Ben's Terraform AWS Terraform Remote State Module

This is how I do it.

Explore the docs »

Report Bug . Request Feature

About The Project

Ben's Terraform AWS TFState Remote Backend Module

Usage

Start with a simple Terraform project looking something similar to the following. This module will create the S3 bucket and DynamoDB table you need. A good practice is to keep this Terraform project simple and check the state data into your source control.

module "context" {
  source    = "bendoerr-terraform-modules/context/null"
  version   = "xxx"
  namespace = "bd"
  role      = "production"
  region    = "us-east-1"
  project   = "tfstate"
}

module "tfstate" {
  source  = "bendoerr-terraform-modules/tfstate/aws"
  version = "xxx"
  context = module.context.shared
}

output "store" {
  value = module.tfstate.tfstate_id # -> bd-prod-ue1-tfstate-store
}

output "lock_table" {
  value = module.tfstate.lock_table_name # -> bd-prod-ue1-tfstate-locks
}

In future projects your TF state can be centrally maintained.

terraform {
  backend "s3" {
    bucket               = "brd-prod-ue1-tfstate-store"
    dynamodb_table       = "brd-prod-ue1-tfstate-locks"
    key                  = "terraform.tfstate"
    kms_key_id           = "alias/aws/s3"
    region               = "us-east-1"
    workspace_key_prefix = "foundryvtt-on-demand"
  }
}

Cost

Project: 10 Workspaces & 5 Applies Each Per Day
Module path: examples/complete

 Name                                               Monthly Qty  Unit         Monthly Cost

 module.tfstate.aws_dynamodb_table.locks
 ├─ Write request unit (WRU)                              1,500  WRUs                $0.00
 └─ Read request unit (RRU)                               1,500  RRUs                $0.00

 module.tfstate.module.store.aws_s3_bucket.this[0]
 └─ Standard
    ├─ Storage                                             0.02  GB                  $0.00
    ├─ PUT, COPY, POST, LIST requests                       4.5  1k requests         $0.02
    └─ GET, SELECT, and all other requests                    3  1k requests         $0.00

 OVERALL TOTAL                                                                       $0.03
──────────────────────────────────
9 cloud resources were detected:
∙ 2 were estimated, all of which include usage-based costs, see https://infracost.io/usage-file
∙ 7 were free, rerun with --show-skipped to see details

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Project                                            ┃ Monthly cost ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━┫
┃ 10 Workspaces & 5 Applies Each Per Day             ┃ $0.03        ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━┛

Requirements

Name	Version
terraform	>= 0.13
aws	~> 5.0

Providers

Name	Version
aws	~> 5.0

Modules

Name	Source	Version
label_dynamodb_rw	bendoerr-terraform-modules/label/null	0.4.1
label_locks	bendoerr-terraform-modules/label/null	0.4.1
label_s3_rw	bendoerr-terraform-modules/label/null	0.4.1
label_store	bendoerr-terraform-modules/label/null	0.4.1
store	terraform-aws-modules/s3-bucket/aws	3.15.1

Resources

Name	Type
aws_dynamodb_table.locks	resource
aws_iam_policy.s3_rw	resource
aws_iam_policy.state_dynamodb_rw	resource
aws_iam_policy_document.dynamodb_rw	data source
aws_iam_policy_document.s3_rw	data source
aws_kms_alias.s3	data source

Inputs

Name	Description	Type	Default	Required
context	Shared Context from Ben's terraform-null-context	object({ attributes = list(string) dns_namespace = string environment = string instance = string instance_short = string namespace = string region = string region_short = string role = string role_short = string project = string tags = map(string) })	n/a	yes

Outputs

Name	Description
iam_locks_rw_arn	n/a
iam_locks_rw_id	n/a
iam_tfstate_rw_arn	n/a
iam_tfstate_rw_id	n/a
lock_table_arn	n/a
lock_table_id	n/a
lock_table_name	n/a
tfstate_arn	n/a
tfstate_id	n/a

Roadmap

See the open issues for a list of proposed features (and known issues).

Contributing

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.

• If you have suggestions for adding or removing projects, feel free to open an issue to discuss it, or directly create a pull request after you edit the README.md file with necessary changes.
• Please make sure you check your spelling and grammar.
• Create individual PR for each suggestion.

Creating A Pull Request

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

License

Distributed under the MIT License. See LICENSE for more information.

Authors

• Benjamin R. Doerr - Terraformer - Benjamin R. Doerr - Built Ben's Terraform Modules

Supported Versions

Only the latest tagged version is supported.

Reporting a Vulnerability

See SECURITY.md.

Acknowledgements

• ShaanCoding (ReadME Generator)
• OpenSSF - Helping me follow best practices
• StepSecurity - Helping me follow best practices
• Infracost - Better than AWS Calculator