from the ARM_USE_AZUREAD environment variable. Note: When using AzureAD for Authentication to Storage you also need to ensure the Storage Blob Data Owner role is assigned.

use_microsoft_graphOptional

  • Type: bool
(Optional) Should MSAL be used for authentication instead of ADAL, and should Microsoft Graph be used instead of Azure Active Directory Graph? Defaults to true. Note: In Terraform 1.2 the Azure Backend uses MSAL (and Microsoft Graph) rather than ADAL (and Azure Active Directory Graph) for authentication by default - you can disable this by setting use_microsoft_graph to false. This setting will be removed in Terraform 1.3, due to Microsoft’s deprecation of ADAL.

use_msiOptional

  • Type: bool
(Optional) Should Managed Service Identity authentication be used? This can also be sourced from the ARM_USE_MSI environment variable.

use_oidcOptional

  • Type: bool
(Optional) Should OIDC authentication be used? This can also be sourced from the ARM_USE_OIDC environment variable. Note: When using OIDC for authentication, use_microsoft_graph must be set to true (which is the default).

Methods

NameDescription
to_stringReturns a string representation of this construct.
add_overrideNo description.
override_logical_idOverrides the auto-generated logical ID with a specific ID.
reset_override_logical_idResets a previously passed logical Id to use the auto-generated logical id again.
to_hcl_terraformNo description.
to_metadataNo description.
to_terraformAdds this resource to the terraform JSON output.
get_remote_state_data_sourceCreates a TerraformRemoteState resource that accesses this backend.

to_string 

def to_string() -> str
Returns a string representation of this construct.

add_override 

def add_override(
  path: str,
  value: typing.Any
) -> None

pathRequired

  • Type: str

valueRequired

  • Type: typing.Any

override_logical_id 

def override_logical_id(
  new_logical_id: str
) -> None
Overrides the auto-generated logical ID with a specific ID.

new_logical_idRequired

  • Type: str
The new logical ID to use for this stack element.

reset_override_logical_id 

def reset_override_logical_id() -> None
Resets a previously passed logical Id to use the auto-generated logical id again.

to_hcl_terraform 

def to_hcl_terraform() -> typing.Any

to_metadata 

def to_metadata() -> typing.Any

to_terraform 

def to_terraform() -> typing.Any
Adds this resource to the terraform JSON output.

get_remote_state_data_source 

def get_remote_state_data_source(
  scope: Construct,
  name: str,
  _fromstack: str
) -> TerraformRemoteState
Creates a TerraformRemoteState resource that accesses this backend.

scopeRequired

  • Type: constructs.Construct

nameRequired

  • Type: str

_fromstackRequired

  • Type: str

Static Functions

NameDescription
is_constructChecks if x is a construct.
is_terraform_elementNo description.
is_backendNo description.

is_construct 

import cdktn

cdktn.AzurermBackend.is_construct(
  x: typing.Any
)
Checks if x is a construct. Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked. Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

  • Type: typing.Any
Any object.

is_terraform_element 

import cdktn

cdktn.AzurermBackend.is_terraform_element(
  x: typing.Any
)

xRequired

  • Type: typing.Any

is_backend 

import cdktn

cdktn.AzurermBackend.is_backend(
  x: typing.Any
)

xRequired

  • Type: typing.Any

Properties

NameTypeDescription
nodeconstructs.NodeThe tree node.
cdktf_stackTerraformStackNo description.
fqnstrNo description.
friendly_unique_idstrNo description.

nodeRequired 

node: Node
  • Type: constructs.Node
The tree node.

cdktf_stackRequired 

cdktf_stack: TerraformStack

fqnRequired 

fqn: str
  • Type: str

friendly_unique_idRequired 

friendly_unique_id: str
  • Type: str