initial commit

2025-12-14 06:41:14 +00:00 · 2021-05-05 08:13:24 -07:00
commit 1d095e337a
28 changed files with 1168 additions and 0 deletions
--- a/03-basics/aws-backend/README.md
+++ b/03-basics/aws-backend/README.md
@@ -0,0 +1,31 @@
+Steps to initialize backend in AWS and manage it with Terraform:
+
+1) Use config from `bootstrap` (init, plan, apply) to provision s3 bucket and dynamoDB table with local state
+2) copy state file into import-bootstrap 
+   1) cp terraform.tfstate ../import-bootstrap
+3) Initialize within `import-bootstrap` using `terraform init`
+4) Uncomment out s3 backend provider:
+
+```
+  backend "s3" {
+    bucket         = "devops-directive-tf-state"
+    key            = "tf-infra/terraform.tfstate"
+    region         = "us-east-1"
+    dynamodb_table = "terraform-state-locking"
+    encrypt        = true
+  }
+```
+
+4) Reinitialize with `terraform init`:
+
+```
+Do you want to copy existing state to the new backend?
+  Pre-existing state was found while migrating the previous "local" backend to the
+  newly configured "s3" backend. No existing state was found in the newly
+  configured "s3" backend. Do you want to copy this state to the new "s3"
+  backend? Enter "yes" to copy and "no" to start with an empty state.
+
+  Enter a value: yes 
+```
+
+Now the S3 bucket and dynamoDB table are managed by Terraform and are able to be used as the state backend!
--- a/03-basics/aws-backend/bootstrap/main.tf
+++ b/03-basics/aws-backend/bootstrap/main.tf
@@ -0,0 +1,47 @@
+terraform {
+  # THIS BACKEND CONFIG GETS UNCOMMENTED IN IMPORT-BOOTSTRAP
+  # backend "s3" {
+  #   bucket         = "devops-directive-tf-state"
+  #   key            = "03-basics/import-bootstrap/terraform.tfstate"
+  #   region         = "us-east-1"
+  #   dynamodb_table = "terraform-state-locking"
+  #   encrypt        = true
+  # }
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = "us-east-1"
+}
+
+resource "aws_s3_bucket" "terraform_state" {
+  bucket        = "devops-directive-tf-state"
+  force_destroy = true
+  versioning {
+    enabled = true
+  }
+
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+}
+
+resource "aws_dynamodb_table" "terraform_locks" {
+  name         = "terraform-state-locking"
+  billing_mode = "PAY_PER_REQUEST"
+  hash_key     = "LockID"
+  attribute {
+    name = "LockID"
+    type = "S"
+  }
+}
--- a/03-basics/aws-backend/import-bootstrap/main.tf
+++ b/03-basics/aws-backend/import-bootstrap/main.tf
@@ -0,0 +1,47 @@
+terraform {
+  ### UNCOMMENT THIS AFTER INITIALIZNG ###
+  # backend "s3" {
+  #   bucket         = "devops-directive-tf-state"
+  #   key            = "03-basics/import-bootstrap/terraform.tfstate"
+  #   region         = "us-east-1"
+  #   dynamodb_table = "terraform-state-locking"
+  #   encrypt        = true
+  # }
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = "us-east-1"
+}
+
+resource "aws_s3_bucket" "terraform_state" {
+  bucket        = "devops-directive-tf-state"
+  force_destroy = true
+  versioning {
+    enabled = true
+  }
+
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+}
+
+resource "aws_dynamodb_table" "terraform_locks" {
+  name         = "terraform-state-locking"
+  billing_mode = "PAY_PER_REQUEST"
+  hash_key     = "LockID"
+  attribute {
+    name = "LockID"
+    type = "S"
+  }
+}