Unable to implement state lock with dynamodb


Got a situation where I am looking for any guidance. My team has a s3 bucket which holds all remote states from the team as they create ‘sandbox environments’. Issue we have now is that a state file can be written to at multiple different times, hence the need to lock the state.

The s3 bucket was created outside of terraform but is referenced as part of a data block:

terraform {
  backend "s3" {}

data "terraform_remote_state" "state" {
  backend = "s3"
  config = {
    bucket = "${var.statebucket}"
    key    = "${var.statekey}"
    region = "${var.aws_bucket_region}"

I’ve created the lock table in dynamodb and thought to just add dynamodb_table = "state-lock-table" to the data block within config above.

Sadly this isn’t working and I’m at loss to understand why. Any tips or advice?

Ultimately we want 1 s3 bucket with all remote state files within. But locking them is proving an issue, nothing seems to be happening as a result. I see nothing in dynamodb table at the time of apply or plan or do I see anything in console telling me it’s checking the lock table.

Any help or guidance much appreciated!

Hi @GaryH,
a data provider terraform_remote_state is used in order to query a state (outputs) but not to lock a state while running apply.
A proper S3/DynamoDB backend configuration is applied within the backend{} block.