Setting Up Azure Storage to Be Used for Terraform Remote State

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

Hey, Gurus! Welcome to the Setting Up Azure Storage to Be Used for Terraform Remote State lab. In this lab, we will cover 4 objectives:

1. First, we will log into the Azure portal and then configure the Cloud Shell to use bash.
1. Second, we will download and run a script to setup the lab environment.
1. Third, we will create an Azure Storage account with a storage container to use for remote storage of our Terraform state file.
1. And for our fourth objective, we will configure Terraform to use Azure Storage to remotely store our state.

It is considered best practice to remotely store your state since it helps keep the file secure as it may contain sensitive data in plain text. It also allows for collaboration when managing and working with resources in a team environment.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Set Up the Cloud Shell

In the Portal

  1. Go to the portal and log in using your lab credentials.
  2. Click the Cloud Shell icon next to the search bar in the portal.
  3. Select Bash at the prompt.
  4. Click Show Advanced Settings.
  5. Set the Cloud Shell region to the same location as the resource group.
  6. Select the existing Resource Group, and select Use Existing for the Storage Account.
  7. In the File share section, choose Create new and enter "terraform".
  8. Click Attach Storage.
Set Up the Lab Environment

In the Cloud Shell

  1. Download the script at
  2. Add execute permissions to the script.
  3. Run the script.
  4. Move to the terraformguru directory.
  5. Initialize the working directory.
Create the Azure Storage Account Configuration

In the Cloud Shell

  1. Import the resource group found in the file.
  2. Look up and add the resource group name and location values to the resource block.
  3. Add the following resource blocks to the configuration and save the file:

    resource "azurerm_storage_account" "tfstate" {
      name                     = "tfstate${random_string.resource_code.result}"
      resource_group_name      =
      location                 =
      account_tier             = "Standard"
      account_replication_type = "LRS"
      allow_blob_public_access = true
      tags = {
        environment = "dev"
    resource "azurerm_storage_container" "tfstate" {
      name                  = "tfstate"
      storage_account_name  =
      container_access_type = "blob"
    # Outputs
    output "storage_account_name" {
       value =
    output "storage_container_name" {
      value =
  4. Check your formatting and validate your code.
  5. Deploy your resources and copy the values in the output.
Deploy the Azure Storage Account with Terraform

1) Once successfully deployed, create a file called and add the following code:

    terraform {
      backend "azurerm" {
        resource_group_name  = "<RESOURCE_GROUP_NAME>"
        storage_account_name = "<STORAGE_ACCOUNT_NAME>"
        container_name       = "CONTAINER_NAME"
        key                  = "terraform.tfstate"

2) Replace the <RESOURCE_GROUP_NAME> and <STORAGE_ACCOUNT_NAME> placeholders with the values from the outputs of the storage account deployment.
3) Save the file.
4) Run the terraform init command to add your remote state backend configuration.
5) Verify that your state is now being stored remotely.
6) Once verified, delete your local state file.

Additional Resources

Picture this…

You and your team have been assigned the task of creating a new development environment to test a new app deployment strategy. Since you need other members of the team to help build and maintain this new environment, you will need to store your Terraform state remotely so each team member isn’t stepping on each other's toes when making changes to the infrastructure. You log into the Azure Portal, hop into the Cloud Shell, and start creating the configuration files needed to create an Azure Storage account and an Azure Storage container. To help yourself out, you make Terraform output the storage account and container information after the resource deployment, which you then use to create your backend configuration that will allow you to store your state remotely.

Now that we have a plan, let’s put it into action!

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?