Terraform wrapper to manage state across multiple cloud providers
Project description
Terraform Remote State Manager(tfremote)
tf is a python package for managing terraform remote state for: Google(GCP), AWS, and Azure. It sets a defined structure for all cloud providers by removing the overheard of configuring and managing the path in storage buckets.
It works with:
:point_right: Google Storage Bucket
:point_right: AWS S3
:point_right: Azure Storage
❗️ Note Best practice is to make sure buckets are versioned.
Install package
pip install tfremote --upgrade
Environment setup
-
Install Python 3.8+
-
Using virtualenv is strongly recommended:
python3 -m venv <venv name>
- Terraform 0.14.0 and above (download: https://www.terraform.io/downloads.html)
Default log level is WARNING
, to change:
export TF_LOG_LEVEL
to any of these: 'CRITICAL', 'ERROR', 'WARNING', 'INFO', 'DEBUG'
❗️ Important - Three variables are required for using
tf
package:
- teamid
- prjid
- workspace
Three variables are required to set backend path in the remote storage:
teamid
,prjid
, andworkspace
teamid
andprjid
can be defined using:
- As
inline variables
e.g.:-var='teamid=demo-team' -var='prjid=demo-project'
- Inside
.tfvars
file e.g.:-var-file=<tfvars file location>
workspace
can be defined using:
-w/--workspace=<workspace_name>
For more information refer to Terraform documentation
Setup environment variables
Workspace list file location
Workspace file location(TF_WORKSPACE_FILE_LOCATION
) is used to standardize deployment process and location for teams.
export TF_WORKSPACE_FILE_LOCATION=<workspace list file location>
Reference file: link
AWS
❗️ Important - s3 bucket for remote state should reside in
us-west-2
Set below env variables:
export TF_AWS_BUCKET=<your_remote_state_bucket_name>
export TF_AWS_PROFILE=<aws profile to use>
export TF_AWS_BUCKET_REGION=us-west-2
Azure
To create storage for remote state there is handy script.
Run scripts/remote_state.sh
(fill in the required information)
Set below env variables:
export TF_AZURE_STORAGE_ACCOUNT=<remote state storage account name>
export TF_AZURE_CONTAINER=<remote state container>
export ARM_ACCESS_KEY=<storage account access key>
GCP(gcloud)
https://cloud.google.com/community/tutorials/managing-gcp-projects-with-terraform
Set below env variables:
export TF_GCLOUD_BUCKET=<remote state storage bucket name>
export TF_GCLOUD_CREDENTIALS=json credentials file path>
Usage
For GCP(gcloud):
tf plan -c=gcloud -var=teamid=demo-team -var=prjid=demo-app -w=demo-workspace
The structure in Google Storage Bucket:
For AWS:
tf plan -c=aws -var=teamid=demo-team -var=prjid=demo-app -w=demo-workspace
The structure in AWS S3:
If you need to specify state_key
in S3, specify -s=tryme-key
For Azure:
tf plan -c=azure -var=teamid=demo-team -var=prjid=demo-app -w=demo-workspace
The structure in Azure Storage:
For more available options:
tf -h
usage: tf [-h] [-var] [-var-file] [-c] [-w] [-s] [-f] [-nf] [-v]
Terraform remote state wrapper package
--------------------------------------
Usage: Set below env variables to begin (more information: https://github.com/tomarv2/tfremote):
TF_WORKSPACE_FILE_LOCATION
aws: TF_AWS_BUCKET, TF_AWS_PROFILE, TF_AWS_BUCKET_REGION=us-west-2
azure: TF_AZURE_STORAGE_ACCOUNT, TF_AZURE_CONTAINER, ARM_ACCESS_KEY
gcloud: TF_GCLOUD_BUCKET, TF_GCLOUD_CREDENTIALS
optional arguments:
-h, --help show this help message and exit
-var set Terraform configuration variable. This flag can be set multiple times
-var-file set Terraform configuration variables from a file. This flag can be set multiple times
-c specify cloud provider (default: 'aws'). Supported values: gcloud, aws, or azure)
-w specify existing workspace name
-s file name in remote state (default: 'terraform.tfstate')
-f enable FIPS endpoints (default: True)
-nf disable FIPS endpoints
-v show program's version number and exit
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for tfremote-0.0.13-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ec2a5080627aeab7c807f8c7a45735b9f11fe4c6040278dbb2c0338fa9a5ff42 |
|
MD5 | 2a6cc52dace1d5524f2237ca98664d78 |
|
BLAKE2b-256 | f92b0f1ce3d2cb3faa8bad5547e01423d122220815edf5fae6522ce023d7d67e |