S3 backend documentation

[kchugalinskiy]

Hello, could you please clarify correct configuration for storing state using s3 backend. I've noticed that this section is not covered by documentation at all.

The config I tried to use is

provider "yandex" {}
terraform {
  backend "s3" {
    endpoint   = "storage.yandexcloud.net"
    bucket     = "bucket"
    key          = "some/path"
    region     = "us-east-1"
  }
}

Output is

Error configuring the backend "s3": No valid credential sources found for AWS Provider.
    Please see https://terraform.io/docs/providers/aws/index.html for more information on
    providing credentials for the AWS Provider

My friends have kindly suggested the following configuration, but it is still unclear what should be passed into secret_key and access_key attributes

terraform {
  backend "s3" {
    endpoint   = "storage.yandexcloud.net"
    bucket     = "bucket"
    key          = "some/path"
    region     = "us-east-1"
    access_key = "?"
    secret_key = "?"

    skip_requesting_account_id  = true
    skip_credentials_validation = true
    skip_get_ec2_platforms      = true
    skip_metadata_api_check     = true
  }
}

In this case output doesn't differ.

Could you please clarify this use case in documentation, as this is one of the most common use cases.

[GennadySpb]

Hello!

You are on the right way. To use Object Storage as S3 compatible backend you need static access key. This entity contains values for access_key (corresponds to id of generated key) & secret_key (secretKey respectively) fields.

To get static access key follow steps:

1. Create a service account.
2. Assign a role to a service account.
3. Create a static access key.

[ekodian]

skip_region_validation=true skip_credentials_validation=true

These ^^ two options in enough