Azure Provider

The Azure Provider can be used to configure infrastructure in Microsoft Azure using the Azure Resource Manager API's. Documentation regarding the Data Sources and Resources supported by the Azure Provider can be found in the navigation to the left.

To learn the basics of Terraform using this provider, follow the hands-on get started tutorials.

Interested in the provider's latest features, or want to make sure you're up to date? Check out the changelog for version information and release notes.

Authenticating to Azure

Terraform supports a number of different methods for authenticating to Azure:


We recommend using either a Service Principal or Managed Service Identity when running Terraform non-interactively (such as when running Terraform in a CI server) - and authenticating using the Azure CLI when running Terraform locally.

->Note: The User, Service Principal or Managed Identity running Terraform should have permissions to register Azure Resource Providers. If the principal running Terraform has insufficient permissions to register Resource Providers then we recommend setting the property skip_provider_registration in the provider block to prevent auto-registration.

Example Usage

# We strongly recommend using the required_providers block to set the
# Azure Provider source and version being used
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.0.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  skip_provider_registration = true # This is only required when the User, Service Principal, or Identity running Terraform lacks the permissions to register Azure Resource Providers.
  features {}
}

# Create a resource group
resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

# Create a virtual network within the resource group
resource "azurerm_virtual_network" "example" {
  name                = "example-network"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  address_space       = ["10.0.0.0/16"]
}

Bugs and Feature Requests

The Azure provider's bugs and feature requests can be found in the GitHub repo issues. Please avoid "me too" or "+1" comments. Instead, use a thumbs up reaction on enhancement requests. Provider maintainers will often prioritize work based on the number of thumbs on an issue.

Community input is appreciated on outstanding issues! We love to hear what use cases you have for new features, and want to provide the best possible experience for you using the Azure provider.

If you have a bug or feature request without an existing issue

The provider maintainers will often use the assignee field on an issue to mark who is working on it.


If you have configuration questions, or general questions about using the provider, try checking out:

Argument Reference

The following arguments are supported:


When authenticating as a Service Principal using a Client Certificate, the following fields can be set:

More information on how to configure a Service Principal using a Client Certificate can be found in this guide.


When authenticating as a Service Principal using a Client Secret, the following fields can be set:

More information on how to configure a Service Principal using a Client Secret can be found in this guide.


When authenticating as a Service Principal using Open ID Connect, the following fields can be set:

More information on how to configure a Service Principal using OpenID Connect can be found in this guide.


When authenticating using Managed Identity, the following fields can be set:

More information on how to configure a Service Principal using Managed Identity can be found in this guide.


When authenticating using AKS Workload Identity, the following fields can be set:

More information on how to configure AKS Workload Identity can be found in this guide.


For Azure CLI authentication, the following fields can be set:


For some advanced scenarios, such as where more granular permissions are necessary - the following properties can be set:

It's also possible to use multiple Provider blocks within a single Terraform configuration, for example, to work with resources across multiple Subscriptions - more information can be found in the documentation for Providers.

Features

The features block allows configuring the behaviour of the Azure Provider, more information can be found on the dedicated page for the features block.