- Notifications
You must be signed in to change notification settings - Fork2
A cloudformed terraform remote state using Amazon S3, with locking via DynamoDB
License
NotificationsYou must be signed in to change notification settings
lantrix/terraform-remote-state-s3-cloudformation
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
This is aTerraform remote state using AWSS3 & DynamoDB.
- Deploy the cloudformation stack in your region (e.g.
ap-southeast-2):
aws cloudformation deploy \--stack-name terraform-state \--template-file stack.template \--region ap-southeast-2 \--no-fail-on-empty-changeset
- Deploy a managed policy to attach to IAM roles:
aws cloudformation deploy \--stack-name terraform-state-managed-policy \--template-file stack-managed-policy.template \--capabilities CAPABILITY_NAMED_IAM \--region ap-southeast-2 \--no-fail-on-empty-changeset
- Initialise your terraform project to reference the state resources
export accountId=$(aws sts get-caller-identity --query Account --output text)terraform init \ -backend-config="region=ap-southeast-2" \ -backend-config="bucket=terraform-state-${accountId}" \ -backend-config="key=terraform.tfstate" \ -backend-config="dynamodb_table=terraform-state"
- Ensure you reference the state in the terraform project. You can use the
workspace_key_prefixto differentiate each project in the state store.
terraform {required_providers {aws={ source="hashicorp/aws" version="~> 5.0" } }backend"s3" {workspace_key_prefix="my-project"# Prefix used when changing terraform workspacesbucket="terraform-state-123456789012"# My S3 state bucket namekey="terraform.tfstate"# S3 keyname of actual state fileregion="ap-southeast-2"# Regiondynamodb_table="terraform-state"# Dynamo table name }}provider"aws" {region="ap-southeast-2"}
About
A cloudformed terraform remote state using Amazon S3, with locking via DynamoDB
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.