👀 Views: 19 💬 Answers: 1 📅 Created: 2025-06-12

terraform aws dynamodb hcl

I recently switched to I'm writing unit tests and This might be a silly question, but I'm relatively new to this, so bear with me..... I'm working with issues with state locking while using the S3 backend in conjunction with a DynamoDB table for my Terraform project. Whenever I try to run `terraform apply`, I get the following behavior message: ``` behavior: behavior acquiring the state lock behavior: ConditionalCheckFailedException: The conditional request failed ``` I've set up my Terraform backend like this: ```hcl terraform { backend "s3" { bucket = "my-terraform-state-bucket" key = "terraform/state" region = "us-west-2" dynamodb_table = "terraform-locks" } } ``` The DynamoDB table `terraform-locks` has been created with a primary key called `LockID` of type String, which I believe is correct. I've also confirmed that the table's write capacity is set to a reasonable value (5 write units). What I suspect might be happening is that the locking mechanism is not functioning as expected because I see the lock being held for quite a long time even after terminating the previous apply process. I have manually checked the DynamoDB table, and it seems to be holding locks when I know no other operation is running. I've also tried deleting the lock item from the DynamoDB table, hoping to reset the locking mechanism, but that doesn’t seem to resolve the scenario either. I've tried running `terraform init -upgrade` to ensure I'm using the latest Terraform version (which is 1.3.5), and I also checked my AWS permissions. The IAM role I'm using has the following policies: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:PutObject", "s3:DeleteObject", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:GetItem" ], "Resource": [ "arn:aws:s3:::my-terraform-state-bucket/*", "arn:aws:dynamodb:us-west-2:123456789012:table/terraform-locks" ] } ] } ``` I'm not sure if there are some nuances with how the state locking works with the S3 backend and DynamoDB that I'm missing. Has anyone experienced this scenario? Any help or suggestions would be greatly appreciated! I'd really appreciate any guidance on this. I'm working on a web app that needs to handle this. Am I missing something obvious? The project is a CLI tool built with Hcl. Is this even possible? Thanks, I really appreciate it!