aws-service-catalog-terraform-reference-architecture | Apply Terraform configurations using CloudFormation | Infrastructure Automation library

 by   aws-samples Java Version: 0.1 License: Apache-2.0

kandi X-RAY | aws-service-catalog-terraform-reference-architecture Summary

kandi X-RAY | aws-service-catalog-terraform-reference-architecture Summary

aws-service-catalog-terraform-reference-architecture is a Java library typically used in Devops, Infrastructure Automation, Terraform applications. aws-service-catalog-terraform-reference-architecture has no vulnerabilities, it has a Permissive License and it has low support. However aws-service-catalog-terraform-reference-architecture has 2 bugs and it build file is not available. You can download it from GitHub.

This solution requires that a Terraform server be deployed and available. You can use an existing Terraform server, or you can deploy a new Terraform server using the supplied CloudFormation templates. The supplied CloudFormation templates will create a new Amazon Elastic Compute Cloud (Amazon EC2) instance and install Terraform. You can use one Terraform server to target resources across multiple AWS accounts. For the purposes of this paper, we will name the AWS account where the Terraform server resides the “hub account”. Accounts that send requests to the server and contain the provisioned resource will be called “spoke accounts”. For the Terraform server to operate, you must create AWS Identity and Access Management (IAM) roles in each of the spoke accounts and create an AWS Lambda launch function in each desired region of each spoke account. For example, a deployment for 3 accounts that each use us-east-1 and us-east-2 regions will result in 1 Terraform server account, 3 spoke account roles, and 6 Lambda launch functions. The hub account and region containing the Terraform server may also be a spoke account, in which case you must also deploy the IAM role and Lambda launch functions in the hub account and region. The key to the solution is a CloudFormation template that acts as a proxy to Terraform. The CloudFormation template uses a custom resource, implemented via an AWS Lambda function to call the Terraform APIs. The CloudFormation template can then be customized to capture specific parameters and used to create an AWS Service Catalog product. The Terraform files are placed in an Amazon Simple Storage Service (Amazon S3) bucket that can be accessed from AWS Service Catalog in each of the spoke accounts. See the following figure. Once the solution is deployed, end users in each spoke account can launch AWS Service Catalog products. Information about which Terraform file to use, input parameters, and an IAM permission role is passed to the Terraform server from the CloudFormation template. The Terraform server uses this information to manage AWS resources in the originating spoke account. The outputs of the Terraform server are stored in the Amazon S3 Output State Files bucket. The end user has access to this bucket via the AWS Service Catalog GUI or API.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              aws-service-catalog-terraform-reference-architecture has a low active ecosystem.
              It has 135 star(s) with 67 fork(s). There are 16 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 8 open issues and 11 have been closed. On average issues are closed in 30 days. There are 3 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of aws-service-catalog-terraform-reference-architecture is 0.1

            kandi-Quality Quality

              aws-service-catalog-terraform-reference-architecture has 2 bugs (0 blocker, 0 critical, 2 major, 0 minor) and 73 code smells.

            kandi-Security Security

              aws-service-catalog-terraform-reference-architecture has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              aws-service-catalog-terraform-reference-architecture code analysis shows 0 unresolved vulnerabilities.
              There are 17 security hotspots that need review.

            kandi-License License

              aws-service-catalog-terraform-reference-architecture is licensed under the Apache-2.0 License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              aws-service-catalog-terraform-reference-architecture releases are available to install and integrate.
              aws-service-catalog-terraform-reference-architecture has no build file. You will be need to create the build yourself to build the component from source.
              Installation instructions, examples and code snippets are available.
              aws-service-catalog-terraform-reference-architecture saves you 777 person hours of effort in developing the same functionality from scratch.
              It has 2121 lines of code, 110 functions and 41 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed aws-service-catalog-terraform-reference-architecture and discovered the below as its top functions. This is intended to give you an instant insight into aws-service-catalog-terraform-reference-architecture implemented functionality, and help decide if they suit your requirements.
            • Handle incoming request
            • Sends the command to the ExecutionScript
            • Sends a HTTP response to the given URL
            • Gets the instance ID
            • Returns region of given ARN
            • Returns a relative ID from an ARN
            Get all kandi verified functions for this library.

            aws-service-catalog-terraform-reference-architecture Key Features

            No Key Features are available at this moment for aws-service-catalog-terraform-reference-architecture.

            aws-service-catalog-terraform-reference-architecture Examples and Code Snippets

            No Code Snippets are available at this moment for aws-service-catalog-terraform-reference-architecture.

            Community Discussions

            QUESTION

            Create CloudFormation Yaml from existing RDS DB instance (Aurora PostgreSQL)
            Asked 2020-Jun-05 at 00:59

            I have an RDS DB instance (Aurora PostgreSQL) setup in my AWS account. This was created manually using AWS Console. I now want to create CloudFormation template Yaml for that DB, which I can use to create the DB later if needed. That will also help me replicate the DB in another environment. I would also use that as part of my Infrastructure automation.

            ...

            ANSWER

            Answered 2020-Jun-05 at 00:59

            Unfortunately, there is no such functionality provided by AWS.

            However, you mean hear about two options that people could wrongfully recommend.

            CloudFormer

            CloudFormer is a template creation beta tool that creates an AWS CloudFormation template from existing AWS resources in your account. You select any supported AWS resources that are running in your account, and CloudFormer creates a template in an Amazon S3 bucket.

            Although it sounds good, the tool is no longer maintained and its not reliable (for years in beta).

            Importing Existing Resources Into a Stack

            Often people mistakenly think that this "generates yaml" for you from existing resources. The truth is that it does not generate template files for you. You have to write your own template which matches your resource exactly, before you can import any resource under control to CloudFormation stack.

            Your only options is to manually write the template for the RDS and import it, or look for an external tools that could reverse-engineer yaml templates from existing resources.

            Source https://stackoverflow.com/questions/62206364

            QUESTION

            Azure DevOps CI with Web Apps for Containers
            Asked 2020-Mar-16 at 08:59

            I'm struggling to set up a CI process for a web application in Azure. I'm used to deploying built code directly into Web Apps in Azure but decided to use docker this time.

            In the build pipeline, I build the docker images and push them to an Azure Container Registry, tagged with the latest build number. In the release pipeline (which has DEV, TEST and PROD), I need to deploy those images to the Web Apps of each environment. There are 2 relevant tasks available in Azure releases: "Azure App Service deploy" and "Azure Web App for Containers". Neither of these allow the image source for the Web App to be set to Azure Conntainer Registry. Instead they take custom registry/repository names and set the image source in the Web App to Private Registry, which then requires login and password. I'm also deploying all Azure resources using ARM templates so I don't like the idea of configuring credentials when the 2 resources (the Registry and the Web App) are integrated already. Ideally, I would be able to set the Web App to use the repository and tag in Azure Container Registry that I specify in the release. I even tried to manually configure the Web Apps first with specific repositories and tags, and then tried to change the tags used by the Web Apps with the release (with the tasks I mentioned) but it didn't work. The tags stay the same.

            Another option I considered was to configure all Web Apps to specific and permanent repositories and tags (e.g. "dev-latest") from the start (which doesn't fit well with ARM deployments since the containers need to exist in the Registry before the Web Apps can be configured so my infrastructure automation is incomplete), enable "Continuous Deployment" in the Web Apps and then tag the latest pushed repositories accordingly in the release so they would be picked up by Web Apps. I could not find a reasoble way to add tags to existing repositories in the Registry.

            What is Azure best practice for CI with containerised web apps? How do people actually build their containers and then deploy them to each environment?

            ...

            ANSWER

            Answered 2020-Mar-16 at 08:59

            Just set up a CI pipeline for building an image and pushing it to a container registry.

            You could then use both Azure App Service deploy and Azure Web App for Containers task to handle the deploy.

            The Azure WebApp Container task similar to other built-in Azure tasks, requires an Azure service connection as an input. The Azure service connection stores the credentials to connect from Azure Pipelines or Azure DevOps Server to Azure.

            I'm also deploying all Azure resources using ARM templates so I don't like the idea of configuring credentials when the 2 resources (the Registry and the Web App)

            You could also be able to Deploy Azure Web App for Containers with ARM and Azure DevOps.

            How do people actually build their containers and then deploy them to each environment?

            Kindly take a look at below blogs and official doc which may be helpful:

            Source https://stackoverflow.com/questions/60693622

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install aws-service-catalog-terraform-reference-architecture

            Copy the Service Catalog Terraform components to a S3 bucket to be launched from CloudFormation. It is assumed that the user has Administerative privileges in IAM for S3, CloudFormation, EC2, VPC, Lambda, and Service Catalog. There are two methods for copying files to S3. The aws-service-catalog-terraform-reference-architecture folder is created. Note [YOUR-ACCOUNT-ID] NO DASHES. The aws-service-catalog-terraform-reference-architecture folder is created. To view the contents. Note [YOUR-ACCOUNT-ID] NO DASHES. AWS CLI Install Instructions.
            AWS S3 Console
            AWS Command Line Interface (CLI)
            Choose the Clone or download button
            Choose Download ZIP
            Unzip the file into a folder
            Open file Explorer to the top directory of your local git repo Leave it open, we will use it in a moment
            Sign in to the AWS Console and navigate to the S3 console. https://s3.console.aws.amazon.com/s3/home
            Choose the Create bucket button. Use the default settings for creating this bucket. See step 6 in the linked instructions concerning default S3 permissions.
            Enter scterraform-[YOUR-ACCOUNT-ID] for the Bucket Name
            Verify the region.
            Choose Next
            On the Properties page choose Next
            On the Set permissions page choose Next
            On the Review page choose Create Bucket
            Choose the scterraform-[YOUR-ACCOUNT-ID]
            Choose the Upload button
            Use the file explorer opened earlier to drag over the following folders
            TerraformScripts
            TerraformCustomResourceHandler
            Choose Upload
            Clone the repository to your local computer
            Create a S3 bucket to host the installation content aws s3 mb s3://scterraform-[YOUR-ACCOUNT-ID]
            Copy the following files to the bucket maintaining the file structure: aws s3 sync ./TerraformCustomResourceHandler/bin/ s3://scterraform-[YOUR-ACCOUNT-ID]/TerraformCustomResourceHandler/bin/ aws s3 sync ./ServiceCatalogSamples/ s3://scterraform-[YOUR-ACCOUNT-ID]/TerraformCustomResourceHandler/bin/ aws s3 sync ./TerraformScripts/ s3://scterraform-[YOUR-ACCOUNT-ID]/TerraformScripts/
            For each spoke account, you’ll need to enable communication with the hub account by creating an executing role with a trust relationship back to the hub account. Then, create a Lambda launch function in each desired region within the spoke account. Finally, add each spoke account to the SNS topic that queues requests for the spoke account. The supplied CloudFormation stacks will provision these roles and Lambda functions.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/aws-samples/aws-service-catalog-terraform-reference-architecture.git

          • CLI

            gh repo clone aws-samples/aws-service-catalog-terraform-reference-architecture

          • sshUrl

            git@github.com:aws-samples/aws-service-catalog-terraform-reference-architecture.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Consider Popular Infrastructure Automation Libraries

            terraform

            by hashicorp

            salt

            by saltstack

            pulumi

            by pulumi

            terraformer

            by GoogleCloudPlatform

            Try Top Libraries by aws-samples

            aws-cdk-examples

            by aws-samplesPython

            aws-serverless-workshops

            by aws-samplesJavaScript

            aws-workshop-for-kubernetes

            by aws-samplesShell

            aws-serverless-airline-booking

            by aws-samplesJavaScript