其他分享
首页 > 其他分享> > [Cloud Architect] 8. Infrastructure as Code

[Cloud Architect] 8. Infrastructure as Code

作者:互联网

Intro to IaC

Key Points

Additional Reading

Learn more about CloudFormation:

 

Create an RDS by Using AWS CLI

You will need to consult the AWS CLI Command Reference for RDS to determine the CLI commands you will need to use to create and delete a database with these parameters:

aws rds create-db-instance \
    --allocated-storage 20 --db-instance-class db.t2.micro \
    --db-instance-identifier myinstancename \
    --engine postgres \
    --master-username myname \
    --master-user-password secret99 --no-publicly-accessible

on't forget to return to the CLI to delete your database!

aws rds  delete-db-instance \
     --db-instance-identifier myinstancename \
     --skip-final-snapshot

 

What is Terraform?

Key Points

 

Additional Reading

Learn more about Terraform here:

 

Terraform Files and Hashicorp Configuration Language

Key Points

To get help or view information about a specific command, pass the -h flag after the command. For example, to learn more about the ‘show’ command, type:

terraform show -h

 

Demo Code

Try it out with a simple terraform file like the example shown below. Name the file terraform.tf and run it from a working directory in your terraform root folder.

provider "aws" {
  access_key = "<Your Access Key>"
  secret_key = "<Your Secret Key>"
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami = "ami-0742b4e673072066f"
  instance_type = "t2.micro"
}

Run terraform initterraform planterraform apply, and terraform destroy and observe the results in the AWS EC2 Management console.

 

Additional Reading

Read more about Terraform here:

 

Variables in Terraform

Key Points

Terraform Modules

Using Terraform to Create AWS Infrastructure

Key Points

https://www.cnblogs.com/Answer1215/p/15350900.html

 

Additional Reading

Learn more about Terraform Modules

TFState FIle Management with Terraform

 

Using AWS S3

If you are already using Terraform with AWS, your best bet would be to use AWS S3 as your remote backend.

https://www.cnblogs.com/Answer1215/p/15350921.html

Additional Reading

Read more about Terraform State

 

TF Best Practices

What do you think is the worst thing that can happen if Terraform isn’t implemented correctly?

 

In my opinion, the #1 worst thing that can happen is having your secrets accidentally exposed in your tfstate file or even worse your AWS config file in a public repo. Even though you are learners, you should start implementing the best practice of strong single-use passwords and multi-factor authentication. Once someone with bad intentions has your password, they will be off to the races trying to use it to get into other parts of your infrastructure.

 

AWS does scan public repos for secrets and notifies users when they have made such a mistake, but by that time, anything could have happened, and by anything, I mean a person may have provisioned quantum computers to mine bitcoin on your AWS account. Which brings me to another reminder to always set a billing alarm when you create an AWS account!

Key Points

 

More Best Practies

 

Tips & Tricks

Additional Reading

Please follow the links below to learn more about Terraform. Terraform is the industry-leading IaC tool, and learning more about how to manage infrastructure using Terraform will be great for your cloud architecture career.

标签:code,Infrastructure,terraform,AWS,Terraform,Code,Architect,file,your
来源: https://www.cnblogs.com/Answer1215/p/15338777.html