Attach IAM role to AWS EC2 instance using Terraform

I have a fair level of understanding about the relationship between AWS IAM policy, role, user, and group. I have also implemented the concept of assumed-role and the trusted and trusting account association. You can read more about that at -Creating IAM assume-role relationship between two AWS accounts. So, when I heard of EC2s being … Continue reading Attach IAM role to AWS EC2 instance using Terraform

Working with AWS EC2 user data and Terraform

User data is a feature that allows customization of AWS EC2 (virtual machine) when it is created and (if desired) also with each restart after they are provisioned.As we all know, AWS EC2 (virtual machines) is the legacy approach to hosting applications in the world of containers. Last year I attended a webinar sponsored by … Continue reading Working with AWS EC2 user data and Terraform

Strengthen security posture with Terraform and AWS IAM to manage AWS cloud resources

Is Terraform using an AWS IAM administrator user credential to manage AWS resources?

Terraform uses AWS IAM user credentials to manage resources in the AWS cloud. It does so by utilizing the secret key and access key of the IAM user. Hence, Terraform's ability to manage (create/update/delete) resources depend on the permission associated with the AWS IAM user. When I started working with Terraform to manage resources in … Continue reading Strengthen security posture with Terraform and AWS IAM to manage AWS cloud resources

Terraform remote state file as a data source to support a layered IAC approach

A few months back, I came across an interesting concept of deploying infrastructure in a layered fashion, and I wish I had the URL saved to refer to it again. Nevertheless, the gist of the idea was that you could build an application product environment by deploying layer after layer of infrastructure. A layer of … Continue reading Terraform remote state file as a data source to support a layered IAC approach

VPC Peering using Terraform across separate AWS accounts

A few weeks ago, I created a peering relationship between two VPCs that belonged to separate AWS accounts using Terraform. This note captures my learning from that exercise. But before I do so, let me briefly give an overview of VPC peering and then walk through the process of creating one. Per AWS, "Amazon Virtual … Continue reading VPC Peering using Terraform across separate AWS accounts

CI/CD of Terraform workspace with YAML based Azure Pipelines

This note focuses on using Azure DevOps with Terraform workspace to automate the ideas discussed in the previous two notes (i) CI/CD using Terraform and Azure Pipelines -ideation and (ii) Terraform workspace with multiple AWS accounts. If you are new to Azure DevOps, I would suggest you familiarize yourself with either Azure DevOps build and … Continue reading CI/CD of Terraform workspace with YAML based Azure Pipelines

Terraform workspace with multiple AWS accounts

My objectives was to use Terraform to provision resources across environments in the AWS cloud infrastructure. Following a typical CI/CD model, my idea was to build once and deploy multiple. Since there was nothing to build in terraform, I wanted to make sure the same terraform code was applied across all environments. So I thought, … Continue reading Terraform workspace with multiple AWS accounts