localstack · paolosalvatori · Feb 17, 2026 · Feb 17, 2026 · Feb 17, 2026 · Feb 17, 2026
@@ -56,11 +56,25 @@ The [deploy.sh](deploy.sh) script executes the following steps:
 
 ## Configuration
 
-Before deploying the Terraform modules, update the `terraform.tfvars` file with your specific values:
+When using LocalStack for Azure, configure the `metadata_host` and `subscription_id` settings in the [Azure Provider for Terraform](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs) to ensure proper connectivity:
+
 
 ```hcl
-location            = "westeurope"
-python_version      = "3.13"
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
+
+  # Set the hostname of the Azure Metadata Service (for example management.azure.com) 
+  # used to obtain the Cloud Environment when using LocalStack's Azure emulator. 
+  # This allows the provider to correctly identify the environment and avoid making calls to the real Azure endpoints. 
+  metadata_host="localhost.localstack.cloud:4566"
+
+  # Set the subscription ID to a dummy value when using LocalStack's Azure emulator.
+  subscription_id = "00000000-0000-0000-0000-000000000000"
+}
 ```
 
 ## Deployment

@@ -1,86 +1,45 @@
 #!/bin/bash
 
 # Variables
-PREFIX='funcmi'
+PREFIX='local'
 SUFFIX='test'
 LOCATION='westeurope'
 MANAGED_IDENTITY_TYPE='UserAssigned' # SystemAssigned or UserAssigned
 CURRENT_DIR="$(cd "$(dirname "$0")" && pwd)"
 ZIPFILE="function_app.zip"
+ENVIRONMENT=$(az account show --query environmentName --output tsv)
 
 # Change the current directory to the script's directory
 cd "$CURRENT_DIR" || exit
 
-# Determine environment
-if command -v az >/dev/null 2>&1; then
-	CLOUD_NAME=$(az cloud show --query name --output tsv 2>&1 || echo "")
-
-	if [[ "$CLOUD_NAME" == "LocalStack" ]]; then
-		ENVIRONMENT="LocalStack"
-	elif [[ "$CLOUD_NAME" == "AzureCloud" ]]; then
-		ENVIRONMENT="AzureCloud"
-	else
-		ENVIRONMENT="AzureCloud"
-	fi
-else
-	ENVIRONMENT="AzureCloud"
-fi
-
 # Run terraform init and apply
 if [[ $ENVIRONMENT == "LocalStack" ]]; then
-	echo "Using tflocal and azlocal for LocalStack emulator environment."
-	TERRAFORM="tflocal"
-
-	# Log Azure auth environment variables before unsetting
-	echo "[DEBUG] Azure auth env vars before unsetting:"
-	echo "[DEBUG]   ARM_CLIENT_ID=${ARM_CLIENT_ID:-<not set>}"
-	echo "[DEBUG]   ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET:+<set but hidden>}${ARM_CLIENT_SECRET:-<not set>}"
-	echo "[DEBUG]   ARM_TENANT_ID=${ARM_TENANT_ID:-<not set>}"
-	echo "[DEBUG]   ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID:-<not set>}"
-	echo "[DEBUG]   AZURE_CLIENT_ID=${AZURE_CLIENT_ID:-<not set>}"
-	echo "[DEBUG]   AZURE_TENANT_ID=${AZURE_TENANT_ID:-<not set>}"
-
-	echo "[DEBUG] Azure auth env vars after unsetting: all cleared"
+	echo "Using azlocal for LocalStack emulator environment."
 	AZ="azlocal"
 else
 	echo "Using standard terraform and az for AzureCloud environment."
-	TERRAFORM="terraform"
 	AZ="az"
 fi
 
-echo "[DEBUG] Cloud name: '$CLOUD_NAME', Environment: '$ENVIRONMENT', Tools: TERRAFORM=$TERRAFORM, AZ=$AZ"
-echo "[DEBUG] TERRAFORM command location: $(which $TERRAFORM 2>/dev/null || echo 'not found')"
-
-# Enable Terraform debug logging
-export TF_LOG=DEBUG
-export TF_LOG_PATH="$CURRENT_DIR/terraform-debug.log"
-echo "[DEBUG] Checking what tflocal does..."echo "[DEBUG] tflocal version: $($TERRAFORM version 2>&1 | head -1)"echo "[DEBUG] Contents of current directory before init:"ls -la . 2>&1 | head -20
-echo "[DEBUG] Terraform debug logging enabled: TF_LOG=DEBUG, TF_LOG_PATH=$TF_LOG_PATH"
-
 echo "Initializing Terraform..."
-$TERRAFORM init -upgrade
+terraform init -upgrade
 
 # Run terraform plan and check for errors
 echo "Planning Terraform deployment..."
-$TERRAFORM plan -out=tfplan \
+terraform plan -out=tfplan \
 	-var "prefix=$PREFIX" \
 	-var "suffix=$SUFFIX" \
 	-var "location=$LOCATION" \
 	-var "managed_identity_type=$MANAGED_IDENTITY_TYPE"
 
 if [[ $? != 0 ]]; then
 	echo "Terraform plan failed. Exiting."
-	echo "============================================================"
-	echo "Last 100 lines of Terraform debug log:"
-	echo "============================================================"
-	tail -100 "$TF_LOG_PATH" 2>/dev/null || echo "Debug log not found"
-	echo "============================================================"
 	exit 1
 fi
 
 # Apply the Terraform configuration
 echo "Applying Terraform configuration..."
-$TERRAFORM apply -auto-approve tfplan
+terraform apply -auto-approve tfplan
 
 if [[ $? != 0 ]]; then
 	echo "Terraform apply failed. Exiting."

@@ -16,17 +16,11 @@ provider "azurerm" {
     }
   }
 
-  # LocalStack Azure emulator configuration
-  # Uses fixed credentials that tflocal intercepts via HTTPS proxy
-  subscription_id = "00000000-0000-0000-0000-000000000000"
-  tenant_id       = "00000000-0000-0000-0000-000000000000"
-  client_id       = "00000000-0000-0000-0000-000000000000"
-  client_secret   = "fake-secret"
-
-  # Skip provider registration - LocalStack doesn't support this API
-  skip_provider_registration = true
+  # Set the hostname of the Azure Metadata Service (for example management.azure.com) 
+  # used to obtain the Cloud Environment when using LocalStack's Azure emulator. 
+  # This allows the provider to correctly identify the environment and avoid making calls to the real Azure endpoints. 
+  metadata_host="localhost.localstack.cloud:4566"
 
-  # Disable CLI/MSI authentication - use static credentials instead
-  use_cli = false
-  use_msi = false
+  # Set the subscription ID to a dummy value when using LocalStack's Azure emulator.
+  subscription_id = "00000000-0000-0000-0000-000000000000"
 }
@@ -49,38 +49,61 @@ See [deploy.sh](deploy.sh) for the complete deployment automation. The script pe
 - Creates deployment zip package from published output
 - Deploys the zip to Azure Function App using Azure CLI
 
+## Configuration
+
+When using LocalStack for Azure, configure the `metadata_host` and `subscription_id` settings in the [Azure Provider for Terraform](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs) to ensure proper connectivity:
+
+
+```hcl
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
+
+  # Set the hostname of the Azure Metadata Service (for example management.azure.com) 
+  # used to obtain the Cloud Environment when using LocalStack's Azure emulator. 
+  # This allows the provider to correctly identify the environment and avoid making calls to the real Azure endpoints. 
+  metadata_host="localhost.localstack.cloud:4566"
+
+  # Set the subscription ID to a dummy value when using LocalStack's Azure emulator.
+  subscription_id = "00000000-0000-0000-0000-000000000000"
+}
+```
+
 ## Deployment
 
-1. You can set up the Azure emulator by utilizing LocalStack for Azure Docker image. Before starting, ensure you have a valid `LOCALSTACK_AUTH_TOKEN` to access the Azure emulator. Refer to the [Auth Token guide](https://docs.localstack.cloud/getting-started/auth-token/?__hstc=108988063.8aad2b1a7229945859f4d9b9bb71e05d.1743148429561.1758793541854.1758810151462.32&__hssc=108988063.3.1758810151462&__hsfp=3945774529) to obtain your Auth Token and specify it in the `LOCALSTACK_AUTH_TOKEN` environment variable. The Azure Docker image is available on the [LocalStack Docker Hub](https://hub.docker.com/r/localstack/localstack-azure-alpha). To pull the Azure Docker image, execute the following command:
+You can set up the Azure emulator by utilizing LocalStack for Azure Docker image. Before starting, ensure you have a valid `LOCALSTACK_AUTH_TOKEN` to access the Azure emulator. Refer to the [Auth Token guide](https://docs.localstack.cloud/getting-started/auth-token/?__hstc=108988063.8aad2b1a7229945859f4d9b9bb71e05d.1743148429561.1758793541854.1758810151462.32&__hssc=108988063.3.1758810151462&__hsfp=3945774529) to obtain your Auth Token and specify it in the `LOCALSTACK_AUTH_TOKEN` environment variable. The Azure Docker image is available on the [LocalStack Docker Hub](https://hub.docker.com/r/localstack/localstack-azure-alpha). To pull the Azure Docker image, execute the following command:
 
-   ```bash
-   docker pull localstack/localstack-azure-alpha
-   ```
+```bash
+docker pull localstack/localstack-azure-alpha
+```
 
-2. Start the LocalStack Azure emulator using the localstack CLI, execute the following command:
+Start the LocalStack Azure emulator using the localstack CLI, execute the following command:
 
-   ```bash
-   export LOCALSTACK_AUTH_TOKEN=<your_auth_token>
-   IMAGE_NAME=localstack/localstack-azure-alpha localstack start
-   ```
+```bash
+export LOCALSTACK_AUTH_TOKEN=<your_auth_token>
+IMAGE_NAME=localstack/localstack-azure-alpha localstack start
+```
 
-3. Navigate to the scripts directory
+Navigate to the `terraform` folder:
 
-   ```bash
-   cd samples/function-app-and-storage/dotnet/terraform
-   ```
+```bash
+cd samples/function-app-managed-identity/python/terraform
+```
 
-4. Make the script executable:
+Make the script executable:
 
-   ```bash
-   chmod +x deploy.sh
-   ```
+```bash
+chmod +x deploy.sh
+```
 
-5. Run the deployment script:
+Run the deployment script:
 
-   ```bash
-   ./deploy.sh
-   ```
+```bash
+./deploy.sh
+```
 
 ## Validation
 

@@ -6,88 +6,42 @@ SUFFIX='test'
 LOCATION='westeurope'
 CURRENT_DIR="$(cd "$(dirname "$0")" && pwd)"
 ZIPFILE="function_app.zip"
+ENVIRONMENT=$(az account show --query environmentName --output tsv)
 
 # Change the current directory to the script's directory
 cd "$CURRENT_DIR" || exit
 
-# Determine environment
-if command -v az >/dev/null 2>&1; then
-	CLOUD_NAME=$(az cloud show --query name --output tsv 2>&1 || echo "")
-
-	if [[ "$CLOUD_NAME" == "LocalStack" ]]; then
-		ENVIRONMENT="LocalStack"
-	elif [[ "$CLOUD_NAME" == "AzureCloud" ]]; then
-		ENVIRONMENT="AzureCloud"
-	else
-		ENVIRONMENT="AzureCloud"
-	fi
-else
-	ENVIRONMENT="AzureCloud"
-fi
-
 # Run terraform init and apply
 if [[ $ENVIRONMENT == "LocalStack" ]]; then
-	echo "Using tflocal and azlocal for LocalStack emulator environment."
-	TERRAFORM="tflocal"
-
-	# Log Azure auth environment variables before unsetting
-	echo "[DEBUG] Azure auth env vars before unsetting:"
-	echo "[DEBUG]   ARM_CLIENT_ID=${ARM_CLIENT_ID:-<not set>}"
-	echo "[DEBUG]   ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET:+<set but hidden>}${ARM_CLIENT_SECRET:-<not set>}"
-	echo "[DEBUG]   ARM_TENANT_ID=${ARM_TENANT_ID:-<not set>}"
-	echo "[DEBUG]   ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID:-<not set>}"
-	echo "[DEBUG]   AZURE_CLIENT_ID=${AZURE_CLIENT_ID:-<not set>}"
-	echo "[DEBUG]   AZURE_TENANT_ID=${AZURE_TENANT_ID:-<not set>}"
-
-	echo "[DEBUG] Azure auth env vars after unsetting: all cleared"
+	echo "Using azlocal for LocalStack emulator environment."
 	AZ="azlocal"
 else
 	echo "Using standard terraform and az for AzureCloud environment."
-	TERRAFORM="terraform"
 	AZ="az"
 fi
 
-echo "[DEBUG] Cloud name: '$CLOUD_NAME', Environment: '$ENVIRONMENT', Tools: TERRAFORM=$TERRAFORM, AZ=$AZ"
-echo "[DEBUG] TERRAFORM command location: $(which $TERRAFORM 2>/dev/null || echo 'not found')"
-
-# Enable Terraform debug logging
-export TF_LOG=DEBUG
-export TF_LOG_PATH="$CURRENT_DIR/terraform-debug.log"
-echo "[DEBUG] Checking what tflocal does..."echo "[DEBUG] tflocal version: $($TERRAFORM version 2>&1 | head -1)"echo "[DEBUG] Contents of current directory before init:"ls -la . 2>&1 | head -20
-echo "[DEBUG] Terraform debug logging enabled: TF_LOG=DEBUG, TF_LOG_PATH=$TF_LOG_PATH"
-
 echo "Initializing Terraform..."
-$TERRAFORM init -upgrade
+terraform init -upgrade
 
 # Run terraform plan and check for errors
 echo "Planning Terraform deployment..."
-$TERRAFORM plan -out=tfplan \
+terraform plan -out=tfplan \
 	-var "prefix=$PREFIX" \
 	-var "suffix=$SUFFIX" \
 	-var "location=$LOCATION"
 
-if [[ $? != 0 ]]; then
-	echo "Terraform plan failed. Exiting."
-	echo "============================================================"
-	echo "Last 100 lines of Terraform debug log:"
-	echo "============================================================"
-	tail -100 "$TF_LOG_PATH" 2>/dev/null || echo "Debug log not found"
-	echo "============================================================"
-	exit 1
-fi
-
 # Apply the Terraform configuration
 echo "Applying Terraform configuration..."
-$TERRAFORM apply -auto-approve tfplan
+terraform apply -auto-approve tfplan
 
 if [[ $? != 0 ]]; then
 	echo "Terraform apply failed. Exiting."
 	exit 1
 fi
 
 # Get the output values
-RESOURCE_GROUP_NAME=$($TERRAFORM output -raw resource_group_name)
-FUNCTION_APP_NAME=$($TERRAFORM output -raw function_app_name)
+RESOURCE_GROUP_NAME=$(terraform output -raw resource_group_name)
+FUNCTION_APP_NAME=$(terraform output -raw function_app_name)
 
 # Print the variables
 echo "Resource Group: $RESOURCE_GROUP_NAME"

@@ -16,17 +16,11 @@ provider "azurerm" {
     }
   }
 
-  # LocalStack Azure emulator configuration
-  # Uses fixed credentials that tflocal intercepts via HTTPS proxy
-  subscription_id = "00000000-0000-0000-0000-000000000000"
-  tenant_id       = "00000000-0000-0000-0000-000000000000"
-  client_id       = "00000000-0000-0000-0000-000000000000"
-  client_secret   = "fake-secret"
-
-  # Skip provider registration - LocalStack doesn't support this API
-  skip_provider_registration = true
+  # Set the hostname of the Azure Metadata Service (for example management.azure.com) 
+  # used to obtain the Cloud Environment when using LocalStack's Azure emulator. 
+  # This allows the provider to correctly identify the environment and avoid making calls to the real Azure endpoints. 
+  metadata_host="localhost.localstack.cloud:4566"
 
-  # Disable CLI/MSI authentication - use static credentials instead
-  use_cli = false
-  use_msi = false
+  # Set the subscription ID to a dummy value when using LocalStack's Azure emulator.
+  subscription_id = "00000000-0000-0000-0000-000000000000"
 }
@@ -16,7 +16,7 @@ INDEXES='[{"key":{"keys":["_id"]}},{"key":{"keys":["username"]}},{"key":{"keys":
 SHARD="username"
 THROUGHPUT=400
 RUNTIME="python"
-RUNTIME_VERSION="3.13"
+RUNTIME_VERSION="3.12"
 LOGIN_NAME="paolo"
 CURRENT_DIR="$(cd "$(dirname "$0")" && pwd)"
 ZIPFILE="planner_website.zip"

@@ -3,6 +3,6 @@ azure-identity==1.25.1
 azure-mgmt-cosmosdb==9.8.0
 azure-mgmt-cosmosdbforpostgresql==1.0.0
 pymongo==4.15.3
-gunicorn==20.1.0
+gunicorn==23.0.0
 python-dotenv==1.1.1
 
@@ -53,12 +53,25 @@ You can use the [deploy.sh](deploy.sh) script to automate the deployment of all
 
 ## Configuration
 
-Before deploying the Terraform modules, update the `terraform.tfvars` file with your specific values:
+When using LocalStack for Azure, configure the `metadata_host` and `subscription_id` settings in the [Azure Provider for Terraform](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs) to ensure proper connectivity:
+
 
 ```hcl
-location                 = "westeurope"
-cosmosdb_database_name   = "sampledb"
-cosmosdb_collection_name = "activities"
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
+
+  # Set the hostname of the Azure Metadata Service (for example management.azure.com) 
+  # used to obtain the Cloud Environment when using LocalStack's Azure emulator. 
+  # This allows the provider to correctly identify the environment and avoid making calls to the real Azure endpoints. 
+  metadata_host="localhost.localstack.cloud:4566"
+
+  # Set the subscription ID to a dummy value when using LocalStack's Azure emulator.
+  subscription_id = "00000000-0000-0000-0000-000000000000"
+}
 ```
 
 ## Deployment