-
-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create TF backend layer in the Data Science account (#569)
* Create Data Science TF backend layer * Update readme
- Loading branch information
1 parent
74187c6
commit bf8f395
Showing
7 changed files
with
90 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Terraform - S3 & DynamoDB for Remote State Storage & Locking | ||
|
||
## Overview | ||
Use this terraforms configuration files to create the S3 bucket & DynamoDB table needed to use Terraform Remote State Storage & Locking. | ||
|
||
## Set Up | ||
Please refer to [this documentation](https://leverage.binbash.co/user-guide/ref-architecture-aws/tf-state/). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../config/common-variables.tf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
#=============================# | ||
# AWS Provider Settings # | ||
#=============================# | ||
# Add default aws provider configuration | ||
provider "aws" { | ||
region = var.region | ||
profile = var.profile | ||
} | ||
|
||
provider "aws" { | ||
alias = "main_region" | ||
region = var.region | ||
profile = var.profile | ||
} | ||
|
||
provider "aws" { | ||
alias = "secondary_region" | ||
region = var.region_secondary | ||
profile = var.profile | ||
} | ||
|
||
terraform { | ||
required_version = "~> 1.2" | ||
|
||
required_providers { | ||
aws = "~> 5.0" | ||
} | ||
|
||
backend "s3" { | ||
key = "data-science/tf-backend/terraform.tfstate" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
locals { | ||
tags = { | ||
Terraform = "true" | ||
Environment = var.environment | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
module "terraform_backend" { | ||
source = "github.com/binbashar/terraform-aws-tfstate-backend.git?ref=v1.0.28" | ||
|
||
# | ||
# Bucket Name | ||
# | ||
delimiter = "-" | ||
namespace = var.project | ||
stage = var.environment | ||
name = "terraform-backend" | ||
|
||
# | ||
# Security | ||
# | ||
acl = "private" | ||
block_public_acls = true | ||
block_public_policy = true | ||
restrict_public_buckets = true | ||
enable_server_side_encryption = var.encrypt | ||
enforce_ssl_requests = true | ||
ignore_public_acls = true | ||
|
||
# | ||
# Replication | ||
# | ||
bucket_replication_enabled = true | ||
|
||
notifications_sns = false | ||
bucket_lifecycle_enabled = false | ||
billing_mode = "PROVISIONED" | ||
enable_point_in_time_recovery = false | ||
create_kms_key = false # USE SSE-S3 | ||
|
||
tags = local.tags | ||
|
||
providers = { | ||
aws.primary = aws.main_region | ||
aws.secondary = aws.secondary_region | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
#================================# | ||
# Local variables # | ||
#================================# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters