systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 17 Activity Actions

Terraform the tfstate bucket

Browse source 
It's terraform all the way down
This commit is contained in:
Jake Howard 2020-02-22 23:41:01 +00:00
parent a80cc472cc
commit a307c53808
Signed by: jake
GPG key ID: 57AFB45680EDD477
2 changed files with 40 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
terraform/providers.tf
View file

@ -8,3 +8,7 @@ provider "cloudflare" {
email = "hosting+cloudflare@theorangeone.net" email = "hosting+cloudflare@theorangeone.net"
api_key = var.cloudflare_api_key api_key = var.cloudflare_api_key
} }
provider "aws" {
region = "eu-west-2"
}

36
terraform/state.tf Normal file
View file

@ -0,0 +1,36 @@
resource "aws_iam_user" "terraform" {
name = "terraform"
}
resource "aws_s3_bucket" "tfstate" {
bucket = "0rng-terraform"
acl = "private"
}
resource "aws_iam_user_policy" "terraform" {
name = "terraform"
user = aws_iam_user.terraform.name
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "iam:*",
"Resource": "${aws_iam_user.terraform.arn}"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"${aws_s3_bucket.tfstate.arn}",
"${aws_s3_bucket.tfstate.arn}/*"
]
}
]
}
EOF
}