This project deploys the basic resources necessary for running multi-user Terraform deployments on an AWS account.
Go to file
bdeshi 0bfa74c95c
use dynamic version pinning
2024-05-17 23:47:25 +06:00
.gitignore add resources 2023-11-06 17:16:36 +06:00
.terraform-docs.yml add terraform-docs config 2024-05-17 23:44:27 +06:00
.terraform-version use dynamic version pinning 2024-05-17 23:47:25 +06:00
.terraform.lock.hcl use tf remote backend, update versions 2024-05-17 23:46:29 +06:00
LICENSE add license 2023-11-06 15:35:39 +06:00
README.md update readme 2024-05-17 23:46:50 +06:00
README.terraform.md update terraform-docs output 2024-05-17 23:47:08 +06:00
aws.data.tf add resources 2023-11-06 17:16:36 +06:00
aws.dynamodb.tf add resources 2023-11-06 17:16:36 +06:00
aws.iam.tf add resources 2023-11-06 17:16:36 +06:00
aws.kms.tf add resources 2023-11-06 17:16:36 +06:00
aws.s3.tf add resources 2023-11-06 17:16:36 +06:00
aws.ssm.tf add resources 2023-11-06 17:16:36 +06:00
terraform.backend.remote.tfvars.sample use tf remote backend, update versions 2024-05-17 23:46:29 +06:00
terraform.meta.tf use tf remote backend, update versions 2024-05-17 23:46:29 +06:00
terraform.outputs.tf add resources 2023-11-06 17:16:36 +06:00
terraform.tfvars.sample run terraform fmt 2024-05-17 23:45:25 +06:00
terraform.variables.tf run terraform fmt 2024-05-17 23:45:25 +06:00

README.md

Terraform AWS Pre-base Infrastructure

Intro

This project deploys the basic resources necessary for running multi-user Terraform deployments on an AWS account.

  • an s3 bucket for storing terraform states
  • a dynamodb table for maintaining terraform locks
  • an admin user intended for use in other IaC projects
  • a kms key intended for securing other IaC project secrets
  • a parameter store tree to keep outputs of this project for reference

This configuration is intended to be manually executed once at the beginning by the root user.

⚠️ Re-deploying this project again after running other AWS IaC projects can be extremely destructive.

Usage

  1. Install terraform. The required version is stated in terraform.meta.tf. You can also use tfenv to automatically get a suitable version.

  2. Insert backend config values in terraform.backend.tfvars. See terraform.backend.remote.tfvars.sample for example, or configure your preferred backend.

  3. (optional) Login to terraform cloud to use the remote backend:

    terraform login
    
  4. Install terraform dependencies and initiate the backend:

    terraform init -backend-config=terraform.backend.tfvars
    
  5. Insert deployment-specific values in terraform.tfvars. See terraform.tfvars.sample for example.

  6. Then execute as:

    terraform apply -var-file=terraform.tfvars
    

Notes

  • ⚠️ This project's state file should not be saved in the same AWS account where it is being deployed.

  • The terraform state is not saved in s3, because it is assumed that no s3 bucket for terraform states exists yet. Instead the terraform cloud remote backend is used. You may need to setup an account there. Or use local or your preferred backend. You should ensure security of the state file.

  • Generated outputs are also saved in a parameter store tree for future reference.