Skip to content

Latest commit

 

History

History
115 lines (87 loc) · 4.29 KB

terraform.md

File metadata and controls

115 lines (87 loc) · 4.29 KB
Raw

Terraform Tips and tricks

Features

Any pipeline solution we develop/offer should at least have the following:

  • init
  • validate
  • linting
  • plan
  • security checks
  • policy checks
  • cost estimations
  • apply
  • notifications

Terraform CLi/Wrappers

  • Terraform
  • Terragrunt
  • Terraspace
  • Terramate
  • Cluster.dev
  • GDN's Taskfile

Custom Terraform CI/CD

  • Jenkins
  • Circle CI
  • Gitlab CI
  • Bitbucket pipelines
  • Github Actions
  • AWS CodeBuild and CodePipeline

SaaS Terraform CI/CD

  • env0
  • Scalr
  • Spacelift
  • Terraform Cloud

Tools

Bootstrap and prepare local developer machine, get started by Installing the following DevOps Tools:

  • Git
  • Taskfile
  • tfenv - tool for managing different versions of terraform; the required version can be specified directly as an argument or via .terraform-version
  • tgenv - tool for managing different versions of terragrunt; the required version can be specified directly as an argument or via .terragrunt-version
  • terraform - terraform itself, our main development tool: tfenv install
  • awscli - console utility to work with AWS API
  • kubectl - conssole utility to work with Kubernetes API
  • kubectx + kubens - power tools for kubectl help you switch between Kubernetes clusters and namespaces
  • helm - tool to create application packages and deploy them into k8s
  • helmfile - "docker compose" for helm
  • terragrunt - small terraform wrapper providing DRY approach in some cases: tgenv install
  • awsudo - simple console utility that allows running awscli commands assuming specific roles
  • aws-vault - tool for securely managing AWS keys and running console commands
  • aws-mfa - utility for automating the reception of temporary STS tockens when MFA is enabled
  • vscode - main IDE
  • azure-cli - Azure Command-Line Interface (CLI)

Optionally, a pre-commit hook can be set up and configured for terraform: pre-commit-terraform, this will allow formatting and validating code at the commit stage

AWS CLI Access

Edit AWS Config file:

vi ~/.aws/config

Add AWS SSO settings:

[profile XYZ]
sso_start_url=https://XYZ.awsapps.com/start
sso_region=XYZ
sso_account_id=XYZXYZXYZXYZ
sso_role_name=XYZ

Login using aws-vault:

aws-vault exec XYZ-shared

VSCode

Useful DevOps VSCode extensions

Extensions