This guide outlines the steps to create an S3 bucket for storing Terraform state files using the AWS CLI. It also covers optional steps for setting up state locking with DynamoDB.
- AWS CLI installed and configured with necessary permissions.
- An AWS account with permissions to create S3 buckets and DynamoDB tables (if using state locking).
Ensure AWS CLI is installed and configured with your credentials:
aws configureS3 bucket name should be globally unique.Make sure to use a unique bucket name.
aws s3 mb s3://chathra-tfstate-bkt --region us-east-1Enable versioning on your S3 bucket to keep the history of your state files:
aws s3api put-bucket-versioning --bucket chathra-tfstate-bkt --versioning-configuration Status=EnabledIf you want to use state locking, create a DynamoDB table:
aws dynamodb create-table \
--table-name my-lock-table \
--attribute-definitions AttributeName=LockID,AttributeType=S \
--key-schema AttributeName=LockID,KeyType=HASH \
--billing-mode PAY_PER_REQUESTAdd the following backend configuration in providers.tf
terraform {
backend "s3" {
bucket = "my-terraform-state-bucket" # use the same bucket name used in step 2
key = "terraform.tfstate"
region = "us-east-1"
dynamodb_table = "my-lock-table" # optional (Only if you created the DynamoDB table in step 4)
}
}This step will ensure github actions can authenticate and deploy the resources in AWS using Terraform.Your IAM user should have sufficient permissions in AWS. The AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY should be the security credentials of your AWS account user.
Step 7: Once you prepare the code locally and commited to the local git repository, push it to the new repository that you created in Step 6, so it should trigger Github actions(CI/CD pipeline)
git remote set-url origin <your new remote repo url(step 6)>
git push origin main
