Skip to content

Latest commit

 

History

History
236 lines (180 loc) · 14.4 KB

README.md

File metadata and controls

236 lines (180 loc) · 14.4 KB
Raw

Logo

Ben's Terraform AWS Terraform Remote State Module

This is how I do it.

Explore the docs »

Report Bug . Request Feature

GitHub contributors GitHub issues GitHub pull requests GitHub workflow: Terratest GitHub workflow: Linting GitHub tag (with filter) OSSF-Scorecard Score GitHub License

About The Project

Ben's Terraform AWS TFState Remote Backend Module

Usage

Start with a simple Terraform project looking something similar to the following. This module will create the S3 bucket and DynamoDB table you need. A good practice is to keep this Terraform project simple and check the state data into your source control.

module "context" {
  source    = "bendoerr-terraform-modules/context/null"
  version   = "xxx"
  namespace = "bd"
  role      = "production"
  region    = "us-east-1"
  project   = "tfstate"
}

module "tfstate" {
  source  = "bendoerr-terraform-modules/tfstate/aws"
  version = "xxx"
  context = module.context.shared
}

output "store" {
  value = module.tfstate.tfstate_id # -> bd-prod-ue1-tfstate-store
}

output "lock_table" {
  value = module.tfstate.lock_table_name # -> bd-prod-ue1-tfstate-locks
}

In future projects your TF state can be centrally maintained.

terraform {
  backend "s3" {
    bucket               = "brd-prod-ue1-tfstate-store"
    dynamodb_table       = "brd-prod-ue1-tfstate-locks"
    key                  = "terraform.tfstate"
    kms_key_id           = "alias/aws/s3"
    region               = "us-east-1"
    workspace_key_prefix = "foundryvtt-on-demand"
  }
}

Cost

infracost

Project: 10 Workspaces & 5 Applies Each Per Day
Module path: examples/complete

 Name                                               Monthly Qty  Unit         Monthly Cost

 module.tfstate.aws_dynamodb_table.locks
 ├─ Write request unit (WRU)                              1,500  WRUs                $0.00
 └─ Read request unit (RRU)                               1,500  RRUs                $0.00

 module.tfstate.module.store.aws_s3_bucket.this[0]
 └─ Standard
    ├─ Storage                                             0.02  GB                  $0.00
    ├─ PUT, COPY, POST, LIST requests                       4.5  1k requests         $0.02
    └─ GET, SELECT, and all other requests                    3  1k requests         $0.00

 OVERALL TOTAL                                                                       $0.03
──────────────────────────────────
9 cloud resources were detected:
∙ 2 were estimated, all of which include usage-based costs, see https://infracost.io/usage-file
∙ 7 were free, rerun with --show-skipped to see details

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Project                                            ┃ Monthly cost ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━┫
┃ 10 Workspaces & 5 Applies Each Per Day             ┃ $0.03        ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━┛

Requirements

Name Version
terraform >= 0.13
aws ~> 5.0

Providers

Name Version
aws ~> 5.0

Modules

Name Source Version
label_dynamodb_rw bendoerr-terraform-modules/label/null 0.4.1
label_locks bendoerr-terraform-modules/label/null 0.4.1
label_s3_rw bendoerr-terraform-modules/label/null 0.4.1
label_store bendoerr-terraform-modules/label/null 0.4.1
store terraform-aws-modules/s3-bucket/aws 3.15.1

Resources

Name Type
aws_dynamodb_table.locks resource
aws_iam_policy.s3_rw resource
aws_iam_policy.state_dynamodb_rw resource
aws_iam_policy_document.dynamodb_rw data source
aws_iam_policy_document.s3_rw data source
aws_kms_alias.s3 data source

Inputs

Name Description Type Default Required
context Shared Context from Ben's terraform-null-context 
object({
 attributes = list(string)
 dns_namespace = string
 environment = string
 instance = string
 instance_short = string
 namespace = string
 region = string
 region_short = string
 role = string
 role_short = string
 project = string
 tags = map(string)
 })
 n/a yes

Outputs

Name Description
iam_locks_rw_arn n/a
iam_locks_rw_id n/a
iam_tfstate_rw_arn n/a
iam_tfstate_rw_id n/a
lock_table_arn n/a
lock_table_id n/a
lock_table_name n/a
tfstate_arn n/a
tfstate_id n/a

Roadmap

GitHub issues

See the open issues for a list of proposed features (and known issues).

Contributing

GitHub pull requests

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.

  • If you have suggestions for adding or removing projects, feel free to open an issue to discuss it, or directly create a pull request after you edit the README.md file with necessary changes.
  • Please make sure you check your spelling and grammar.
  • Create individual PR for each suggestion.

Creating A Pull Request

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

GitHub License

Distributed under the MIT License. See LICENSE for more information.

Authors

GitHub contributors

  • Benjamin R. Doerr - Terraformer - Benjamin R. Doerr - Built Ben's Terraform Modules

Supported Versions

Only the latest tagged version is supported.

Reporting a Vulnerability

See SECURITY.md.

Acknowledgements