Move backend to S3

backend/main.tf

@@ -0,0 +1,25 @@
+provider "aws" {
+  region = var.REGION
+}
+
+provider "aws" {
+  alias  = "replica"
+  region = var.REGION_REPLICA
+}
+
+module "remote_state" {
+  source = "nozaq/remote-state-s3-backend/aws"
+
+  providers = {
+    aws         = aws
+    aws.replica = aws.replica
+  }
+
+  override_s3_bucket_name = true
+  s3_bucket_name          = var.S3_STATE_BUCKET_NAME
+  s3_bucket_name_replica  = var.S3_STATE_BUCKET_REPLICA_NAME
+
+  kms_key_alias = var.STATE_KMS_KEY_ALIAS
+
+  dynamodb_table_name = var.STATE_DYNAMODB_TABLE_NAME
+}

backend/outputs.tf

@@ -0,0 +1,11 @@
+output "s3_state_bucket" {
+  value = module.remote_state.state_bucket.id
+}
+
+output "dynamodb_state_lock_table_name" {
+  value = module.remote_state.dynamodb_table.name
+}
+
+output "kms_state_key_id" {
+  value = module.remote_state.kms_key.id
+}

backend/terraform.tfvars.example

@@ -0,0 +1,10 @@
+# general
+REGION         = "eu-west-3"
+REGION_REPLICA = "eu-north-1"
+
+S3_STATE_BUCKET_NAME         = "demo-state-bucket-98017casd"
+S3_STATE_BUCKET_REPLICA_NAME = "demo-state-bucket-replica-98017casd"
+
+STATE_KMS_KEY_ALIAS = "demo-state-kms-key"
+
+STATE_DYNAMODB_TABLE_NAME = "demo-state-lock"

backend/variables.tf

@@ -0,0 +1,24 @@
+# general
+variable "REGION" {
+  type = string
+}
+
+variable "REGION_REPLICA" {
+  type = string
+}
+
+variable "S3_STATE_BUCKET_NAME" {
+  type = string
+}
+
+variable "S3_STATE_BUCKET_REPLICA_NAME" {
+  type = string
+}
+
+variable "STATE_KMS_KEY_ALIAS" {
+  type = string
+}
+
+variable "STATE_DYNAMODB_TABLE_NAME" {
+  type = string
+}

backend/versions.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.3"
+    }
+  }
+}