Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Initial setup of terraform backend using terraform

I'm just getting started with terraform and I'd like to be able to use AWS S3 as my backend for storing the state of my projects.

terraform {     backend "s3" {       bucket = "tfstate"       key = "app-state"       region = "us-east-1"     } } 

I feel like it is sensible to setup my S3 bucket, IAM groups and polices for the backend storage infrastructure with terraform as well.

If I setup my backend state before I apply my initial terraform infrastructure, it reasonably complains that the backend bucket is not yet created. So, my question becomes, how do I setup my terraform backend with terraform, while keeping my state for the backend tracked by terraform. Seems like a nested dolls problem.

I have some thoughts about how to script around this, for example, checking to see if the bucket exists or some state has been set, then bootstrapping terraform and finally copying the terraform tfstate up to s3 from the local file system after the first run. But before going down this laborious path, I thought I'd make sure I wasn't missing something obvious.

like image 452
Jed Schneider Avatar asked Dec 20 '17 19:12

Jed Schneider


People also ask

What is the default backend for Terraform?

By default, Terraform uses a backend called local , which stores state as a local file on disk.

What is Terraform backend configuration?

Terraform Backend Initialization Terraform backend should be configured like any other configuration in the configuration file and when you run the terraform init , Backed will be created. For example, we are going to configure the AWS S3 as a Terraform backend.

How does Terraform backend work?

Terraform backends enable you to store the state file in a shared remote store. Remote state is implemented by a backend, which you can configure in configuration's root module. Backends determine where state is stored. For example, the local (default) backend stores state in a local JSON file on disk.


1 Answers

To set this up using terraform remote state, I usually have a separate folder called remote-state within my dev and prod terraform folder.

The following main.tf file will set up your remote state for what you posted:

provider "aws" {   region = "us-east-1" }  resource "aws_s3_bucket" "terraform_state" {   bucket = "tfstate"    versioning {     enabled = true   }    lifecycle {     prevent_destroy = true   } }  resource "aws_dynamodb_table" "terraform_state_lock" {   name           = "app-state"   read_capacity  = 1   write_capacity = 1   hash_key       = "LockID"    attribute {     name = "LockID"     type = "S"   } } 

Then get into this folder using cd remote-state, and run terraform init && terraform apply - this should only need to be run once. You might add something to bucket and dynamodb table name to separate your different environments.

like image 116
Austin Davis Avatar answered Sep 21 '22 15:09

Austin Davis