Inline Script(脚本)在 Azure 中创建以下资源:
1)Storage 存储帐户
2)Blob存储容器(将存储状态文件)
3)密钥库,将用于安全地存储Storage 的访问密钥
Inline Script(内联脚本)如下所示:
# create azure resource group
az group create --location eastasia --name $(terraform_rg)
# create azure storage account
az storage account create --name $(storage_account) --resource-group $(terraform_rg) --location eastasia --sku Standard_LRS
# create storage account container for tf state
az storage container create --name $(storage_account_container) --account-name $(storage_account)
# query storage key and set variable
ACCOUNT_KEY=$(az storage account keys list --resource-group $(terraform_rg) --account-name $(storage_account) --query "[?keyName == 'key1'][value]" --output tsv)
# create azure keyvault
az keyvault create --name $(keyvault) --resource-group $(terraform_rg) --location eastasia --enable-soft-delete false
# set keyvault secret,secret value is ACCOUNT_KEY
az keyvault secret set --name $(keyvault_sc) --vault-name $(keyvault) --value $ACCOUNT_KEY