Introduction
Terraform is an open-source infrastructure as code (IaC) tool developed by HashiCorp. Instead of using imperative commands (step-by-step instructions), Terraform uses declarative code (“here’s what I want”).
The Backblaze B2 Terraform provider allows you to do things like create and manage application keys, buckets, and upload files.
Prerequisites
In order to use the Backblaze B2 Terraform provider you will need to first download a Terraform binary. You can find the appropriate binary for your platform on the Terraform download page.
You will also need a B2 account and credentials. You can follow the quick start if you’re new to B2 to walk you through the process.
Finally, you will need to set your Application Key and Application Key ID environmental variables for terraform to read at runtime.
$ export B2_APPLICATION_KEY_ID=0000000000000000000000000
$ export B2_APPLICATION_KEY=0000000000000000000000000000000
Creating an Application Key
If you’d like to use Terraform to create an access key, you can follow the example below. Save this code into a file called application_key.tf.
terraform {
required_version = ">= 0.13"
required_providers {
b2 = {
source = "Backblaze/b2"
version = "~> 0.2"
}
}
}
provider "b2" {
}
resource "b2_application_key" "example" {
key_name = "test-b2-tfp-0000000000000000000"
capabilities = ["readFiles"]
}
data "b2_application_key" "example" {
key_name = b2_application_key.example.key_name
}
output "application_key" {
value = data.b2_application_key.example
}
Once you’ve saved that file you need to first initialize the Terraform environment by running
$ terraform init
You should see the following output:
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of backblaze/b2 from the dependency lock file
- Using previously-installed backblaze/b2 v0.2.1
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.
The next step is to create and run your Terraform plan, you can do that by running:
terraform plan -out=application_key.out
You will see the following output:
$ terraform plan -out=application_key.out
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
<= read (data resources)
Terraform will perform the following actions:
# data.b2_application_key.example will be read during apply
# (config refers to values not yet known)
<= data "b2_application_key" "example" {
+ application_key_id = (known after apply)
+ bucket_id = (known after apply)
+ capabilities = (known after apply)
+ id = (known after apply)
+ key_name = "test-b2-tfp-0000000000000000000"
+ name_prefix = (known after apply)
+ options = (known after apply)
}
# b2_application_key.example will be created
+ resource "b2_application_key" "example" {
+ application_key = (sensitive value)
+ application_key_id = (known after apply)
+ capabilities = [
+ "readFiles",
]
+ id = (known after apply)
+ key_name = "test-b2-tfp-0000000000000000000"
+ options = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: application_key.out
To perform exactly these actions, run the following command to apply:
terraform apply "application_key.out"
You can see that terraform is letting you know that it wants to add 1 key, change 0, and destroy 0. If you are satisfied with the plan, you can now apply it by running this command:
$ terraform apply application_key.out
You should see the following output:
$ terraform apply application_key.out
b2_application_key.example: Creating...
b2_application_key.example: Creation complete after 4s [id=0000000000000000000000000]
data.b2_application_key.example: Reading...
data.b2_application_key.example: Read complete after 4s [id=0000000000000000000000000]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.
State path: terraform.tfstate
Congratulations, you just created a read only Application key with the Terraform B2 provider.
Cleaning up
If you'd like to cleanup the application key you just created, you can run the following command and then type yes when prompted.
$ terraform destroy
You should see the following output:
$ terraform destroy
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# b2_application_key.example will be destroyed
- resource "b2_application_key" "example" {
- application_key = (sensitive value)
- application_key_id = "0000000000000000000000000" -> null
- capabilities = [
- "readFiles",
] -> null
- id = "0000000000000000000000000" -> null
- key_name = "test-b2-tfp-0000000000000000000" -> null
- options = [
- "s3",
] -> null
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
b2_application_key.example: Destroying... [id=0000000000000000000000000]
b2_application_key.example: Destruction complete after 3s
Destroy complete! Resources: 1 destroyed.
Articles in this section
- How to Upload Files to B2 Using Fireball
- How to find Unfinished Large Files in your account
- B2 Mobile App Overview - iOS
- B2 Mobile App Overview - Android
- Getting Started with Instant Recovery in Any Cloud - DR Planning with Veeam and phoenixNAP
- How to setup Vultr Compute with Backblaze B2
- B2 & AWS CLI User Guide
- Guide to using Backblaze Fireball with Iconik Internet Storage Gateway (ISG)
- How to order a Snapshot Drive
- Why do I need to verify my email address to create a public bucket?