├── environments
    └── development
    │   ├── ap-southeast-1.tfvars
    │   ├── ap-southeast-2.tfvars
    │   ├── terraform.tfvars.example
    │   ├── inputs.tf
    │   ├── main.tf
    │   ├── provider.tf
    │   └── terraform.tf
├── modules
    ├── aws-s3
    │   ├── variables.tf
    │   ├── provider.tf
    │   └── main.tf
    ├── product-a
    │   ├── provider.tf
    │   ├── variables.tf
    │   └── main.tf
    └── sub-system-x
    │   ├── provider.tf
    │   ├── variables.tf
    │   └── main.tf
├── .gitignore
└── README.md


/environments/development/ap-southeast-1.tfvars:
--------------------------------------------------------------------------------
1 | region="ap-southeast-1"


--------------------------------------------------------------------------------
/environments/development/ap-southeast-2.tfvars:
--------------------------------------------------------------------------------
1 | region="ap-southeast-2"


--------------------------------------------------------------------------------
/modules/aws-s3/variables.tf:
--------------------------------------------------------------------------------
1 | variable "bucket" {}
2 | variable "region" {}


--------------------------------------------------------------------------------
/modules/aws-s3/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |    region = var.region
3 | }


--------------------------------------------------------------------------------
/modules/product-a/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |    region = var.region
3 | }


--------------------------------------------------------------------------------
/modules/sub-system-x/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |    region = var.region
3 | }


--------------------------------------------------------------------------------
/modules/product-a/variables.tf:
--------------------------------------------------------------------------------
1 | variable "images_bucket_name" {}
2 | variable "region" {}


--------------------------------------------------------------------------------
/modules/sub-system-x/variables.tf:
--------------------------------------------------------------------------------
1 | variable "images_bucket_name" {}
2 | variable "region" {}


--------------------------------------------------------------------------------
/environments/development/terraform.tfvars.example:
--------------------------------------------------------------------------------
1 | account_id="aws-account-id"
2 | environment="dev"


--------------------------------------------------------------------------------
/environments/development/inputs.tf:
--------------------------------------------------------------------------------
1 | variable "account_id" {}
2 | variable "environment" {}
3 | variable "region" {}


--------------------------------------------------------------------------------
/modules/sub-system-x/main.tf:
--------------------------------------------------------------------------------
1 | module "images_bucket"{
2 |     source = "../aws-s3"
3 |     bucket = var.images_bucket_name
4 |     region = var.region
5 | }


--------------------------------------------------------------------------------
/modules/product-a/main.tf:
--------------------------------------------------------------------------------
1 | module "sub_system_x"{
2 |     source = "../sub-system-x"
3 |     images_bucket_name = var.images_bucket_name
4 |     region = var.region
5 | }


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.vsix
 2 | .DS_Store
 3 | node_modules/
 4 | out/
 5 | .vscode-test
 6 | npm-debug.log
 7 | hcl-hil/*.js
 8 | .terraform
 9 | *.tfplan
10 | *.tfplan.json
11 | terraform.tfvars


--------------------------------------------------------------------------------
/environments/development/main.tf:
--------------------------------------------------------------------------------
1 | module "product-a" {
2 |   source = "../../modules/product-a"
3 |   images_bucket_name="images.tmp.example.com"
4 |   region = var.region
5 |   
6 | }
7 | 


--------------------------------------------------------------------------------
/environments/development/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |     assume_role {
3 |         role_arn = "arn:aws:iam::${var.account_id}:role/devops"
4 |         session_name = "terraform-app-${terraform.workspace}"
5 |     }
6 |     region = var.region
7 | }


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # tf-multi-region
2 | 
3 | Sample to back the [How to manage a multi-region, multi-environment infrastructure on AWS using Terraform](https://dev.to/sdileep/manage-a-multi-environment-multi-region-infrastructure-on-aws-using-terraform-1p2p) post.
4 | 


--------------------------------------------------------------------------------
/environments/development/terraform.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   required_version = "~> 0.12.6"
 3 | 
 4 |   backend "s3" {
 5 |     bucket         = "anoona-root-terraform-state"
 6 |     dynamodb_table = "anoona-root-terraform-state-lock"
 7 |     encrypt        = true
 8 |     // path pattern: s3://<bucket>/<workspace_key_prefix>/<workspace-name>/<key>
 9 |     key                  = "terraform.tfstate"
10 |     region               = "ap-southeast-2"
11 |     workspace_key_prefix = "product-a/development"
12 |   }
13 | }
14 | 


--------------------------------------------------------------------------------
/modules/aws-s3/main.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_s3_bucket" "terraform_state_storage" {
 2 |     acl = "private"
 3 |     bucket = var.bucket
 4 |     server_side_encryption_configuration {
 5 |       rule {
 6 |         apply_server_side_encryption_by_default {
 7 |           sse_algorithm     = "aws:kms"
 8 |         }
 9 |       }
10 |     }
11 |     versioning {
12 |       enabled = true
13 |     }
14 | }
15 | 
16 | resource "aws_s3_bucket_public_access_block" "terraform_state_storage" {
17 |   bucket = "${aws_s3_bucket.terraform_state_storage.id}"
18 | 
19 |   block_public_acls   = true
20 |   block_public_policy = true
21 |   ignore_public_acls = true
22 |   restrict_public_buckets = true
23 | }


--------------------------------------------------------------------------------