Skip to content

thirukkumaran/IaC-pipeline-terraform

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
codebuild.tf
codebuild.tf
 
 
codecommit.tf
codecommit.tf
 
 
codepipeline.tf
codepipeline.tf
 
 
dev-backend.conf
dev-backend.conf
 
 
dev.tfvars
dev.tfvars
 
 
main.tf
main.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

IaC pipeline in AWS aims to create a continuous deployment pipeline for terraform scripts to manage the infrastructure.

** terraform state will be stored in S3 and lock by dynamodb **

Services

CodeCommit - SVC for terrform scripts

CodeBuild - Terraform env to run scripts

CodePipeline - Continous deployment pipeline for terraform scripts

S3 - To store terraform remote state, CodeBuild artifacts & logs, CodePipeline artifacts

DynamoDB - Terraform remote state locking

IAM User - Terraform user with permissions to create codecommit, codebuild, codepipeline and S3

IAM roles - Codebuild role with permissions , CodePipeline role with permissions

IAM policies - Terraform user policies , Codebuild role policies, CodePipeline role policies, S3 bucket policies,

Cloudwatch logs - Cloudwatch group and stream

Pre-steps ( manual )

  1. create S3 bucket for terraform remote state ( name it iac-state)

  2. create dynamodb table to lock remote state with SSE ( name it iac-state)

Pipeline creation (by script)

  1. create codecommit repo

  2. create s3 buckets for codebuild artifacts & logs with all s3 access permissions to codebuild role ( as principal )

  3. create codebuild role with permissions to create cloudwatch logs group & log stream , permissions to store/retrieve artifacts & logs from s3 buckets and assume entity permissions to codebuild service.

  4. create codebuild project with Linux environment , CodeCommit Repo, S3 for artifacts & logs configurations, and attach codebuild role from step 5.

  5. create s3 bucket for codepipeline artifacts

  6. create codepipline role with permissions to access artifacts bucket , access to codecommit & codebuild and assume entity permissions to codepipeline service.

  7. create codepipeline with codecommit repo & codebuild project configurations , attach codepipeline role from step 8.

steps to run

terrform init -backend-config="dev-backend.conf"
terraform plan -var-file="dev.tfvars"
terrform apply -var-file="dev.tfvars"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages