From 047fef73c278a2a48e3d82ea1a677640b8624434 Mon Sep 17 00:00:00 2001 From: KilowD <108868773+KilowD@users.noreply.github.com> Date: Sun, 21 Aug 2022 19:36:49 +0200 Subject: [PATCH] Create Backend2.tf Hi there i really impressed by the work u are doing . Here i am trying to do everything in terraform, create my bucket and my DynamoDb then the backend config..however i must first comment out the last block , initilize , apply then uncomment re-initilize so as to migrate from local to remote S3..is there a once -off alternative in terraform --- Backend2.tf | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 Backend2.tf diff --git a/Backend2.tf b/Backend2.tf new file mode 100644 index 0000000..32997ab --- /dev/null +++ b/Backend2.tf @@ -0,0 +1,40 @@ + +# configure S3 Buckect +resource "aws_s3_bucket" "terraform_state" { + bucket = "mys3-bucket-terraform-state" + versioning { + enabled = true + } + server_side_encryption_configuration { //make sure the state file is ecrypted + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" + } + } + } +} + +# setup a locking mechanism so that only one user can make changes at a given time --use DynamoDB table +resource "aws_dynamodb_table" "terraform_DynamoDb-Example" { + name = "terraform-State-Locking" + hash_key = "LockID" + billing_mode = "PAY_PER_REQUEST" + attribute { + name = "LockID" + type = "S" + } +} + + +# setup the backend - first run the terraform apply without the below configure..comment it out first, +# then run another init to migrate from local to S3 the backend +terraform { + backend "s3" { + bucket = "mys3-bucket-terraform-state" + key = "global/S3/ynwa-website.tfstate" //path i want to use for my state file + region = "us-east-1" + dynamodb_table = "terraform-State-Locking" + encrypt = true + profile = "terraform-user" + } +}