Clever Geek Handbook

Terraform on AWS: Multiple Accounts and Other Tricks







Terraform HashiCorp, , Terraform Amazon Web Services ( — - DevOps). , AWS , , .







AWS?



. — . , , , , .







, AWS IAM. AWS .







- AWS, . — AWS , . , AWS Organizations . AWS AWS Control Tower .









, AWS, , , , .







, IAM . , . , AWS , . , IAM, . DevOps , , .







(IaC) — , Terraform. IaC AWS. Terraform , AWS .











, Terraform . , .







AWS , AWS API. , / AWS, Terraform . Terraform:







provider “aws” {

region = “us-east-1”

}


, assume_role



, :







provider “aws” {
  region = “us-east-1”
  assume_role {
    role_arn = “arn:aws:iam::123456789012:role/iac”
  }
}


, IAM , Terraform. AWS . .









: , AWS. IAM AWS, , . :









. 1. AWS







, IAM. , . 333333333333 222222222222, 333333333333. 222222222222 333333333333, , .







Terraform





, Terraform — continuous deployment (CD). :







  • , , , Terraform , .
  • , continuous deployment, .
  • IAM, Terraform, . , CD.
  • , Terraform , , .
  • , .


. VPC, , Transit Gateways, VPN, RDS . , , , .







, , . EC2, , ECS EKS. ( ) CD , . Terraform , , . Terraform .







— Kubernetes, , Kubernetes CD.









Terraform IaC . module:







provider “aws” {

region = “us-east-1”

}

module “mymodule” {

source = “./modules/my_module”

variable1 = “value1”

variable2 = “value2”

}


Terraform , Terraform . , , .







Terraform DRY (Don’t Repeat Yourself — ). ( ), .









— , , . . , , , ( : « , »).







Terraform , , (, ). , , - . , .







— , , . Terragrunt ( ).









( ) AWS, , , Terraform . , Terraform , .







Terraform DRY.







More articles:


All Articles