Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >

Search





Overview

Did you know?

Each Terraform configuration can specify a backend, which defines where and how operations are performed including where the snapshots are stored and more. Terraform uses persistent State data to keep track of the resources it manages and includes information on how real-world infrastructure objects correspond to the resources in a configuration. All users working on the collection of infrastructure resources need access to the same state data. For more information, see Terraform States.

State Locking
Terraform automatically locks all your operations that have the capability to change the State to prevent others from acquiring the lock and potentially damaging your state. To learn how Artifactory supports State Locking, see Viewing State and Lock Information and History

From JFrog Artifactory 7.38.4, the Terraform Backend repository serves as a dedicated Remote State Storage Provider. It works together with and in parallel to the Terraform registry, which also serves as the dedicated Terraform registry for hosting your modules and providers in the JFrog Platform. For more information, see Terraform Backends.

Each Terraform Module can have an associated
Backend that defines how operations are executed and a state file that tracks the resources created by your configuration and maps them to real-world resources. Certain backends support multiple named workspaces, allowing multiple states to be associated with a single configuration. The configuration still has only one backend, but multiple distinct instances of that configuration can be deployed without configuring a new backend or changing authentication credentials.

Page Contents


Terraform Backend Repository Structure

The Terraform Backend repository is a directory with a collection of workspaces consisting of these main coordinates;

  • backend: Set as Remote by definition
  • hostname: Your Artifactory domain name
  • organization: Backend Artifactory Repository name
  • prefix: Allows users to add a user-defined prefix when working with multiple workspace under the same prefix.
terraform {
  backend “remote” {
    hostname = “my_artifactory_domain.org”
    organization = “backend repository name”
    workspaces {
          prefix = “my-prefix-”   
    }
  }
}



Setting up a Local Terraform Backend Repository

Local repositories enable you to deploy Terraform Backend Zip files. Artifactory calculates the metadata for all file and indexes them to allow users to download these packages through the Terraform CLI. 

  1. To create an Terraform Backend local repository, navigate to the Administration module.
  2. Navigate to Repositories | Repositories | Local | New Local Repository and select Terraform BE as the Package Type.


Setting Up Artifactory as the Remote State and Locking Provider

In Artifactory, you can set up the Terraform Backend repository as a remote state and locking provider.

To use Artifactory with your Terraform CLI, you will need to generate an access token. 

Prerequisite

  1. Navigate to Application Module | Artifactory | Artifacts
  2. Select the desired repository.
  3. Select Set Me Up.
  4. Follow the instructions in the Configure tab.

Viewing Individual Terraform Workspace Information

Artifactory lets you view selected metadata of a Terraform Backend workspace directly from the UI.

In the Artifact Repository Browser, select your local Terraform Backend repository and scroll down to find and select the package you want to inspect.

The metadata is displayed in the Terraform Info tab, or viewed in the Packages view.

Viewing State and Lock Information and History

Artifactory automatically generates a state.json file when a workspace.json is deployed. The latest file is declared as the state.latest.json and all previous states are renamed with a timestamp indicating the time they are were created, for example, state.1640018380463.json.

Artifactory provides information about the workspace deployment process.

In Artifactory, while performing Terraform configuration changes you will notice that the locked.by property together with the name of the user performing the change is displayed in the Properties tab of the Workspace.



  • No labels
Copyright © 2022 JFrog Ltd.