Terraform Best Practices Workshop materials
The goal of this workshop is to become familiar with some of best practices using Terraform.
This workshop is a practical hands-on addition to Terraform Best Practices guide.
During or before the workshop, join Gitter chat room - https://terraform-best-practices-workshop/Lobby
- Open new AWS account before the workshop, S3 bucket for remote states (
tfworkshop), DynamoDB table for locking (
- Create IAM users in
Developersgroup which has power-user access in this AWS account
- Grant write access to this workshop repository to have code from attendees there (protect master branch)
- Grant write access to terraform-aws-s3-bucket and terraform-aws-s3-object modules repositories (protect master branch)
- Install latest version of Terraform.
- Install latest version of AWS CLI.
- Make sure that you have GitHub account created.
- Mac, Linux or Windows - all is fine as long as you can use it. If you want, you can get Linux box running using Vagrant+VirtualBox and install software from above on it.
Practical task: Let's host a static web-site using AWS S3 and Route53
Agenda for the workshop
- Resource modules
- Infrastructure modules
- Combination and orchestration
- What's next?
Make 2 resource modules which create AWS S3 resources (bucket and object). These modules should be very flexible, so that anyone can use them.
Clone these repositories, make your own branch (
git checkout -b my-branch-name), commit and push code to your branch, open a pull-request to review:
Resource modules should have these properties: clean code, feature-rich, sane defaults, tests/examples, documentation. Check "Using Terraform continuously — Common traits in modules" for more information.
- Use existing bucket vs create new one?
- Create one vs many resources (buckets and objects) using one module?
The result should be 2 resource modules, which we will use in the next task.
Create infrastructure modules called "static web-site" with these properties:
Should support conditional creation of bucket or use existing one:
- bucket_name is required
- create_bucket = true/false
- use data-source or call a resource module
Tags should be required, because we want to track expenses
- pre-commit-terraform (when hosted in a separate repository)
The result should be an infrastructure module
static-web-site which we will keep in this repo under
modules/static-web-site, because it is not very generic, contains some enforcements (tagging), and satisfies the needs of this workshop (for now).
There is a single AWS account, where resources for 2 environments (prod and staging) are located side-by-side in a single region (eu-west-1, for example).
Each attendee has his own project directory where this task should be completed - make your directory inside
projects directory with your name.
- Resources should share nothing between environments
- Remote state should match project directory and S3 bucket: to create. Eg,
Changing something here and there... How would you refactor this code?
terraform state mv command.
Combination and orchestration
terragrunt (?) & data sources as glue
Optional task: Add route53 support for zone by name
- Make infrastructure module which manages several connected&related resources: create bucket, upload files there, create route53 zone and give everyone 2 subdomains (prod and staging).
The result should be an uploaded file which is reachable by URL.
If there will be time available, we will learn about other related tools (Packer, Terragrunt, Atlantis, and few more)
All slides for the workshop are inside slides directory:
Please provide your feedback to me by email.
This work is licensed under Apache 2 License. See LICENSE for full details.