terraform-remote-state

We help companies build, run, deploy and scale software and infrastructure by embracing the right technologies and principles. Check out our website at https://lablabs.io/

---

Description

Terraform module to deploy resources for Terraform S3 backend.

Requirements

Name	Version
terraform	>= 1.0
aws	>= 2.0

Modules

Name	Source	Version
state_auth_kms_key	cloudposse/kms-key/aws	0.12.1
state_bucket	cloudposse/s3-bucket/aws	3.1.2
state_lock	cloudposse/dynamodb/aws	0.33.0
this	cloudposse/label/null	0.25.0

Resources

Name	Type
aws_caller_identity.provider	data source
aws_iam_policy_document.state_bucket_policy	data source
aws_iam_policy_document.state_kms_policy	data source
aws_iam_policy_document.state_kms_policy_root	data source
aws_iam_policy_document.state_policy_root	data source

Inputs

Name	Description	Type	Default	Required
additional_tag_map	Additional tags for appending to tags_as_list_of_maps. Not added to tags.	map(string)	{}	no
allow_ssl_requests_only	Set to true to require requests to use Secure Socket Layer (HTTPS/SSL). This will explicitly deny access to HTTP requests	bool	false	no
attributes	Additional attributes (e.g. 1)	list(string)	[]	no
context	Single object for setting entire context at once. See description of individual variables for details. Leave string and numeric variables as null to use default value. Individual variable settings (non-null) override settings in context object, except for attributes, tags, and additional_tag_map, which are merged.	object({ enabled = bool namespace = string environment = string stage = string name = string delimiter = string attributes = list(string) tags = map(string) additional_tag_map = map(string) regex_replace_chars = string label_order = list(string) id_length_limit = number })	{ "additional_tag_map": {}, "attributes": [], "delimiter": null, "enabled": true, "environment": null, "id_length_limit": null, "label_order": [], "name": null, "namespace": null, "regex_replace_chars": null, "stage": null, "tags": {} }	no
delimiter	Delimiter to be used between namespace, environment, stage, name and attributes. Defaults to - (hyphen). Set to "" to use no delimiter at all.	string	null	no
dynamo_billing_mode	DynamoDB Billing mode. Can be PROVISIONED or PAY_PER_REQUEST	string	"PAY_PER_REQUEST"	no
dynamo_min_read_capacity	DynamoDB autoscaling min read capacity	number	null	no
dynamo_min_write_capacity	DynamoDB autoscaling min write capacity	number	null	no
enabled	Set to false to prevent the module from creating any resources	bool	null	no
environment	Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT'	string	null	no
id_length_limit	Limit id to this many characters. Set to 0 for unlimited length. Set to null for default, which is 0. Does not affect id_full.	number	null	no
label_order	The naming order of the id output and Name tag. Defaults to ["namespace", "environment", "stage", "name", "attributes"]. You can omit any of the 5 elements, but at least one must be present.	list(string)	null	no
lock	Set to false to prevent the module from creating dynamodb table for locking	bool	true	no
name	Solution name, e.g. 'app' or 'jenkins'	string	null	no
namespace	Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp'	string	null	no
regex_replace_chars	Regex to replace chars with empty string in namespace, environment, stage and name. If not set, "/[^a-zA-Z0-9-]/" is used to remove all characters other than hyphens, letters and digits.	string	null	no
stage	Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release'	string	null	no
state	Set to false to prevent the module from creating s3 bucket for remote state	bool	true	no
state_kms	The AWS KMS master key ARN used for the SSE-KMS encryption. This can only be used when you set the value of encryption as aws:kms. The default aws/s3 AWS KMS master key is used if this element is set to 'master' or 'auto' for auto generated kms or 'arn:'	string	"master"	no
state_kms_policies	Additional policies attached to kms as list of aws_iam_policy_document	list(any)	[]	no
state_policies	Additional policies attached to bucket as list of aws_iam_policy_document	list(any)	[]	no
state_sse	Set to aws:kms to enable encryption SSE-KMS on s3 bucket for remote state	string	"AES256"	no
tags	Additional tags (e.g. map('BusinessUnit','XYZ')	map(string)	{}	no

Outputs

Name	Description
state_account_id	n/a
state_bucket_arn	n/a
state_bucket_domain_name	n/a
state_bucket_id	n/a
state_bucket_policy	n/a
state_kms	n/a
state_kms_policy	n/a
state_lock_table_arn	n/a
state_lock_table_hash_key	n/a
state_lock_table_id	n/a
state_lock_table_name	n/a
state_lock_table_stream_arn	n/a
state_lock_table_stream_label	n/a
state_sse	n/a

Contributing and reporting issues

Feel free to create an issue in this repository if you have questions, suggestions or feature requests.

Validation, linters and pull-requests

We want to provide high quality code and modules. For this reason we are using several pre-commit hooks and GitHub Actions workflows. A pull-request to the main branch will trigger these validations and lints automatically. Please check your code before you will create pull-requests. See pre-commit documentation and GitHub Actions documentation for further details.

License

See LICENSE for full details.

Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements.  See the NOTICE file
distributed with this work for additional information
regarding copyright ownership.  The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License.  You may obtain a copy of the License at

  https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied.  See the License for the
specific language governing permissions and limitations
under the License.