avatarAshish Patel

Summary

Terraform Remote State provides a solution for teams working with Terraform, allowing them to store the state file in a remote data store that can be shared between all team members, solving challenges related to local file usage.

Abstract

In this article, the author discusses the concept of Terraform Remote State, which is a way to store the state file in a remote data store, allowing teams to access the same Terraform state files to manage infrastructure. The article explains the benefits of using Terraform Remote State, including shared storage, locking, versioning, encryption, security, remote operations, and fewer manual errors. The author also discusses Terraform Backends, which enable users to store the state file in a shared remote store, and provides examples of backend configuration for Amazon S3, Azure Blob Storage, and Google Cloud Storage. The article concludes by summarizing the importance of using Terraform Remote State when working with Terraform as a team.

Bullet points

  • Terraform Remote State allows teams to store the state file in a remote data store, which can be shared between all team members.
  • Terraform Remote State solves challenges related to local file usage, such as ensuring that everyone has the latest state data before running Terraform and preventing concurrent runs.
  • Terraform Backends enable users to store the state file in a shared remote store.
  • Benefits of using Terraform Remote State include shared storage, locking, versioning, encryption, security, remote operations, and fewer manual errors.
  • Terraform Remote State supports storage in various cloud providers, including Amazon S3, Azure Blob Storage, Google Cloud Storage, Terraform Cloud, and HashiCorp Consul.
  • The article provides examples of backend configuration for Amazon S3, Azure Blob Storage, and Google Cloud Storage.

Terraform — Remote States Overview

What is Terraform Remote State — Introduction to Terraform Remote Storage!

Terraform — Remote States

TL;DR

With remote state, Terraform writes the state data to a remote data store, which can be shared between all team members.

Why you need Terraform Remote States?

By default, Terraform stores its state in the file terraform.tfstate in local filesystem. This works well for personal projects, but working with Terraform in a team, use of a local file makes Terraform usage complicated because each user must make sure they always have the latest state data before running Terraform and make sure that nobody else runs Terraform at the same time.

The best way to do this is by running Terraform in a remote environment with shared access to state. Remote state solves those challenges. Remote state is simply storing that state file remotely, rather than on your local filesystem. With a single state file stored remotely, teams can ensure they always have the most up to date state file.

Best practice: In a enterprise project and/or if Terraform is used by a team, it is recommended to setup and use remote state.

What is Terraform Backend?

Terraform backends enable you to store the state file in a shared remote store.

  • Remote state is implemented by a backend, which you can configure in configuration’s root module.
  • Backends determine where state is stored. For example, the local (default) backend stores state in a local JSON file on disk.
  • Backends provide an API for state locking. It is optional.

When using a non-local backend, Terraform will not persist the state anywhere on disk except in the case of a non-recoverable error where writing the state to the backend failed.

Benefits of using Terraform Remote State

  • Shared Storage: Remote state (Backend) allow each of your team members to access same Terraform state files to manage infrastructure.
  • Locking: With fully-featured remote backends, Terraform can lock the state file while changes are being made. This ensures all changes are captured, even if concurrent changes are being attempted against the same state. Without locking, if two team members are running Terraform at the same time, you may run into race conditions as multiple Terraform processes make concurrent updates to the state files, leading to conflicts, data loss, and state file corruption.
  • Versioning: Some backends support versioning. This maintains versions of your Terraform state files allowing you to download an old version if needed. Likewise, it provides audit logs to know who changed what and when.
  • Encryption: Many backends support encryption of the state file both in transit and at rest.
  • Security: A local state file save the content in plain text. It is very common to have secrets or sensitive data in the state, so local state files are insecure. Remote state resolves this issue.
  • Remote operations: Some backends allow to manage operations remotely (Terraform plan and apply execution). You don’t need to use terraform on your system to apply the changes. You could either trigger it from a Web UI, API call or CLI tool.
  • Less Manual Errors: Using a local state file as a shared storage, manually sync the changes could cause someone forget to sync the state file. Remote state will always sync the state automatically whenever it change. There are less changes of accidentally deletion of state file when it is stored remotely than on the local machine.

Terraform Remote State Storage Options

Terraform supports storing state in

  1. Amazon S3
  2. Azure Blob Storage
  3. Google Cloud Storage
  4. Terraform Cloud
  5. HashiCorp Consul
  6. Many more.

Read more about: Terraform Workspaces

Backend Configuration Example

Remote state setup can be achieved by setting up backends specific to the cloud.

  1. Setting up a remote state in Amazon S3:

2. Setting up a remote state in Azure Blob Storage:

3. Setting up a remote state in Google Cloud Storage (GCS):

Summary

When working with Terraform as a team, it is always ideal to set up a remote state as multiple people want to update the same state file and it is not really easy to work with multiple copies of divergent state files. Other features like locking, versioning and encryption can be implemented by setting up Remote states.

View more from DevOps Mojo

Happy Learning!!!

Terraform
Terraform State
Terraform Remote State
Terraform Backend
Infrastructure As Code
Recommended from ReadMedium
avatarFabián Sellés Rosa
How we avoided an outage caused by running out of IPs in EKS

Solving IP exhaustion in EKS: Avoiding a network outage by implementing custom networking

6 min read
avatarRahul Sharma
I have Asked This SSH Question in Every AWS Interview — And Here’s the Catch

When I interview people, I always ask questions about problems that people face in the real world.

6 min read
avatarAbdur Rahman
Python is No More The King of Data Science

5 Reasons Why Python is Losing Its Crown

6 min read
avatarAlexander Nguyen
The resume that got a software engineer a $300,000 job at Google.

1-page. Well-formatted.

4 min read
avatarJoel Wembo
Technical Guide: End-to-End CI/CD DevOps with Jenkins, Docker, Kubernetes, ArgoCD, Github Actions …

Building an end-to-end CI/CD pipeline for Django applications using Jenkins, Docker, Kubernetes, ArgoCD, AWS EKS, AWS EC2

53 min read
avatarHarendra
How I Am Using a Lifetime 100% Free Server

Get a server with 24 GB RAM + 4 CPU + 200 GB Storage + Always Free

3 min read