The Terraform that makes up this service is designed to be comprehensive and fully automated.
The development flow is to run the Terraform from your own machine locally.
Once the changes have been tested, you can merge changes to the main branch,
where they will be automatically deployed through each of the various environments.
Each environment is implemented using a separate AWS account, these are:
- Development
- Pre-production
- Production
When running Terraform locally, infrastructure will be created in the AWS Development environment. Terraform is able to namespace your infrastructure by using workspaces. Naming is managed through the label module in Terraform. The combination of these two tools will prevent name clashes with other developers, infrastructure and environments, allowing development in isolation.
To start developing on this service, follow the guidance below:
Terraform is run locally in a similar way to how it is run on the build pipelines.
It assumes an IAM role defined in the Shared Services, and targets the AWS account to gain access to the Development environment.
This is done in the Terraform AWS provider with the assume_role configuration.
Authentication is made with the Shared Services AWS account, which then assumes the role into the target environment.
Assuming you have been granted necessary access permissions to the Shared Service Account, please follow the NVVS DevOps best practices provided step-by-step guide to configure your AWS Vault and AWS Cli with AWS SSO.
Run the following command, enter your AWS-VAULT password when requested. The script will default to the development environment and write out a .env file.
This file is used by the Makefile to source the TF_VARS required.
export AWS_PROFILE=mojo-shared-services-cli
./scripts/generate-env-file.sh| 🔔 HELP |
|---|
| See Create Terraform workspace section to find out how to create a terraform workspace! |
make initIf you do not have a Terraform workspace created already, use the command below to create a new workspace.
AWS_PROFILE=mojo-shared-services-cli terraform workspace new "YOUR_UNIQUE_WORKSPACE_NAME"This should create a new workspace and select that new workspace at the same time.
If you already have a workspace created use the command below to select the right workspace before continue.
AWS_PROFILE=mojo-shared-services-cli terraform workspace listmake workspace-select "YOUR_WORKSPACE_NAME"
make applyThis should create your own Network Services infra in a separate VPC in Development AWS Account.
| 💥 REMEMBER |
|---|
| To destroy your dev AWS infrastructure, when no longer needed! |
Use the following command to destroy the infrastructure:
make destroy