terraform-template/README.md

# My Personal Terraform Template

## Featuring

- Terraform without hardcoding
- [S3 Backend for Terraform State + DynamoDB Locking Table](https://blog.gruntwork.io/how-to-manage-terraform-state-28f5697e68fa) with partial configuration
- [Hashicorp Vault](https://www.vaultproject.io/) with my [personal deployment](https://git.mattmor.in/Madmin/HC-vault-personal)
- [Aws-Vault](https://github.com/99designs/aws-vault?tab=readme-ov-file#aws-vault)
- Multiple examples

## How to use

1. Template it
2. Provide S3 Backend Configuration in backend.hcl and input key in providers.tf
3. Provide Vault Configuration in vault.hcl and input key for [state file isolation](#isolation-of-state) in providers.tf
4. Configure AWS with:

``` bash
AWS configure sso
# fill in ~profile
```

``` bash
aws-vault exec ~profile #duration in providers.tf - 1h or less recommended
terraform init -backend-config=backend.hcl && terraform plan
```

``` bash
terraform apply
```

## Isolation of state

To isolate within the same configuration, use workspaces. To isolate between configurations, use file layout.

### Workspaces

to list workspaces:

``` bash
terraform workspace list
# default at start
```

to create a workspace:

``` bash
terraform workspace new ~workspace
```

to select a workspace:

``` bash
terraform workspace select ~workspace
```

## TODO

- Azure support
- GCP support
init template with docs 2024-03-02 13:21:38 +00:00			`# My Personal Terraform Template`
Initial commit 2024-03-02 12:26:12 +00:00
init template with docs 2024-03-02 13:21:38 +00:00			`## Featuring`

			`- Terraform without hardcoding`
			`- [S3 Backend for Terraform State + DynamoDB Locking Table](https://blog.gruntwork.io/how-to-manage-terraform-state-28f5697e68fa) with partial configuration`
			`- [Hashicorp Vault](https://www.vaultproject.io/) with my [personal deployment](https://git.mattmor.in/Madmin/HC-vault-personal)`
			`- [Aws-Vault](https://github.com/99designs/aws-vault?tab=readme-ov-file#aws-vault)`
			`- Multiple examples`

			`## How to use`

			`1. Template it`
			`2. Provide S3 Backend Configuration in backend.hcl and input key in providers.tf`
			`3. Provide Vault Configuration in vault.hcl and input key for [state file isolation](#isolation-of-state) in providers.tf`
			`4. Configure AWS with:`

			``` bash
			`AWS configure sso`
			`# fill in ~profile`
			```

			``` bash
			`aws-vault exec ~profile #duration in providers.tf - 1h or less recommended`
			`terraform init -backend-config=backend.hcl && terraform plan`
			```

			``` bash
			`terraform apply`
			```

			`## Isolation of state`

			`To isolate within the same configuration, use workspaces. To isolate between configurations, use file layout.`

			`### Workspaces`

			`to list workspaces:`

			``` bash
			`terraform workspace list`
			`# default at start`
			```

			`to create a workspace:`

			``` bash
			`terraform workspace new ~workspace`
			```

			`to select a workspace:`

			``` bash
			`terraform workspace select ~workspace`
			```

			`## TODO`

			`- Azure support`
			`- GCP support`