chore: Add AWS S3 bucket for Terraform state backend

nilgaar · Jul 26, 2024 · 9b7a7e2 · 9b7a7e2
1 parent 1eea561
commit 9b7a7e2
Showing 1 changed file with 44 additions and 0 deletions.
diff --git a/IaC/aws/tofu/_backend.tf b/IaC/aws/tofu/_backend.tf
@@ -1,3 +1,47 @@
+# tofu {
+#   backend "s3" {
+#     bucket = "tofu-terraform-state"
+#     key    = "terraform.tfstate"
+#     region = "eu-west-1"
+#   }
+# }
+
+
+resource "aws_s3_bucket_server_side_encryption_configuration" "default" {
+  bucket = aws_s3_bucket.state_backend.id
+
+  rule {
+    apply_server_side_encryption_by_default {
+      sse_algorithm = "AES256"
+    }
+  }
+}
+
+resource "aws_s3_bucket_public_access_block" "default" {
+  bucket                  = aws_s3_bucket.state_backend.id
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
+
+// Lock system
+resource "aws_dynamodb_table" "tofu_backend_lock" {
+  name         = "tofu-terraform-state-lock"
+  billing_mode = "PAY_PER_REQUEST"
+  hash_key     = "LockID"
+  attribute {
+    name = "LockID"
+    type = "S"
+  }
+  tags = {
+    Name        = "tofu-terraform-state-lock"
+    Environment = "dev"
+  }
+
+}
+
+
 resource "aws_s3_bucket" "state_backend" {
   bucket = "tofu-terraform-state"