Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Terraform CICD Best Practices

Terraform CICD Best Practices

Terraform CICD Best Practices by Mohammed Yahya

AWS MENA Community

September 26, 2020
Tweet

More Decks by AWS MENA Community

Other Decks in Technology

Transcript

  1. COMMUNITY DAY MENA About me Master Computer engineer, Cloud Solutions/DevOps

    Engineer. AWS Certified. Working remotely with German based Company @ GlobalDataNet Former Infrastructure Manager at Al-Aqsa University. Freelancing and Startups Mentor/Volunteer at GazaSkyGeeks. 8 years experience of Networks and systems. 3 years experience of DevOps and AWS. Founder of https://cloudfalcon.io Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  2. COMMUNITY DAY MENA Agenda Introduction to IaC What is Terraform?

    CICD in details Enhancements Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  3. COMMUNITY DAY MENA Introduction Infrastructure as code (IaC) is the

    process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. The IT infrastructure managed by this process comprises both physical equipment, such as bare-metal servers, as well as virtual machines, and associated configuration resources. The definitions may be in a version control system. It can use either scripts or declarative definitions, rather than manual processes, but the term is more often used to promote declarative approaches. Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  4. COMMUNITY DAY MENA CICD for IaC? When you design your

    software, most of the time you think about CI/CD approach to improve overall software development cycle and speed deployments up, nice! right?. But What about your IaC? You should treat your IaC the same way you do with Software, and even go the extra mile making sure that your end-end experience of updating your Infrastructure is safe, fast and reliable. Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  5. Terraform Terraform is an open-source infrastructure as code software tool

    created by HashiCorp using GoLang since 2014. Users define and provision data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language (HCL). Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  6. COMMUNITY DAY MENA CICD Some of our clients required that

    CI/CD pipeline solutions for Terraform should be implemented using AWS Services only, and we accepted that challenge. In the following Architecture, we describe our way of implementing Terraform CI/CD using AWS Developer Tools including AWS CodePipeline and AWS CodeBuild. We used CodePipeline for designing the phases and stages of the pipeline, and use CodeBuild for Terraform interaction and automation. In the Architecture, we include some of Terraform best practices, also we assume that the source code exists in AWS CodeCommit, but can be used with other source code management systems. Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  7. COMMUNITY DAY MENA Opensource Addons • tfenv • tflint •

    tfsec • Checkov • Terraform-compliance • InSpec Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io
  8. COMMUNITY DAY MENA Enhancements Cost Estimates Cost estimates for Terraform

    In your pull requests Better notifications Send rich details to slack or ms teams UI Manage Pipeline findings from a web page Mohammed Yahya ردﺻﻣﻟا دﻣﺣﻣ- https://mhmd.io