A terraform module to set up remote state management with S3 backend for your account. It creates an encrypted S3 bucket to store state files and a DynamoDB table for state locking and consistency checking. Resources are defined following best practices as described in the official document and ozbillwang/terraform-best-practices. It heritages a from our loved ❤️ Terraform AWS modules and leverage S3 and DynamoDB from this repos.
- Create a S3 bucket to store remote state files.
- Encrypt state files with KMS.
- Enable object versioning to prevent accidental data loss.
- Create a DynamoDB table for state locking, encryption is optional.
module "remote-state-s3-dynamodb-backend" {
source = "tigpt/remote-state-s3-dynamodb-backend/aws"
version = "1.0.2"
name = "my-terraform-backend"
tags = {
terraform = "true"
}
}- Starting from v1.0, this module requires Terraform Provider for AWS v4.0 or later. Version 1.0 Upgrade Guide described the recommended procedure after the upgrade.
| Name | Version |
|---|---|
| terraform | >= 1.7.2 |
| aws | >= 5.34 |
| random | >= 3.6 |
| Name | Description | Type | Required |
|---|---|---|---|
| name | Base name for your state storing resources (typicaly equal to account name) | string |
yes |
| tags | A mapping of tags to assign to resources. | map(string) |
no |
| Name | Description |
|---|---|
| tf_state_dynamodb_name | The name of DynamoDB table to manage lock states. |
| tf_state_dynamodb_arn | The arn of DynamoDB table to manage lock states. |
| tf_state_s3_bucket_arn | The name of S3 bucket to store the remote state file. |
| tf_state_s3_bucket_arn | The arn of S3 bucket to store the remote state file. |