feat: bootstrap no dynamodb table (#156)

marekaf · web-flow · commit 7a5a5b03b641 · 2025-06-03T12:31:38.000+02:00
diff --git a/modules/aws-bootstrap/main.tf b/modules/aws-bootstrap/main.tf
@@ -37,6 +37,7 @@ module "terraform_state" {
 resource "aws_dynamodb_table" "terraform_state_lock" {
   #checkov:skip=CKV_AWS_28: The terraform state lock is meant to be ephemeral and does not need recovery
   #checkov:skip=CKV_AWS_119: The terraform state lock does not hold any sensitive data
+  count        = var.create_dynamodb_table ? 1 : 0
   name         = var.dynamodb_table_name
   hash_key     = "LockID"
   billing_mode = "PAY_PER_REQUEST"
diff --git a/modules/aws-bootstrap/outputs.tf b/modules/aws-bootstrap/outputs.tf
@@ -5,5 +5,5 @@ output "state_bucket" {
 
 output "dynamodb_table" {
   description = "The name of the dynamo db table"
-  value       = aws_dynamodb_table.terraform_state_lock.id
+  value       = var.create_dynamodb_table ? aws_dynamodb_table.terraform_state_lock[0].id : null
 }
diff --git a/modules/aws-bootstrap/variables.tf b/modules/aws-bootstrap/variables.tf
@@ -41,3 +41,9 @@ variable "dynamodb_point_in_time_recovery" {
   default     = false
   description = "Point-in-time recovery options"
 }
+
+variable "create_dynamodb_table" {
+  type        = bool
+  default     = true
+  description = "Create DynamoDB table for Terraform state locking"
+}

Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,5 @@ output "state_bucket" {`
`5`	`5`
`6`	`6`	`output "dynamodb_table" {`
`7`	`7`	`description = "The name of the dynamo db table"`
`8`		`- value = aws_dynamodb_table.terraform_state_lock.id`
	`8`	`+ value = var.create_dynamodb_table ? aws_dynamodb_table.terraform_state_lock[0].id : null`
`9`	`9`	`}`