My simple terraform file is:
provider "aws" {
region = "region"
access_key = "key"
secret_key = "secret_key"
}
terraform {
backend "s3" {
# Replace this with your bucket name!
bucket = "great-name-terraform-state-2"
key = "global/s3/terraform.tfstate"
region = "eu-central-1"
# Replace this with your DynamoDB table name!
dynamodb_table = "great-name-locks-2"
encrypt = true
}
}
resource "aws_s3_bucket" "terraform_state" {
bucket = "great-name-terraform-state-2"
# Enable versioning so we can see the full revision history of our
# state files
versioning {
enabled = true
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}
resource "aws_dynamodb_table" "terraform_locks" {
name = "great-name-locks-2"
billing_mode = "PAY_PER_REQUEST"
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
All I am trying to do is to replace my backend from local to be store at S3. I am doing the following:
terraform init ( when the terrafrom{} block is comment )
terrafrom apply - I can see in my AWS that the bucket was created and the Dynmpo table as well.
now I am un commenting the terrafrom block and again terraform init and i get the following error:
Error loading state:
AccessDenied: Access Denied
status code: 403, request id: xxx, host id: xxxx
My IAM has administer access
I am using Terraform v0.12.24
as one can observe, I am directly writing my AWS key and secret in the file
What am i doing wrong?
I appreciate any help!
I encountered this before. Following are the steps that will help you overcome that error-
backend "s3" {
bucket = "great-name-terraform-state-2"
key = "global/s3/terraform.tfstate"
region = "eu-central-1"
access_key = "<access-key>"
secret_key = "<secret-key>"
}
}
The error should be gone.