vancluever/terraform-remote-config.sh

## terraform-remote-config.sh
#!/usr/bin/env bash

# Say you have a S3 state with KMS on, with the appropriate variables
# configured below (these could also be parameterized but I wanted to
# make this gist as easy as possible to digest). Using this script
# (or a reasonable facsimile thereof), you can emulate the old
# "terraform remote config" command that existed in TF pre-v0.9
# by creating a file with your config in your Terraform directory.
# This file should be ignored in source control!

# Your s3 bucket.
bucket_name="tfstate.example.internal"

# The path to your TF state in the bucket.
bucket_key="tf/test/ca-central-1.tfstate"

# The region your bucket is located in.
bucket_region="ca-central-1"

# The KMS key ID used to encrypt the buckets.
kms_key_id="ABCDEF0123456789"

# Your Terraform directory.
tf_dir="terraform"

# The path of the config file. This should be excluded in your source
# control!
remote_config_file="_remote_config.tf"

# Write out a TF config that contains all of the pertinent data in it.
#
# WARNING: Do not include credentials in this file! If you need credentials
# (ie: AWS creds when not using environment or instance profiles), supply
# them directly via "terraform init -backend-config= 'key=value'" command
# switches. This can be added to the init command below.
cat > "${remote_config_file}" <<EOS
# Automatically generated file - DO NOT EDIT!
# Ensure that this file is excluded from our source control!
terraform {
  backend "s3" {
    bucket     = "${__s3_bucket}"
    key        = "${__current_key}"
    region     = "${aws_region}"
    encrypt    = "true"
    kms_key_id = "${__key_alias}"
  }
}
EOS

# OPTIONAL. Wipe the .terraform and terraform.tfstate artifacts to
# make sure that you are not prompted for migration, which may
# break runs when running non-interactively. Note - this may
# possibly blow away data - back up accordingly! Obviously remove
# this if you WANT state to be migrated/copied.
rm -rf .terraform/ terraform.tfstate

# Run "terraform init" to write out the .terraform/terraform.tfstate
# file. This file is a stub and will not contain any state data.
# Remove -input=false if you need prompts on state migration/copy.
terraform init -backend=true -get=false -input=false

# Move the remote config to your Terraform directory. This extra
# step needs to be built into the workflow until TF gets the ability
# to perform init using configuration in a directory other than the
# one you are running Terraform from.
if [[ -n "${tf_dir}" ]]; then
  mv "${remote_config_file}" "${tf_dir}"
fi
	#!/usr/bin/env bash

	# Say you have a S3 state with KMS on, with the appropriate variables
	# configured below (these could also be parameterized but I wanted to
	# make this gist as easy as possible to digest). Using this script
	# (or a reasonable facsimile thereof), you can emulate the old
	# "terraform remote config" command that existed in TF pre-v0.9
	# by creating a file with your config in your Terraform directory.
	# This file should be ignored in source control!

	# Your s3 bucket.
	bucket_name="tfstate.example.internal"

	# The path to your TF state in the bucket.
	bucket_key="tf/test/ca-central-1.tfstate"

	# The region your bucket is located in.
	bucket_region="ca-central-1"

	# The KMS key ID used to encrypt the buckets.
	kms_key_id="ABCDEF0123456789"

	# Your Terraform directory.
	tf_dir="terraform"

	# The path of the config file. This should be excluded in your source
	# control!
	remote_config_file="_remote_config.tf"

	# Write out a TF config that contains all of the pertinent data in it.
	#
	# WARNING: Do not include credentials in this file! If you need credentials
	# (ie: AWS creds when not using environment or instance profiles), supply
	# them directly via "terraform init -backend-config= 'key=value'" command
	# switches. This can be added to the init command below.
	cat > "${remote_config_file}" <<EOS
	# Automatically generated file - DO NOT EDIT!
	# Ensure that this file is excluded from our source control!
	terraform {
	backend "s3" {
	bucket = "${__s3_bucket}"
	key = "${__current_key}"
	region = "${aws_region}"
	encrypt = "true"
	kms_key_id = "${__key_alias}"
	}
	}
	EOS

	# OPTIONAL. Wipe the .terraform and terraform.tfstate artifacts to
	# make sure that you are not prompted for migration, which may
	# break runs when running non-interactively. Note - this may
	# possibly blow away data - back up accordingly! Obviously remove
	# this if you WANT state to be migrated/copied.
	rm -rf .terraform/ terraform.tfstate

	# Run "terraform init" to write out the .terraform/terraform.tfstate
	# file. This file is a stub and will not contain any state data.
	# Remove -input=false if you need prompts on state migration/copy.
	terraform init -backend=true -get=false -input=false

	# Move the remote config to your Terraform directory. This extra
	# step needs to be built into the workflow until TF gets the ability
	# to perform init using configuration in a directory other than the
	# one you are running Terraform from.
	if [[ -n "${tf_dir}" ]]; then
	mv "${remote_config_file}" "${tf_dir}"
	fi