- Print
- DarkLight
Use Backblaze B2 Terraform
- Print
- DarkLight
Terraform is an open-source infrastructure as code (IaC) tool that was developed by HashiCorp. Instead of using imperative commands (step-by-step instructions), Terraform uses declarative code, “here’s what I want.”
The Backblaze B2 Cloud Storage Terraform provider lets you create and manage application keys, buckets, and upload files.
To use the Backblaze B2 Terraform provider, you must download a Terraform binary. You can find the appropriate binary for your platform here.
Enable Backblaze B2
Before you begin: You must have a Backblaze B2 Cloud Storage account. You can sign up here. If you already have a Backblaze account and the left navigation menu contains a B2 Cloud Storage section, your account is already enabled for Backblaze B2.
- Sign in to your Backblaze account.
- In the left navigation menu under Account, click My Settings.
- Under Enabled Products, select the checkbox to enable B2 Cloud Storage.
- Review the Terms and Conditions, and click OK to accept them.
Create an Application Key in the UI
Application keys control access to your Backblaze B2 Cloud Storage account and the buckets that are contained in your account.
- Sign in to your Backblaze account.
- In the left navigation menu under Account, click Application Keys.
- Click Add a New Application Key, and enter an app key name.
You cannot search an app key by this name; therefore, app key names are not required to be globally unique. - In the Allow Access to Bucket(s) dropdown menu, select All or a specific bucket.
- Select your access type (for example, Read and Write).
- Select the optional Allow List All Bucket Names checkbox (required for the Backblaze B2 S3-compatible API List Buckets operation).
- Click Create New Key, and note the resulting keyID and applicationKey values.
Create an Application Key using Terraform
- Enter the following code changing the values as appropriate:
terraform { required_version = ">= 0.13" required_providers { b2 = { source = "Backblaze/b2" version = "~> 0.2" } } } provider "b2" { } resource "b2_application_key" "example" { key_name = "test-b2-tfp-0000000000000000000" capabilities = ["readFiles"] } data "b2_application_key" "example" { key_name = b2_application_key.example.key_name } output "application_key" { value = data.b2_application_key.example }
- Save this code into a file called
application_key.tf
. - Run the following command to initialize the Terraform environment:
The following output is returned:$ terraform init
$ terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of backblaze/b2 from the dependency lock file - Using previously-installed backblaze/b2 v0.2.1 Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.
- Run the following command to create and run your Terraform plan:
The following output is returned:terraform plan -out=application_key.out
Terraform indicates that it wants to add 1 key, change 0, and destroy 0.$ terraform plan -out=application_key.out An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create <= read (data resources) Terraform will perform the following actions: # data.b2_application_key.example will be read during apply # (config refers to values not yet known) <= data "b2_application_key" "example" { + application_key_id = (known after apply) + bucket_id = (known after apply) + capabilities = (known after apply) + id = (known after apply) + key_name = "test-b2-tfp-0000000000000000000" + name_prefix = (known after apply) + options = (known after apply) } # b2_application_key.example will be created + resource "b2_application_key" "example" { + application_key = (sensitive value) + application_key_id = (known after apply) + capabilities = [ + "readFiles", ] + id = (known after apply) + key_name = "test-b2-tfp-0000000000000000000" + options = (known after apply) } Plan: 1 to add, 0 to change, 0 to destroy. ------------------------------------------------------------------------ This plan was saved to: application_key.out To perform exactly these actions, run the following command to apply: terraform apply "application_key.out"
- If you are satisfied with the plan, run the following command to apply the plan:
The following output is returned:$ terraform apply application_key.out
$ terraform apply application_key.out b2_application_key.example: Creating... b2_application_key.example: Creation complete after 4s [id=0000000000000000000000000] data.b2_application_key.example: Reading... data.b2_application_key.example: Read complete after 4s [id=0000000000000000000000000] Apply complete! Resources: 1 added, 0 changed, 0 destroyed. The state of your infrastructure has been saved to the path below. This state is required to modify and destroy your infrastructure, so keep it safe. To inspect the complete state use the `terraform show` command. State path: terraform.tfstate
- Run the following command to clean up the application key that you created, and enter yes when prompted:
The following output is returned:$ terraform destroy
$ terraform destroy An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # b2_application_key.example will be destroyed - resource "b2_application_key" "example" { - application_key = (sensitive value) - application_key_id = "0000000000000000000000000" -> null - capabilities = [ - "readFiles", ] -> null - id = "0000000000000000000000000" -> null - key_name = "test-b2-tfp-0000000000000000000" -> null - options = [ - "s3", ] -> null } Plan: 0 to add, 0 to change, 1 to destroy. Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes b2_application_key.example: Destroying... [id=0000000000000000000000000] b2_application_key.example: Destruction complete after 3s Destroy complete! Resources: 1 destroyed.
Set Environmental Variables
Run the following command to set your application key and application key ID environmental variables to read at runtime:
$ export B2_APPLICATION_KEY_ID=0000000000000000000000000
$ export B2_APPLICATION_KEY=0000000000000000000000000000000