The Ops Community

Cover image for Terraform Cloud As A Remote Backend
Moses Itoya
Moses Itoya

Posted on

Terraform Cloud As A Remote Backend

On my previous article, I gave a step by step process on using AWS S3 for terraform backend, I also talked about terraform state file and terraform lock file quite extensively.

In summary, the state file contains information about configuration and managed infrastructure. This state is used by terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructure. This state is stored by default in a local file named terraform.tfstate, but it can be stored remotely, which works better in a team environment. Read more about terraform state here

Backends are where Terraform's state snapshots are stored. There are different types of backends on Terraform, they include;

  • Local(which is the default)
  • remote(which we would look into in this article)
  • S3(which we've previously talked about)
  • Kubernetes(stores the state in a Kubernetes secret)
  • etcd(does not support state locking) and others.

Securing of your terraform state file is your responsibility.

We would be migrating a state of a project which has been local, remotely to terraform cloud. This is for better security, better team activity and a great UI.

Steps to migrate our state

  1. Set Up a Terraform cloud Account - Sign up for a new account if you don't already have one Image description - Log in and create an Organization. Give it any name you like Image description - Create a cloud code block on main.tf. When we refactor the code, a backend.tf file would be create where the cloud code block would be moved to.

    terraform {
    cloud {
    organization = "static-website"
    
    workspaces {
      name = "static-web-dry-run"
            }
        }
    }
    


    NOTE: The organization must already exist on terraform cloud, the workspaces however doesn't have to as it would be created if it doesn't already

  2. Authenticate with Terraform Cloud - Having defined your Terraform Cloud configuration, authentication with Terraform Cloud is necessary for initialization. Run terraform login Image description - Follow the prompt and set up the API keys which would be used for authentication Image description Image description Image description - You should get a successful output like this Image description

  3. Migrate the state file - Run terraform init so our new cloud code block configuration can be recognized Image description

  4. Configure the Terraform Cloud Workspace - Log into the your Terraform cloud Account

  • Confirm the workspace defined can be seen in the organization Image description

  • Run an apply and confirm the state is there on the terraform cloud workspace Image description Image description

Discussion (0)