Open in app

Sign in

Write

Sign in

Move your Terraform Backend to any Custom S3

D. Heinrich
2 min readAug 10, 2019

--

We recently had to swtich from an Terraform-Artifactory Backend to an S3 one.

Since we do not work with AWS mostly, we have to use a “custom S3 provider”.

by visualweb.com

This is what the result looks like:

terraform {
  backend "s3" {
    key      = "<path to state on S3>/terraform.tfstate"
    endpoint = "https://obs.<region>.<Domain>"
    skip_region_validation = true
    skip_credentials_validation = true
  }
}

I’m aware the those two skip flags are obsolet, but they just work fine in our case…

We use skip_region_validation because we had to set eu-de as our region and terraform wount get tired to tell us that we dont use an valid AWS-S3 region like us-west-1 or so.

[...]
region
  The region of the S3 bucket.Enter a value: eu-deError initializing new backend: 
Error configuring the backend "s3": Invalid AWS Region: eu-dePlease update the configuration in your Terraform files to fix this error
then run this command again.

We had to use skip_credentials_validation because it seams that terraform tries to connect to AWS where our providede credentials didn’t work.

Error initializing new backend: 
Error configuring the backend "s3": error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
 status code: 403, request id: b362379c-xyz-11e9-xyz-a7268117c56fPlease update the configuration in your Terraform files to fix this error
then run this command again.

Then we where able to run our Terraform init command:

terraform init -backend-config "bucket=<S3 Bucket name>" -backend-config "access_key=$TF_VAR_access_key" -backend-config "secret_key=$TF_VAR_secret_key"

Which then finished successfull:

- module.some-module-nameInitializing the backend...Initializing provider plugins...Terraform has been successfully initialized!You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Cheers!

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

AWS
Terraform
S3
Backend
Custom

--

--

D. Heinrich
D. Heinrich

Written by D. Heinrich

41 Followers
4 Following

Working as a Head of Infrastructure at Flower Labs.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams