terraform_lab

Terraform Remote State Management for ContentSphere Platform

Business Scenario

Manager:
We have successfully deployed the ContentSphere infrastructure on AWS using Terraform. However, storing the Terraform state file locally is not suitable when multiple team members work on the same project.

DevOps Engineer:
To solve this, we will use Terraform Remote State Management. It stores the state file in a shared and secure location, allowing the entire team to collaborate safely.

Manager:
How does this improve our workflow?

DevOps Engineer:
Remote state prevents conflicts, enables team collaboration, secures the state file, and keeps infrastructure changes synchronized across all users.

Manager:
What is our implementation plan?

DevOps Engineer:
We will configure a remote backend using AWS S3 for state storage and DynamoDB for state locking to prevent simultaneous modifications.

DevOps Engineer to Team:
Team, we will configure the Terraform remote backend, migrate the local state to AWS, verify remote state synchronization, and ensure safe collaborative infrastructure management.

Team:
Understood. We will implement Terraform Remote State Management to securely manage the ContentSphere infrastructure and enable efficient team collaboration.

Pre-Lab Preparation

AWS Account is available.
AWS CLI is installed and configured.
Terraform is installed.
S3 permissions are available.
DynamoDB permissions are available.
Basic understanding of Terraform state files.
ContentSphere Terraform project is available.

Task 1: Verify Existing Terraform State

Navigate to the existing Terraform project directory

cd contentsphere-infra

Verify local Terraform state file

ls

Expected Output:

terraform.tfstate
terraform.tfstate.backup

Review Terraform-managed resources

terraform state list

Expected Output:

aws_vpc.contentsphere_vpc
aws_instance.contentsphere_server
aws_s3_bucket.contentsphere_bucket

Task 2: Create S3 Bucket for Remote State Storage

Create an S3 bucket using AWS CLI.

aws s3 mb s3://contentsphere-tfstate-<unique-id>

Replace <unique-id> with a unique value

Verify the bucket creation

aws s3 ls

Navigate to the AWS Console

Navigate to: Amazon S3 → Buckets

Verify the state bucket is available.

Task 3: Create DynamoDB Table for State Locking

Create a DynamoDB table

aws dynamodb create-table \
--table-name terraform-locks \
--attribute-definitions AttributeName=LockID,AttributeType=S \
--key-schema AttributeName=LockID,KeyType=HASH \
--billing-mode PAY_PER_REQUEST

Verify the table creation

aws dynamodb list-tables

Expected Output: Terraform-locks

Verify the table in AWS Console.

Navigate to: DynamoDB → Tables

Task 4: Configure Terraform Remote Backend

Create a backend configuration file

touch backend.tf

Add the following configuration.

terraform {
 backend "s3" {
   bucket         = "contentsphere-tfstate-<unique-id>"
   key            = "dev/terraform.tfstate"
   region         = "us-east-1"
   dynamodb_table = "terraform-locks"
 }
}