Skip to content

Instantly share code, notes, and snippets.

@stenio123

stenio123/README.md

Last active January 11, 2019 14:21
Show Gist options
  • Save stenio123/be13402fec15f442e5af3df1ff346a6b to your computer and use it in GitHub Desktop.
Save stenio123/be13402fec15f442e5af3df1ff346a6b to your computer and use it in GitHub Desktop.
Download ZIP
Example AWS Terraform Enterprise Workflow
Raw
README.md

Example AWS Terraform Enterprise Workflow

This document describes the steps required to demo an opinionated workflow deploying and managing AWS resources using Terraform Enterprise.

Requirements

In order to complete this demo, you need to have:

  • a Terraform Enterprise account
  • a git account

Workflow Type

How to decide if you should use git repos, workspaces or modules? It depends on what is the objective of the deployment.

1- Foundational Deployments:

Logical resources that won't change often.

Small Variance Across Environments

  • Example: changes in names, tags, instance types
  • Use: Single git repository, multiple workspaces with environment-based variables
  • Reference: Follow the steps described below

Significant Variance Across Environments

  • Example: Security group rules, routing table rules
  • Use: Multiple git repositories with restricted access, multiple workspaces with environment-based variables
  • Reference: Follow the steps described below

2- Resusable Blocks:

Groups of resources deployed together frequently

Steps

  1. Fork the following repositories: terraform-aws-vpcexample terraform-aws-securitygroupexample-dev terraform-aws-securitygroupexample-prod terraform-aws-ec2appexample

  2. Create the following TFE workspaces:

  • NetworkingDev -> referencing terraform-aws-vpcexample
    • Terraform Variables: none required
    • Environment Variables: AWS keys
  • NetworkingProd -> referencing terraform-aws-vpcexample
    • Terraform Variables: none required
    • Environment Variables: AWS keys
  • SecurityGroupDev -> referencing terraform-aws-securitygroupexample-dev
    • Terraform Variables: tfe_org (name of your TFE org), vpc_workspace (name of workspace with vpc group - e.g. NetworkingDev)
    • Environment Variables: AWS keys
  • SecurityGroupProd -> referencing terraform-aws-securitygroupexample-prod
    • Terraform Variables: tfe_org (name of your TFE org), vpc_workspace (name of workspace with vpc group - e.g. NetworkingProd)
    • Environment Variables: AWS keys
  • AppDev -> referencing terraform-aws-ec2appexample
    • Terraform Variables: tfe_org (name of your TFE org), vpc_workspace (name of workspace with vpc group - e.g. NetworkingDev, and sg_workspace - eg SecurityDev)
    • Environment Variables: Azure keys
  1. Run each in sequence
  2. Open AWS, validate resources created
  3. Update port in terraform-aws-securitygroupexample-dev, commit, push, accept TF apply
  4. Open Azure, validate security group changed

Extras

Create Workspaces Automatically

Sanitizing Deployments

  • Lambda function/Slack integration that deletes ec2 instances once tagged TTL expires: AWS ec2 ReaperBot
  • Lambda function that deletes TFE workspaces once variable TTL expires: TFE Workspace Reaper
@stenio123
Copy link
Author

exampleawstfeworkflow-whiteboard

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment