Remote backend
Last updated
Was this helpful?
Last updated
Was this helpful?
The remote backend is a storage that hosts the Terraform state of your cloud infrastructure after it is provisioned.
Brainboard uses Terraform as the provisioning engine, and so the concept of the remote backend comes from the configuration of Terraform that allows you to specify which storage system you want to use and how to access it.
There are 2 places where you can configure the remote backend, and both of them are complementary, which gives you greater flexibility and security options to separate where the Terraform states are stored based on your policies.
The allows you to specify the default remote backend for any project, environment or architecture created in Brainboard.
If you use your own S3 or blob storage remote backend, it means that by default all the states will be stored in your own infrastructure.
You have the possibility to specify a different remote backend at the architecture level, which gives more control on where you want to store the state files for any given architecture.
To specify a remote backend for the architecture:
Go to the deploy
tab for your architecture.
Then click on the settings page:
Then follow the same steps as mentioned before for , or .
Here are the list of the supported remote backend in Brainboard.
The default backend when you don't specify one is Brainboard.
Brainboard stores the Terraform state in its cloud storage, which helps you stay protected as we isolate by default the state of every architecture.
To configure Brainboard backend:
Click on the 3 dots in the top-right corner of the configuration:
You can then select Brainboard backend and save.
You have the possibility to specify AWS S3 bucket in Brainboard, which means the Terraform state of all your architectures will be stored in the bucket you specify.
You have the possibility to override the remote backend of a specific architecture in its settings page.
When you specify the S3 bucket, Brainboard stored the Terraform state of every architecture in a separate file that has the UUID of the architecture as a name.
To configure S3 bucket as a remote backend:
Click on the 3 dots in the top-right corner of the configuration:
Select AWS S3
option.
Add the Region
and the Bucket name
Click on Apply
to save your configuration.
You have the possibility to specify Azure block storage in Brainboard, which means that the Terraform state of all your architectures will be stored in the blob storage you specify.
You have the possibility to override the remote backend of a specific architecture in its settings page.
When you specify the Azure block storage, Brainboard stored the Terraform state of every architecture in a separate file that has the UUID of the architecture as a name.
To configure Azure block storage as a remote backend:
Click on the 3 dots in the top-right corner of the configuration:
Select Azure Blob Storage
option.
Add the following information:
Storage account name
Storage container name
Click on Apply
to save your configuration.
You can also have the possibility to specify Terraform cloud as a remote backend in Brainboard to host your Terraform states of all your architectures.
You have the possibility to override the remote backend of a specific architecture in its settings page.
To configure TFC as a remote backend:
Click on the 3 dots in the top-right corner of the configuration:
Select Terraform cloud
option.
Add the following information:
Terraform cloud hostname
Organization name
Workspace name
The token to authenticate
Click on Apply
to save your configuration.
To migrate your Terraform state into Brainboard, you have 2 options:
Use Brainboard backend: in this case you need to upload your state files when you import your Terraform files, Brainboard will automatically detect the state file and put it in our storage.
Use your remote backend (AWS S3 or Azure blob storage):
In the remote backend storage that you configured, create a folder that has as a name the architecture UUID.
Put your state in the folder you just created.
Test in Brainboard by launching a Terraform Plan from the design area of your architecture.
Go to the .
If you want to find the UUID of your architecture, refer to .
Go to the .
If you want to find the UUID of your architecture, refer to .
Go to the .
Storage account's access key: you can create a new access key following this
Go to the .
To access the remote backend, Brainboard uses the default cloud provider credentials that you provide in the , so make sure that these credentials have the right to access the storage.
Refer to the page if you want to understand what information is manipulated and/or stored by Brainboard.
Configure the remote backend in Brainboard. Follow the steps for or