Set up terraform remote state and state locking#11
Conversation
| bucket = "bcss-terraform-nonprod-iac" | ||
| key = "bcss/infrastructure/comms-manager/terraform.tfstate" | ||
| region = "eu-west-2" | ||
| # encrypt = true |
There was a problem hiding this comment.
Should this be commented out? Feels like it shouldn't
There was a problem hiding this comment.
So this links to something in a future ticket "Implement Security Best Practices".
It was part of a tutorial that I was working for this ticket, thought I'd comment it out, for future reference, rather than removing it.
Once we get to that ticket, it can just be uncommented
There was a problem hiding this comment.
Not meaning to block this work but commented code can and will survive longer than expected and then become meaningless.
If it doesn't have a current use it should not be in the PR.
If it is something that can or will change in future TF has mechanisms to make values variable.
There was a problem hiding this comment.
Thanks, I've pushed an update to remove the commented code.
3 participants
I've set up terraform remote state and state locking.
Remote state uses an s3 bucket with a dedicated key for this project.
State locking uses a DynamoDB created specifically for this project.
Documentation has also been updated too, in the README in the terraform directory.