Atlantis for Terraform Automation with Azure multi-subscription
1.Make Azure Service Principal with Multi-Subscription
az ad sp create-for-rbac -n "xxx" --role Owner --scopes /subscriptions/xxx-xxx-xxx-xxx-xxx /subscriptions/xxx-xxx-xxx-xxx-xxx2.Dockerfile command
FROM ghcr.io/runatlantis/atlantis:latest
ENV ARM_CLIENT_ID=xxx
ENV ARM_CLIENT_SECRET=xxx
ENV ARM_TENANT_ID=xxx
ENV ARM_SUBSCRIPTION_ID=xxx
RUN apk add py3-pip
RUN apk add gcc musl-dev python3-dev libffi-dev openssl-dev cargo make
RUN pip install --upgrade pip
RUN pip install azure-cli
RUN az login --service-principal -u xxx -p xxx --tenant xxx
3.'backend.tf' with each azure subsctiption
terraform {
backend "azurerm" {
container_name = "xxx"
key = "xxx"
resource_group_name = "xxx"
storage_account_name = "xxx"
subscription_id = "xxx"
}
}4.Reference
Terraform Pull Request Automation | Atlantis
Atlantis: Terraform Pull Request Automation
Terragrunt | Terraform wrapper
Terragrunt is a thin wrapper for Terraform that provides extra tools for keeping your Terraform configurations DRY, working with multiple Terraform modules, and managing remote state.
Create Azure service principals using the Azure CLI
Learn how to create and use service principals to control access to Azure resources using the Azure CLI.
