AWS Cross Region Replication ie CRR using Terraform

Table of contents
Reading Time: 2 minutes

Hi guys, today we will be learning how to perform cross region replication ie CRR on aws using terraform.

Basically cross region replication is one the many features that aws provides by which you can replicate s3 objects into other aws region’s s3 bucket for reduced latency, security, disaster recovery etc.

You can also do it using AWS console but here we will be using IAAC tool, terraform. In many production based scenario you will be having a IAAC tool only.

Steps to perform CRR:-

Terraform Script For AWS CRRCreate a, and terraform.tfvars inside your empty directory

Inside, create variables “source_bucket_name”, “stage”, “project”, “product”, “description”, “managedBy”, “tags”, “public”, “forced_destroy”, “version”, “lifecycle_enabled”, “iam_role_name”, “destination_bucket_name”. Please visit for more details.

variable "source_bucket_name" {
  type        = string
  description = "Source Bucket Name"

variable "stage" {
  type        = string
  description = "Deployment stage/environment name"

variable "project" {
  type        = string
  description = "Project Name"
  default     = "Bucket Replication Project"

variable "product" {
  type        = string
  description = "Product Domain"
  default     = "DEMO"

variable "description" {
  type        = string
  description = "The description of this S3 bucket"
  default     = "S3 Bucket to hold your Data"

variable "managedBy" {
  description = "Managed By automation tool name"
  default     = "Terraform"

variable "tags" {
  description = "A map of tags to add to all resources"
  default     = {}

variable "public" {

  description = "Allow public read access to bucket"
  default     = "private"

variable "force_destroy" {
  description = "Delete all objects in bucket on destroy"
  default     = true

variable "versioned" {
  description = "Version the bucket"
  default     = true

variable "lifecycle_enabled" {
  description = "Is Lifecycle enabled?"
  default     = false

variable "iam_role_name" {
  type        = string
  description = "IAM Role name for replication"

variable "destination_bucket_name" {
  type        = string
  description = "Destination bucket name"

Now inside terraform.tfvars provide the values of variables stage, iam_role_name, source_bucket_name and destination_bucket_name. visit for more details.

stage                         = "dev"
iam_role_name                 = "demo-bucket-replication"
source_bucket_name            = "demotf-source-bucket-aki-crr"
destination_bucket_name       = "demotf-destination-bucket-aki-crr"

Now we have to write

Write down the provider details or source and destination s3 bucket. follow for sample

provider "aws" {
	region = "us-east-1"

provider "aws" {
  alias = "central"
  region                = "us-west-2"

Create aws_s3_bucket resource for destination bucket. provide tags, versioning info, acl etc.

aws_bucket_policy. provide destination bucket id and its policy

Create aws_iam_policy resource and provide name, description and policy

create aws_iam_role and aws_iam_role_policy_attachment resource

Now create aws_s3_bucket for source bucket. provide replication configuration inside this block

For above each point visit

Now you can add some data inside source bucket, and can see the same data in destination bucket which confirms the cross region replication ie crr

In order to achieve cross region replication(crr) we need above steps. you can also add as i did, but that is not mandatory.

Now, enter terraform apply to apply the changes over your configured aws. Due to terraform it is very easy to manage cross region replication on aws.