terraform-tfstate-backend

Terraform module to provision S3 Bucket for Terraform State Backend and DynamoDB Table for state locking.

Open source modules used:

• https://github.com/cloudposse/terraform-aws-tfstate-backend

---

Terraform Module

GitLab Repository: https://gitlab.com/miquido/terraform/terraform-tfstate-backend

Usage

1. Use module to create bucket

   terraform {}
   
   module "tfstate-backend" {
       source      = "git::ssh://[email protected]:miquido/terraform/terraform-tfstate-backend.git?ref=master"
       name        = "miquido"
       environment = "devops"
   }
   
   output "config" {
       value = "${module.tfstate-backend.tf_backend_config}"
   }
   

2. Run commands

   terraform init
   terraform apply
   
   # in output there should be rendered tf backend config

3. Add terraform backend

   terraform {
       backend "s3" {
           region         = "eu-west-2"
           bucket         = "miquido-devops-terraform-state"
           key            = "terraform.tfstate"
           dynamodb_table = "miquido-devops-terraform-state-lock"
           encrypt        = true
       }
   }
   
   module "tfstate-backend" {
       ...
   }
   

4. Run commands again

   terraform init
   terraform apply

5. When asked to copy local tfstate to s3 bucket, answer yes.

Makefile Targets

Available targets:

  help                                Help screen
  help/all                            Display help for all targets
  help/short                          This help short screen
  lint                                Lint Terraform code

Requirements

Name	Version
terraform	>= 0.13
aws	~> 5.16
local	>= 1.3

Providers

Name	Version
aws	~> 5.16
local	>= 1.3

Modules

Name	Source	Version
this	cloudposse/tfstate-backend/aws	1.1.1

Resources

Name	Type
local_file.terraform_backend_config	resource
aws_caller_identity.current	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
billing_mode	DynamoDB billing mode	string	"PAY_PER_REQUEST"	no
environment	Environment name	string	""	no
name	Account/Project Name	string	n/a	yes
read_capacity	DynamoDB read capacity units	number	1	no
role_account_id	The AWS Account ID of IAM Role to be assumed. If none provided current caller account id will be used.	string	""	no
role_name	The IAM Role name to be assumed	string	"AdministratorAccess"	no
s3_bucket_name	S3 bucket name. If not provided, the name will be generated by the label module in the format namespace-stage-name	string	""	no
tags	Tags to apply on repository	map(string)	{}	no
terraform_backend_config_file_name	Name of terraform backend config file	string	"tfstate-backend.tf"	no
terraform_backend_config_file_path	The path to terrafrom project directory. Won't create local file if variable value is empty. Recommended: path.module	string	""	no
terraform_minimum_version	Minimum version for terraform	string	"0.13.5"	no
write_capacity	DynamoDB write capacity units	number	1	no

Outputs

Name	Description
dynamodb_table_arn	The ARN of created DynamoDB Table
dynamodb_table_id	The ID of created DynamoDB Table
dynamodb_table_name	The name of created DynamoDB Table
s3_bucket_arn	S3 bucket ARN
s3_bucket_domain_name	S3 bucket domain name
s3_bucket_id	S3 bucket ID
tf_backend_config	Rendered Terraform backend config file

Developing

1. Make changes in terraform files

2. Regenerate documentation

   bash <(git archive [email protected]:miquido/terraform/terraform-readme-update.git master update.sh | tar -xO)

3. Run lint

   make lint
   

Copyright

Copyright © 2017-2023 Miquido

Contributors

Konrad Obal