Tired of manually creating and managing S3 backends for your Terraform projects? Look no further!
This project:
- creates resources for a Terraform backend on S3 / DynamoDB; and
- migrates its own state to the
default
workspace.
First, populate your AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
environment variables.
Configure your project's backend.tfvars
file
Agency-Code = "example"
Project-Code = "demo"
Environment = "dev"
Zone = "dz"
Tier = "na"
It's time to make the switch to remote state!
make switch-remote
Selecting backend: REMOTE
terraform init -force-copy --backend-config=backend.tfbackend
Initializing modules...
Initializing the backend...
Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Using previously-installed hashicorp/aws v3.65.0
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
... output redacted ...
That's it! Copy the generated backend.tfbackend
file to your project folder, or export it as an artifact.
make switch-local
For peace of mind, the current state can be easily exported to backup.tfstate
.
make backup
- Start with a clean working directory.
make distclean
- Synchronise with the backend described in the
backend.tfbackend
file.
make sync
If you want to tear down the backend, follow these steps.
- Ensure the default workspace is the only workspace using the backend (very, very important).
terraform workspace list
- Destroy the backend infrastructure (this action is IRREVERSIBLE).
make destroy
- (Optional) Clean the working directory.
make distclean
- The S3 backend will always be created in the default workspace.
- Create a workspace for every
<project>-<environment>
combination. (see also: One workspace per environment per terraform configuration)
No requirements.
Name | Version |
---|---|
aws | n/a |
Name | Description | Type | Default | Required |
---|---|---|---|---|
Agency-Code | The agency initials | string |
n/a | yes |
Environment | The environment (e.g. tXX, dev, stg, uat, prd) | string |
n/a | yes |
Project-Code | The project code | string |
n/a | yes |
Tier | Tier identifier (e.g. web, gut, app, it, db, svc, na) | string |
null |
no |
Zone | The zone (e.g. iz, ez, mz ,dz) | string |
null |
no |
bucket | Name of the S3 Bucket | string |
"" |
no |
dynamodb_table | Name of the DynamoDB table | string |
"" |
no |
encrypt | Encrypt the contents of the bucket | bool |
true |
no |
key | Key to use for the Terraform state file | string |
"terraform.tfstate" |
no |
prevent_destroy | Prevent accidental destruction of the Terraform state bucket | bool |
true |
no |
region | AWS Region selection | string |
"ap-southeast-1" |
no |
versioning | Enable versioning on the bucket | bool |
true |
no |
Name | Description |
---|---|
bucket | Name of the S3 Bucket |
dynamodb_table | Name of the DynamoDB table |
encrypt | Encrypt the contents of the bucket |
key | Key to use for the Terraform state file |
region | AWS Region selection |