Renew Azure credentials for Terraform
Introduction
If a Terraform plan fails because API calls are using invalid credentials, you are on the right page to solve this problem.
The credentials for Terraform to manage infrastructure in Azure have an expiring date. This guide shows you how to renew these credentials (it is more like adding new valid credentials to the App "Terraform" in Azure).
Steps
1. Create new Azure Credentials 2. Update LastPass entry 3. Update Terraform variable set 4. Update GitHub organization secret 5. Create a reminder in Google Calendar
1. Create new Azure Credentials
Log in to Azure Portal.
Create a new entry under ActiveDirectory -> App Registrierung -> Auf Terraform Eintrag -> Zertifikate & Geheimnisse ->Neuer Geheimschlüssel -> Erstellen.
2. Update LastPass entry
Open the Lastpass vault.
Open entry Azure Credentials Terraform.
Replace clientSecet with the new secret vom step 1.
Adjust the expiring date in the LastPass entry.
4. Update GitHub organization secret
3. Update Terraform variable set
Open this edit page for the Terraform variable set "Azure Credentials".
Set the azurerm_client_secret to the new value of clientSecret in the LastPass entry.
Click "Save variable".
If you are not allowed to perform this action, ask someone else to do so.
Open this edit page for the organization secret AZURE_CREDENTIALS_TERRAFORM in your Browser.
Click enter a new value.
Insert the Azure Credentials Terraform entry from LastPass (JSON format) but remove all whitespace characters after the opening curly brace (e. g. {"clientId":...) and before the closing curly brace (e. g. ...nt.core.windows.net/"}).
Save changes.
5. Create a reminder in Google Calendar
Open the google calendar. Create a new entry one week bevor the expiring date. Add the following people: Dominik Wißler, Julian Bour, Pascal Kunz Put this link into the description: https://guide.ambimax.xyz/how-tos/azure/renew-azure-credentials-terraform.html