Creating a Terraform Remote State Backend on Amazon S3.
The purpose of this lab is saving your terraform.tfstate file to S3.
First off, what is Terraform state file? “The state is used by Terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructures. This state is stored by default in a local file named “terraform. tfstate”, but it can also be stored remotely, which works better in a team environment.”
Basically, the state file is how Terraform knows what to change, apply, and destroy when you use Terraform apply or destroy after creating a stack of real resources.
We will store our state file remotely so other teams members working with the resources can create and destroy the terraform stack. A “backend” in Terraform determines how state is loaded and how an operation such as apply is executed. By default, Terraform uses the “local” backend, which is the normal behavior of Terraform you’re used to. In this lesson we will be working with Amazon S3.
Let’s get started. First thing you should is make sure you have your AWS credentials. NOTE: the AWS Credentials need to have access to S3 to work with S3 as the backend to store state file.
Follow these steps to get them, if you need them or have lost track of them.
Step 1:
Create a backend.tf file ( or a .tf file with any name ) in your working directory.
Step 2:
Add the following configuration to your file.
The Terraform configuration tells the backend is going to be S3. You also have to supply the name of you bucket. The key is what your state file will be named as (terraform.tfstate) and the region is the region your bucket is in. Please make sure your bucket actually exists, otherwise this won’t work.
Step 3:
Now let’s add another .tf file with resources and provider settings. To make this simple, we’ll name this file ec2.tf but you can use any name as long as it is a .tf file. Then copy and paste the configuration below into your file.
Step 4:
Now we’re going to go back to our terminal and create a new file with our Terraform configuration from step 2, using vim. However, you can use any text editor of your choice.
Step 5:
Now we have to initialize our backend with the Terraform init command. “The terraform init command is used to initialize a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control.”
You can see our S3 bucket is still currently empty.
STEP 6:
It’s time to apply our configurations. Enter the command Terraform apply into your terminals. What exactly does terraform apply do? “The terraform apply command is used to apply the changes required to reach the desired state of the configuration, or the pre-determined set of actions generated by a terraform plan execution plan.”
It will then ask you “do you want to perform these actions” say yes.
Now the EC2 instance will be created as usual. Except this time the .tfstate file will now be stored in our S3 bucket instead of being stored locally.
STEP 7:
Let’s check our bucket. Click the refresh button located right below the region in the AWS S3 console page.
Now you should see the terraform.tfstate file appear in the S3 bucket.
Click terraform.tfstate and then click the open button. We should see all the information being saved in the state file such as the EC2.
STEP 8:
So, now that we have demoed how the remote state works. Let’s now go back and destroy all the resources we worked so hard on. Enter Terraform Destroy in your terminal. What is terraform destroy? Outside of the best command in Terraform in my opinion, it also is used to destroy the Terraform-managed infrastructure.
It will then ask you if you want to destroy, say yes.
Now if we go back to our S3 bucket. We’ll see the terraform.tfstate file but it will basically be empty.
Looks like we’re done, so that’s that! Hope this lab helped you out, thanks!
