Skip to content

tamu-edu/it-ae-tfmod-aws-state

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github/workflows
.github/workflows
 
 
templates
templates
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
README.md
README.md
 
 
inputs.tf
inputs.tf
 
 
main.tf
main.tf
 
 

Repository files navigation

it-ae-tfmod-aws-state

This is a terraform module for initializing a terraform state backend in AWS. It supports DynamoDB or S3 object locking for state locking and outputs a ready-to-use backend configuration to include in your main terraform code.

Example usage

A common pattern for using this is to create a folder within your main project named terraform-state. An example main.tf to use this is as follows:

module "state_backend" {
  source = "github.com/tamu-edu/it-ae-tfmod-aws-state?ref=v1.0.0"

  bucket_name         = "my-terraform-state-bucket"
}

To execute, first obtain credentials for an AWS account with permissions to create S3 buckets and [optionally] DynamoDB tables. Then run:

terraform init
terraform apply

A common use pattern is to create a setup folder in your main project to create the state backend before running the rest of your terraform code. An example structure is as follows:

/setup/main.tf  # Code to create the state backend
/main.tf        # Your main terraform code

When used this way, you can write the backend configuration in your main terraform code as follows:

resource "local_file" "write_parent_backend_config" {
  content  = module.state_backend.terraform_backend_config
  filename = "../tf_backend.tf"
}

When no inputs are provided, the module will create an S3 bucket with a generated name based on the AWS account ID (terraform-state-{account_id}). It will not create a DynamoDB table, assuming S3 object locking will be used for state locking (as recommended by AWS and Hashicorp).

.gitignore recommendation

Consider adding the following to your .gitignore file, updating paths as necessary:

# .tfstate files
*.tfstate
*.tfstate.*
!/setup/*.tfstate
!/setup/*.tfstate.*

This will allow committing the terraform state files for the setup folder while ignoring state files for the rest of your project.

Requirements

Name Version
aws >= 4.0

Providers

Name Version
aws 6.17.0

Modules

No modules.

Resources

Name Type
aws_dynamodb_table.state resource
aws_s3_bucket.state resource
aws_s3_bucket_versioning.state resource
aws_caller_identity.current data source
aws_region.current data source

Inputs

Name Description Type Default Required
bucket_name The name of the S3 bucket to create for storing the Terraform state string null no
dynamodb_table_name The name of the DynamoDB table to create for storing the Terraform state lock. If omitted, will autogenerate a name based on the AWS account ID. string null no
use_dynamodb Whether to create a DynamoDB table for storing the Terraform state lock. If false, S3 object locking will be used. bool false no

Outputs

Name Description
account_id AWS account ID where state resources were created
bucket The name of the S3 bucket created for storing the Terraform state
dynamodb_table The name of the DynamoDB table created for storing the Terraform state lock, or null if not created
region AWS region where state resources were created
terraform_backend_config A terraform backend configuration template

About

Terraform module to provision a state backend in AWS

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 2

v1.0.0 Latest
Oct 20, 2025
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages