Setting up Terraform State Management with S3 Bucket and Dynamo DB 📦🔐
State management with Terraform can be tricky if you do not know the right places to look. In this article we will:
- Understand how the AWS CLI configures the credentials. This is highly important as you will need to understand this for the storage locations and profile names.
- We will cover how to make sure that you understand the dependency order in which an “Environment Variable” on your local machine can cause havoc on you being able to connect.
- Then we will cover the order on setting up the state. Meaning that an S3 bucket must be created prior.
- After that, we will provide an example of how State Management works within your Engineering Team.
Understanding AWS CLI
When working with the AWS CLI we need to understand how to set up the “aws configure” with best practice. Yes, I too at one time just ran “aws configure” and added the credentials I needed. Now, I see that adding it to the default profile can cause issues. Let’s look out our existing aws configurations by running in the command line:
aws configure list
You should see something like this:
λ aws configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key <not set> None None
secret_key <not set> None None
region <not set> None None
Well, I hope you see something like this. If not then you lets start cleaning this out for a fresh state. So why are we doing this?
We are cleaning your IAM credentials to make sure we do not have any overriding defaults that would conflict without terraform backend and plus it teaches you how to delete them properly and set up profiles. 😆
Deleting AWS Configurations
So your credentials file and config file are kept at “~/.aws”. ~ is going to be the location of your user’s home directory. You can delete the…