Create an Amazon EC2 instance with Session Manager access using Terraform

August 27, 2023December 10, 2023 ~ sourav kundu ~ 7 Comments

Sometimes, connecting an EC2 instance after provisioning is necessary to verify whether the user-data script ran successfully, review if something is passing/failing, etc. As of August 2023, there are four ways of connecting to an Amazon EC2 instance running on Linux from the AWS console -EC2 Instance Connect, Session Manager, SSH client, and EC2 serial … Continue reading Create an Amazon EC2 instance with Session Manager access using Terraform

Deploy Across AWS Accounts Like a Pro: Terragrunt, Terraform, and GitHub Actions

August 17, 2023August 17, 2023 ~ sourav kundu ~ Leave a comment

In the past, I've written a note explaining the process of deploying the Terraform IaC configuration into an AWS account using GitHub Actions. In this note, I extend that functionality and deploy the same Terraform IaC configuration across multiple AWS accounts using Terragrunt and GitHub Actions. Before we delve deeper, let me briefly explain the … Continue reading Deploy Across AWS Accounts Like a Pro: Terragrunt, Terraform, and GitHub Actions

Attach IAM role to Amazon EC2 instance using Terraform

November 16, 2021December 5, 2023 ~ sourav kundu ~ 9 Comments

I have a reasonable level of understanding of the relationship between AWS Identity and Access Management (IAM) policy, role, user, and group. I have also implemented the concept of assumed-role and the trusted and trusting account association. You can read more about that at -Creating IAM assume-role relationship between two AWS accounts. So, when I … Continue reading Attach IAM role to Amazon EC2 instance using Terraform

Strengthen security posture with Terraform and AWS IAM to manage AWS cloud resources

Is Terraform using an AWS IAM administrator user credential to manage AWS resources?

September 26, 2021March 13, 2023 ~ sourav kundu ~ Leave a comment

Terraform uses AWS IAM user credentials to manage resources in the AWS cloud. It does so by utilizing the secret key and access key of the IAM user. Hence, Terraform's ability to manage (create/update/delete) resources depend on the permission associated with the AWS IAM user. When I started working with Terraform to manage resources in … Continue reading Strengthen security posture with Terraform and AWS IAM to manage AWS cloud resources

Terraform remote state file as a data source to support a layered IAC approach

September 14, 2021March 13, 2023 ~ sourav kundu ~ 1 Comment

A few months back, I came across an interesting concept of deploying infrastructure in a layered fashion, and I wish I had the URL saved to refer to it again. Nevertheless, the gist of the idea was that you could build an application product environment by deploying layer after layer of infrastructure. A layer of … Continue reading Terraform remote state file as a data source to support a layered IAC approach

Creating IAM assume-role relationship between two AWS accounts

June 5, 2021March 13, 2023 ~ sourav kundu ~ 3 Comments

In this post, I discuss step by step using AWS CLI how to create a trust relationship between a user in the Trusted account and a role in the Trusting account. The idea is, in the end, we will have the credentials of a user in the Trusted AWS account that can manage resources in … Continue reading Creating IAM assume-role relationship between two AWS accounts

Create Terraform pre-requisites for AWS using AWS CLI in 3 easy steps

April 3, 2021March 13, 2023 ~ sourav kundu ~ 2 Comments

Generally speaking, when we work with Terraform to provision resources in AWS Cloud, we have a few pre-requisites. These are -a remote backend to store the Terraform state file, a lock table, and IAM user credentials that Terraform will require to provision the resources. I say "generally speaking" because you can get away with the … Continue reading Create Terraform pre-requisites for AWS using AWS CLI in 3 easy steps

Authenticating Terraform to AWS using IAM user

November 4, 2020March 8, 2023 ~ sourav kundu ~ Leave a comment

In my previous note, I mentioned the steps to authenticate Azure. In this note, I'll list the steps to authenticate to AWS. The approach will be pretty similar -we create an IAM user with appropriate policies, create/update terraform configuration files, and run the configuration files. Step 1: Create an IAM user To work with resources … Continue reading Authenticating Terraform to AWS using IAM user

AWS identity and access management

March 26, 2020September 14, 2020 ~ sourav kundu ~ Leave a comment

AWS IAM -this is where it all begins