Hello everyone,
I am a beginner for Terraform. As part of transition, I got some Terraform git repos from my colleague which he had used to deploy infra in QA & Production account. Now I am trying to use same Terraform repo & build infra in a fresh AWS account but when I am running “terraform plan” command, I am getting errors like “Error: error reading S3 Bucket (myapp-prod-s3-access-logs): Forbidden”. Most likely due to Terraform state file committed in repo when terraform was deployed in production account . I changed bucket name in respective .tf file to create new bucket in fresh account but still its complaining about production s3 bucket. Request you to please guide me here or share any article to follow. Thanks.
Hi,
how do you store your state files? Are there remote backends in place for each environment
?
Thank you for your response.
state files are stored locally having separate name for each environment.
since I am deploying resources first time in a fresh AWS account, What should be my strategy to ask terraform to ignore state file & create infrastructure from scratch…? Thanks.
First of all it’s a good approach to have a dedicated AWS Account for each environment. So in addition you have to ensure that the state file is always clean and mapped to the given AWS Account respectively its deployment.
So I’d recommend looking into remote backends. Defining S3 backend might be simplest to get started.
For some services you’d have to ensure unique resource names (even cross accounts), e.g. for S3 buckets.