61 lines
1.3 KiB
Markdown
61 lines
1.3 KiB
Markdown
# My Personal Terraform Template
|
|
|
|
## Featuring
|
|
|
|
- Terraform without hardcoding
|
|
- [S3 Backend for Terraform State + DynamoDB Locking Table](https://blog.gruntwork.io/how-to-manage-terraform-state-28f5697e68fa) with partial configuration
|
|
- [Hashicorp Vault](https://www.vaultproject.io/) with my [personal deployment](https://git.mattmor.in/Madmin/HC-vault-personal)
|
|
- [Aws-Vault](https://github.com/99designs/aws-vault?tab=readme-ov-file#aws-vault)
|
|
- Multiple examples
|
|
|
|
## How to use
|
|
|
|
1. Template it
|
|
2. Provide S3 Backend Configuration in backend.hcl and input key in providers.tf
|
|
3. Provide Vault Configuration in vault.hcl and input key for [state file isolation](#isolation-of-state) in providers.tf
|
|
4. Configure AWS with:
|
|
|
|
``` bash
|
|
AWS configure sso
|
|
# fill in ~profile
|
|
```
|
|
|
|
``` bash
|
|
aws-vault exec ~profile #duration in providers.tf - 1h or less recommended
|
|
terraform init -backend-config=backend.hcl && terraform plan
|
|
```
|
|
|
|
``` bash
|
|
terraform apply
|
|
```
|
|
|
|
## Isolation of state
|
|
|
|
To isolate within the same configuration, use workspaces. To isolate between configurations, use file layout.
|
|
|
|
### Workspaces
|
|
|
|
to list workspaces:
|
|
|
|
``` bash
|
|
terraform workspace list
|
|
# default at start
|
|
```
|
|
|
|
to create a workspace:
|
|
|
|
``` bash
|
|
terraform workspace new ~workspace
|
|
```
|
|
|
|
to select a workspace:
|
|
|
|
``` bash
|
|
terraform workspace select ~workspace
|
|
```
|
|
|
|
## TODO
|
|
|
|
- Azure support
|
|
- GCP support
|