Remote backend
Last updated
Was this helpful?
Last updated
Was this helpful?
The remote backend is a storage that hosts the Terraform state of your cloud infrastructure after it is provisioned.
Brainboard uses Terraform as the provisioning engine, and so the concept of the remote backend comes from the configuration of Terraform that allows you to specify which storage system you want to use and how to access it.
There are 2 places where you can configure the remote backend, and both of them are complementary, which gives you greater flexibility and security options to separate where the Terraform states are stored based on your policies.
The global setting allows you to specify the default remote backend for any project, environment or architecture created in Brainboard.
If you use your own S3 or blob storage remote backend, it means that by default all the states will be stored in your own infrastructure.
You have the possibility to specify a different remote backend at the architecture level, which gives more control on where you want to store the state files for any given architecture.
To specify a remote backend for the architecture:
Go to the deploy tab for your architecture.
Then click on the settings page:
Then follow the same steps as mentioned before for AWS S3, Azure blob storage or Brainboard backend.
Here are the list of the supported remote backend in Brainboard.
If you use a different backend from the supported ones, please reach out to our support team.
The default backend when you don't specify one is Brainboard.
Brainboard stores the Terraform state in its cloud storage, which helps you stay protected as we isolate by default the state of every architecture.
To configure Brainboard backend:
Go to the remote backend settings page.
Click on the 3 dots in the top-right corner of the configuration:
You can then select Brainboard backend and save.
You have the possibility to specify AWS S3 bucket in Brainboard, which means the Terraform state of all your architectures will be stored in the bucket you specify.
You have the possibility to override the remote backend of a specific architecture in its settings page.
When you specify the S3 bucket, Brainboard stored the Terraform state of every architecture in a separate file that has the UUID of the architecture as a name.
If you want to find the UUID of your architecture, refer to this page.
To configure S3 bucket as a remote backend:
Go to the remote backend settings page.
Click on the 3 dots in the top-right corner of the configuration:
Select AWS S3 option.
Add the Region and the Bucket name
Click on Apply to save your configuration.
New S3 bucket When you specify the bucket name, if the bucket doesn't exist, Brainboard will create a new one with the name you enter. To do so, it uses the default AWS credentials, so make sure these credentials have the rights to create a new bucket.
You have the possibility to specify Azure block storage in Brainboard, which means that the Terraform state of all your architectures will be stored in the blob storage you specify.
You have the possibility to override the remote backend of a specific architecture in its settings page.
When you specify the Azure block storage, Brainboard stored the Terraform state of every architecture in a separate file that has the UUID of the architecture as a name.
If you want to find the UUID of your architecture, refer to this page.
To configure Azure block storage as a remote backend:
Go to the remote backend settings page.
Click on the 3 dots in the top-right corner of the configuration:
Select Azure Blob Storage option.
Add the following information:
Storage account name
Storage account's access key: you can create a new access key following this Azure documentation
Storage container name
Click on Apply to save your configuration.
When you specify the storage container name, if the container doesn't exist, Brainboard will create a new one with the name you enter. To do so, it uses the default AzureRM credentials, so make sure these credentials have the rights to create a new storage container in the selected storage account.
You can also have the possibility to specify Terraform cloud as a remote backend in Brainboard to host your Terraform states of all your architectures.
You have the possibility to override the remote backend of a specific architecture in its settings page.
To configure TFC as a remote backend:
Go to the remote backend settings page.
Click on the 3 dots in the top-right corner of the configuration:
Select Terraform cloud option.
Add the following information:
Terraform cloud hostname
Organization name
Workspace name
The token to authenticate
Click on Apply to save your configuration.
To access the remote backend, Brainboard uses the default cloud provider credentials that you provide in the credentials page, so make sure that these credentials have the right to access the storage.
Refer to the data management page if you want to understand what information is manipulated and/or stored by Brainboard.
To migrate your Terraform state into Brainboard, you have 2 options:
Use Brainboard backend: in this case you need to upload your state files when you import your Terraform files, Brainboard will automatically detect the state file and put it in our storage.
Use your remote backend (AWS S3 or Azure blob storage):
Configure the remote backend in Brainboard. Follow the steps for AWS S3 or Azure blob storage
In the remote backend storage that you configured, create a folder that has as a name the architecture UUID.
Put your state in the folder you just created.
Test in Brainboard by launching a Terraform Plan from the design area of your architecture.
