Make terraform init prompt for bucket name instead of defaulting to…

… local backend This makes it harder to do the wrong thing. With this change, we avoid a potential footgun when developers use `terraform init` instead of `terraform init -backend-config=dev.s3.tfbackend`. This isn't a functional change because we were already using encryption on everything in our state buckets.
byu-oit · Jun 24, 2024 · 356615a · 356615a
1 parent a7dfa3c
commit 356615a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/terraform-iac/app/main.tf b/terraform-iac/app/main.tf
@@ -3,7 +3,8 @@ terraform {
   backend "s3" {
     # The rest of the backend config is passed in
     # https://developer.hashicorp.com/terraform/language/settings/backends/configuration#partial-configuration
-    region = "us-west-2"
+    encrypt = true
+    region  = "us-west-2"
   }
   required_providers {
     aws = {

diff --git a/terraform-iac/setup/setup.tf b/terraform-iac/setup/setup.tf
@@ -3,7 +3,8 @@ terraform {
   backend "s3" {
     # The rest of the backend config is passed in
     # https://developer.hashicorp.com/terraform/language/settings/backends/configuration#partial-configuration
-    region = "us-west-2"
+    encrypt = true
+    region  = "us-west-2"
   }
   required_providers {
     aws = {