2015-05-06 02:52:28 +02:00
|
|
|
---
|
2020-08-15 03:51:06 +02:00
|
|
|
layout: "language"
|
2017-02-15 21:58:52 +01:00
|
|
|
page_title: "State: Remote Storage"
|
|
|
|
sidebar_current: "docs-state-remote"
|
2015-05-06 02:52:28 +02:00
|
|
|
description: |-
|
|
|
|
Terraform can store the state remotely, making it easier to version and work with in a team.
|
|
|
|
---
|
|
|
|
|
|
|
|
# Remote State
|
|
|
|
|
2018-06-26 02:57:08 +02:00
|
|
|
By default, Terraform stores state locally in a file named `terraform.tfstate`.
|
|
|
|
When working with Terraform in a team, use of a local file makes Terraform
|
|
|
|
usage complicated because each user must make sure they always have the latest
|
|
|
|
state data before running Terraform and make sure that nobody else runs
|
|
|
|
Terraform at the same time.
|
2015-05-06 02:52:28 +02:00
|
|
|
|
2018-06-26 02:57:08 +02:00
|
|
|
With _remote_ state, Terraform writes the state data to a remote data store,
|
|
|
|
which can then be shared between all members of a team. Terraform supports
|
2019-08-07 00:28:03 +02:00
|
|
|
storing state in [Terraform Cloud](https://www.hashicorp.com/products/terraform/),
|
2020-09-10 22:07:46 +02:00
|
|
|
[HashiCorp Consul](https://www.consul.io/), Amazon S3, Azure Blob Storage, Google Cloud Storage, Alibaba Cloud OSS, and more.
|
2015-05-06 02:52:28 +02:00
|
|
|
|
2020-12-17 00:10:49 +01:00
|
|
|
Remote state is a feature of [backends](/docs/backends/), which you can activate
|
2020-10-24 03:05:19 +02:00
|
|
|
in your configuration's root module.
|
2016-06-18 03:16:09 +02:00
|
|
|
|
2015-05-06 02:52:28 +02:00
|
|
|
## Delegation and Teamwork
|
|
|
|
|
2020-10-24 03:05:19 +02:00
|
|
|
Remote state allows you to share
|
|
|
|
[output values](/docs/configuration/outputs.html) with other configurations.
|
|
|
|
This allows your infrastructure to be decomposed into smaller components.
|
2015-05-06 02:52:28 +02:00
|
|
|
|
|
|
|
Put another way, remote state also allows teams to share infrastructure
|
2018-06-26 02:57:08 +02:00
|
|
|
resources in a read-only way without relying on any additional configuration
|
|
|
|
store.
|
2015-05-06 02:52:28 +02:00
|
|
|
|
|
|
|
For example, a core infrastructure team can handle building the core
|
|
|
|
machines, networking, etc. and can expose some information to other
|
|
|
|
teams to run their own infrastructure. As a more specific example with AWS:
|
|
|
|
you can expose things such as VPC IDs, subnets, NAT instance IDs, etc. through
|
|
|
|
remote state and have other Terraform states consume that.
|
|
|
|
|
2018-06-26 02:57:08 +02:00
|
|
|
For example usage, see
|
|
|
|
[the `terraform_remote_state` data source](/docs/providers/terraform/d/remote_state.html).
|
|
|
|
|
2020-10-24 03:05:19 +02:00
|
|
|
While remote state can be a convenient, built-in mechanism for sharing data
|
|
|
|
between configurations, you may prefer to use more general stores to
|
2018-06-26 02:57:08 +02:00
|
|
|
pass settings both to other configurations and to other consumers. For example,
|
|
|
|
if your environment has [HashiCorp Consul](https://www.consul.io/) then you
|
|
|
|
can have one Terraform configuration that writes to Consul using
|
2020-12-17 00:17:27 +01:00
|
|
|
[`consul_key_prefix`](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/resources/key_prefix) and then
|
2018-06-26 02:57:08 +02:00
|
|
|
another that consumes those values using
|
2020-12-17 00:17:27 +01:00
|
|
|
[the `consul_keys` data source](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/data-sources/keys).
|
2015-05-06 02:52:28 +02:00
|
|
|
|
|
|
|
## Locking and Teamwork
|
|
|
|
|
2018-06-26 02:57:08 +02:00
|
|
|
For fully-featured remote backends, Terraform can also use
|
|
|
|
[state locking](/docs/state/locking.html) to prevent concurrent runs of
|
|
|
|
Terraform against the same state.
|
2015-05-06 02:52:28 +02:00
|
|
|
|
2019-08-07 00:28:03 +02:00
|
|
|
[Terraform Cloud by HashiCorp](https://www.hashicorp.com/products/terraform/)
|
2018-06-26 02:57:08 +02:00
|
|
|
is a commercial offering that supports an even stronger locking concept that
|
|
|
|
can also detect attempts to create a new plan when an existing plan is already
|
|
|
|
awaiting approval, by queuing Terraform operations in a central location.
|
|
|
|
This allows teams to more easily coordinate and communicate about changes to
|
|
|
|
infrastructure.
|