After fighting for one day with Terraform, I am here crying for help.
Terraform v0.11.11
+ provider.azurerm v1.20.0
I am trying to create a new resource group and a storage account from scratch. It looks like it is possible to create a resource group without a storage account:
resource "azurerm_resource_group" "rg1" {
name = "myResourceGroup"
location = "West Europe"
}
the resource group gets created and no storage account exist at the moment. So at this point I am happy. I execute destroy and start from scratch again.
Now, in the code, after the resource group is created, I would like to create a storage account, since other resources later will need to reference it. The only reference that azurerm_storage_account needs is the reference to the resource group.
info about azurerm_storage_account https://www.terraform.io/docs/providers/azurerm/d/storage_account.html
The code looks like this now:
resource "azurerm_resource_group" "rg1" {
name = "myResourceGroup"
location = "West Europe"
}
data "azurerm_storage_account" "stacc1" {
name = "mystorageaccount"
resource_group_name = "${azurerm_resource_group.rg1.name}"
}
I run the plan command and get the following output:
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
<= read (data resources)
Terraform will perform the following actions:
<= data.azurerm_storage_account.stacc1
id: <computed>
access_tier: <computed>
account_encryption_source: <computed>
account_kind: <computed>
account_replication_type: <computed>
account_tier: <computed>
custom_domain.#: <computed>
enable_blob_encryption: <computed>
enable_file_encryption: <computed>
enable_https_traffic_only: <computed>
location: <computed>
name: "mystorageaccount"
primary_access_key: <computed>
primary_blob_connection_string: <computed>
primary_blob_endpoint: <computed>
primary_connection_string: <computed>
primary_file_endpoint: <computed>
primary_location: <computed>
primary_queue_endpoint: <computed>
primary_table_endpoint: <computed>
resource_group_name: "myResourceGroup"
secondary_access_key: <computed>
secondary_blob_connection_string: <computed>
secondary_blob_endpoint: <computed>
secondary_connection_string: <computed>
secondary_location: <computed>
secondary_queue_endpoint: <computed>
secondary_table_endpoint: <computed>
tags.%: <computed>
+ azurerm_resource_group.rg1
id: <computed>
location: "westeurope"
name: "myResourceGroup"
tags.%: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
it says that it will be looking for (not creating) the resource data.azurerm_storage_account.stacc1, and obviously running apply command will fail with the message:
Error: Error applying plan:
1 error(s) occurred:
- data.azurerm_storage_account.stacc1: data.azurerm_storage_account.stacc1: Error: Storage Account "mystorageaccount" (Resource Group "myResourceGroup") was not found
because it did not find the mentioned storage account.
All this leads to my question, "How can I create a storage account with Terraform in Azure?"
You need to use resource, not data entity. That is true for all the resources. Data entity is to get resource data, not create them.
resource "azurerm_resource_group" "testrg" {
name = "resourceGroupName"
location = "westus"
}
resource "azurerm_storage_account" "testsa" {
name = "storageaccountname"
resource_group_name = "${azurerm_resource_group.testrg.name}"
location = "westus"
account_tier = "Standard"
account_replication_type = "GRS"
tags {
environment = "staging"
}
}
https://www.terraform.io/docs/providers/azurerm/r/storage_account.html