I've run both setups across multiple projects, and they solve different problems depending on your team size and infrastructure maturity.
S3 + DynamoDB is straightforward if you're comfortable managing the infrastructure yourself. You get full control, no third-party dependency, and it's cheap. I use this for smaller teams (2-4 people) or when compliance requires state to stay within your AWS account. The setup is minimal:
terraform {
backend "s3" {
bucket = "company-tf-state"
key = "prod/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-locks"
encrypt = true
}
}
The friction point is getting state locking right. If you skip DynamoDB locking, concurrent applies will corrupt your state. I've seen this happen—not fun to recover from.
Terraform Cloud handles this for you. State encryption, locking, and audit logs are built in. The cost adds up though: $20-120/month depending on your run volume. Worth it for larger teams (8+) because you get better visibility, role-based access control, and policy as code through Sentinel. Your developers stop needing direct AWS credentials for Terraform runs.
My take: start with S3 + DynamoDB if you have a small team and AWS expertise. Move to Terraform Cloud when you hire more people or need compliance features. The migration isn't painful—Terraform can migrate state automatically.
What's your team size and compliance requirements looking like?
I've gone both routes. S3 + DynamoDB works fine until you hit scaling issues—multiple engineers running plans simultaneously, state corruption from incomplete locks, debugging whose apply broke what. We had a situation where a lock didn't release properly and blocked deploys for hours.
Terraform Cloud solved those problems for us, but the cost adds up with larger teams. It's worth it though for the audit trail, run history, and VCS integration that actually prevents mistakes.
My take: S3 + DynamoDB for hobby projects or strict compliance needs. Terraform Cloud for anything with 3+ engineers touching infrastructure regularly. The productivity gain outweighs the cost.
Sofia Rodriguez
Frontend architect. Design systems enthusiast.
S3 + DynamoDB works well until your team hits ~5-6 people and you start having async workflows. Then state lock contention becomes real, and you're debugging "another plan is in progress" at 2am.
Terraform Cloud solved this for me, but the cost calculus changes if you're running tons of small stacks. I land on this split: TC for shared infrastructure (VPC, IAM, RDS), S3 for isolated per-environment stuff that doesn't need coordination. Keeps the bill reasonable while avoiding lock nightmares.
The compliance angle is legit though. If your auditors care where bytes live, S3 is your only option.