Scaffoldly provides a Remote State API for secure Terraform Remote State hosting using a GitHub Token.
Features:
- Zero Bootstrapping: if you have a GitHub token, you can use this API
- Hosted API in AWS Lambda + API Gateway in AWS courtsey of Scaffoldly
- Encrypted State
- State Locking
✅ We do not store or save the provided GitHub token.
1. Create a tfstate.tfbackend file with a GitHub Token with repo or repo:read access to the Repository specified by username:
username = "my-org/my-repo"
password = "ghp_abcd..."Note: Be sure to exclude tfstate.tfbackend from source control in the .gitignore.
Note: This can be a Personal Access Token or a token generated by GitHub OAuth
terraform {
backend "http" {
address = "https://api.tfstate.dev/github/v1"
lock_address = "https://api.tfstate.dev/github/v1/lock"
unlock_address = "https://api.tfstate.dev/github/v1/lock"
lock_method = "PUT"
unlock_method = "DELETE"
}
}terraform init -backend-config=tfstate.tfbackend -reconfigure [-migrate-state]Note: If you have a token that rotates regularly (such as Server-to-Server) tokens
generated by a GitHub Application, you will need to run -reconfigure each time
the token rotates.
See the Terraform Docs for specifics on migrating existing state.
Please create a new issue on GitHub.
Scaffoldly provides various services and automations to simplify Infrastructure Bootstrapping and DevOps.
tfstate.dev is provided as a free and easy way to store Terraform State. We've
open sourced it for transparency to show how it handles and secures Terraform state.
We were inspired by GitLab's ability to host Terraform State, and wanted the same functionality for GitHub.
Scaffoldly is not affiliated with GitHub.
Scaffoldly can help!
Message us on Gitter for details.