Terraform Backends
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have discussed terraform workspaces.
https://cloudaffaire.com/terraform-workspace/
In this blog post, we will discuss terraform backends.
What is terraform backends?
A backend in Terraform determines how state is loaded and how an operation such as apply is executed. This abstraction enables non-local file state storage, remote execution, etc. By default, Terraform uses the local backend, but you can configure and use remote backends.
Benefits of backends:
- Working in a team: Backends can store their state remotely and protect that state with locks to prevent corruption.
- Keeping sensitive information off disk: State is retrieved from backends on demand and only stored in memory. If you’re using a backend such as Amazon S3, the only location the state ever is persisted is in S3.
- Remote operations: For larger infrastructures or certain changes, terraform apply can take a long, long time. Some backends support remote operations which enable the operation to execute remotely. You can then turn off your computer and your operation will still complete. Paired with remote state storage and locking above, this also helps in team environments.
Next, we are going to create and configure terraform remote backend using AWS S3 for state storage and DynamoDB table for locking.
Terraform Backends:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
##------------------------- ## Terraform: Backends ## ##------------------------- ## Create a directory and get inside it mkdir terraform && cd terraform ## Create a directory for backend resoure creation and get inside it mkdir terraform_backend && cd terraform_backend ## Create backend resources vi main.tf ------------------ #creates a S3 bucket and a dynamoDB table provider "aws" { access_key = " secret_key = " region = "ap-south-1" } resource "aws_s3_bucket" "mys3bucket" { bucket = "my-s3-terraform-backend-cloudaffaire" #needs to be unique across AWS force_destroy = true tags { Name = "S3 bucket for terraform backend state storage" } } resource "aws_dynamodb_table" "mydynamodbtable" { name = "my-dynamodb-terraform-backend-cloudaffaire" hash_key = "LockID" read_capacity = 5 write_capacity = 5 attribute { name = "LockID" type = "S" } tags { Name = "dynamoDB table for terraform backend state locking" } } ------------------ :wq ## Format code terraform fmt ## Initialize terraform terraform init ## Create the resource terraform apply ## Move to terraform root directory cd .. ## Create main resource vi main.tf ------------------- #creates a vpc and stores the state file in S3 bucket provider "aws" { access_key = " secret_key = " region = "ap-south-1" } terraform { backend "s3" { bucket = "my-s3-terraform-backend-cloudaffaire" dynamodb_table = "my-dynamodb-terraform-backend-cloudaffaire" key = "workspace_default" region = "ap-south-1" } } resource "aws_vpc" "myvpc" { cidr_block = "10.0.0.0/16" tags { Name = "myvpc" } } ------------------- :wq ## Format code terraform fmt ## Initialize terraform (configures the backend as well) terraform init ## Create the resource terraform apply ## Check backend details cat .terraform/terraform.tfstate ## Cleanup terraform destroy #deletes vpc resource cd ../terraform_backend terraform destroy #deletes s3 and dynamodb table |
Hope you have enjoyed this article. In the next blog post, we will discuss terraform locals.
To get more details on terraform, please refer below terraform documentation.
https://www.terraform.io/docs/index.html