gh-mirrors/devops-directive-terraform-course
1
0
Fork 0
mirror of https://github.com/sidpalas/devops-directive-terraform-course.git synced 2025-12-13 14:21:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9949d314f3d3a2be54fae19d75546e912eb8a076
devops-directive-terraform-…/03-basics/aws-backend/main.tf
Lachlan Mulcahy 7a3fdaca72 03-basics: Fix deprecation warnings and postgres version error (#12) 
This change updates the s3 bucket resource syntax to use the newer
resource types for specifying versioning and encryption configs.
We also enable auto_minor_version_upgrade for the RDS instance and
switch to only asking for major version 12.

This will just use the default/latest RDS PostgreSQL v12 minor
version. Upside, the specific engine_version provided here will take
longer before it becomes invalid. Minor downside, we are saying its
OK for this RDS instance to undergo minor version upgrades, which
while fine for a toy example like this, is often not great in prod.
2022-09-06 19:53:38 -04:00

57 lines
1.5 KiB
HCL
Raw Blame History

terraform {
#############################################################
## AFTER RUNNING TERRAFORM APPLY (WITH LOCAL BACKEND)
## YOU WILL UNCOMMENT THIS CODE THEN RERUN TERRAFORM INIT
## TO SWITCH FROM LOCAL BACKEND TO REMOTE AWS BACKEND
#############################################################
# backend "s3" {
# bucket = "devops-directive-tf-state" # REPLACE WITH YOUR BUCKET NAME
# key = "03-basics/import-bootstrap/terraform.tfstate"
# region = "us-east-1"
# dynamodb_table = "terraform-state-locking"
# encrypt = true
# }
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
region = "us-east-1"
}
resource "aws_s3_bucket" "terraform_state" {
bucket = "devops-directive-tf-state" # REPLACE WITH YOUR BUCKET NAME
force_destroy = true
}
resource "aws_s3_bucket_versioning" "terraform_bucket_versioning" {
bucket = aws_s3_bucket.terraform_state.id
versioning_configuration {
status = "Enabled"
}
}
resource "aws_s3_bucket_server_side_encryption_configuration" "terraform_state_crypto_conf" {
bucket = aws_s3_bucket.terraform_state.bucket
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
resource "aws_dynamodb_table" "terraform_locks" {
name = "terraform-state-locking"
billing_mode = "PAY_PER_REQUEST"
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
Reference in New Issue View Git Blame Copy Permalink