Terraform Bootstrap example
Example solution for
- Terraform installed (approach tested against
- AWS S3 backend with DynamoDB table for locking will be used
- operator should have AWS credentials in profile - for the purpose of this repo we use
- backend will be created and maintained under
Before applying you should update
backend.tfvars with backend configuration. You should also update list of
operators AWS usernames in the
If you want to use workspaces per environment (as we and Hashicorp recommends) it might be convenient to name basic one
base or leave
default for backend infrastructure only.
When you run
setup.sh the script will create required S3 bucket and DynamoDB table with local backend and then it will initialize remote backend where it will migrate the local state. Terraform will ask for confirmation during creation of required resources and if operator wants to migrate the state.
Problems not solved
- AWS S3 policies doesn't support groups so each operator must be added explicit to the policy file
-backend=falsedoesn't work, so "hack" with separated
setupdirectory must be used to run Terraform without S3 backend
Questions and/or suggestions
Please open an issue if something is not clear or you can suggest a better solution.