Barnaby Baron. Exploring AWS.

  • Building a VPC and Migrating the Backend Terraform State to an S3 bucket!

Building a VPC and Migrating the Backend Terraform State to an S3 bucket!

2024-12-29 3 min read Projects Barny Baron

Journey: 📊 Community Builder 📊

Subject matter: Building on AWS

Task: Building a VPC and Migrating the Backend Terraform State to an S3 bucket!!

This week, I used Terraform to create a VPC with a single EC2 instance and then promoted the instance to a Domain Controller. Once this was created, I migrated the local backend Terraform state file to an S3 bucket.

In this scenario, I configured the VPC with multiple availability zones and promoted EC2 instance to a Domain Controller using userdata parameters, all done via Terraform. I then used Terraform to move the state file to a centralised area, best placed for collaboration.

Resource credit: This migration pattern was created using guidance from Jack Roper Here.

What did I use to build this environment?

  • Visual Studio Code platform
  • Terraform
  • AWS CLI
  • AWS Management Console

What is built?

  • A single VPC with multiple AZs
  • Public and Private Subnets
  • Custom Route Tables
  • Internet Gateway
  • NACLs and Security Groups
  • An EC2 instance, promoted to a Domain Controller

Building off the back of the last project I created Here.

In this task, I used Terraform modules and tfvars to create a VPC with two public subnets and three private subnets. In one of the subnets, I requested an EC2 instance be provisioned inside one of the public subnets at random.

Once this had come online, I added userdata parameters within the Terraform code to install products and services onto the instance and then to promote it to a Domain Controller.

I locked down DC Ingress on port 3389 to my IP address only and was able to successfully RDP and log into my Domain Controller.

After the environment came online, it was configured with a local storage state only, meaning difficulties in collaboration and scalability.

I created a new S3 bucket and added some new configuration code to my main.tf file. After this, I ran a “terraform init -migrate-state” command in my vscode window to execute the changes.

Terraform detected my amendments and prompted me to confirm my changes before initiating a migration of the local state file to my new S3 bucket.

Holding the state backend file in S3 ensures better security and also enhanced disaster recovery options as well offering a range of other options for team collaboration on a project.

Give it a go!

Some of the highlights…

Terraform structure:

Terraform applying:

Terraform completed:

VPC resource map:

Internet Gateway resource map:

Terraform code:

Migrating the Terraform state file:

New Terraform state location:

Terraform destroy:

My interpretation of the architecture:

Architecture

I hope you have enjoyed the article!

Cloud

Community Builder Terraform
© 2025 by Barny Baron
Powered by Bilberry Hugo Theme