Infrastructure as Code starter kit

Multi-Cloud Infrastructure as Code boilerplate repository

Motivation

Every time when you start a new IaC project you have to answer a lot of questions - how to organize your code files? how to manage state-files? do I have to run terraform locally or do I need a CI server for that? There are no standardized way to organize your code. This repository serves as a starting point for your Infrastructure as Code based on Terraform and Terragrunt.

No matter what cloud provider you are using Amazon Web Services or Google Cloud Platform, you will keep all of your code files in one place.

In fact this is not a real cloud-agnostic solution, because the code for different cloud providers is various due to different resources and their specifics. Anyway you still be able to use the same syntax, constructions and code style.

Features

• Use with any part of infrastructure
• Cover all the services or only the one
• Easiest way to start your IaC project from scratch
• Create a new AWS or GCP account from template
• Minimum requirements - you only need docker installed on your machine
• CI/CD pipelines
• Multi-account terraform state

Structure

• live configuration files mirroring your live infrastructure
  • live/aws-acme AWS account #1
    • live/aws-acme/global region-independent services
    • live/aws-acme/us-east-1 region specific
  • live/gcp-foobar Google account #1
    • live/gcp-foobar/global region-independent services
    • live/gcp-foobar/us-west1 region specific
• modules community modules, infrastructure micro-modules
  • modules/aws-data example of AWS specific module
  • modules/gcp-data example of Google specific module

Quick start

• Check out the repository
• Configure terragrunt.hcl files for correct settings
• Run once make build to build docker image with required utilities
• Run make plan every time to evaluate terraform intentions

Terraform best practices

• Manipulate state only through Terraform/Terragrunt commands, do not edit JSON directly
• Always set up a shared remote storage
• Use state locking
• Back up your state file
• Use one state per environment
• Host Terraform/Terragrunt scripts in git repository
• Use continuous integration for Terraform code
• Apply Terraform code only through CD pipeline

Makefile options

• make newaws <account-name>. Creating a new account dir with AWS-specific setting
• make newgcp <account-name>. Creating a new account dir with Google-specific settings
• make newmod <module-name>. Creating a new infra-module directory

Feedback

Suggestions and improvements