Stack Overflow
Stack Overflow

Questions tagged [infrastructure-as-code]

Infrastructure as Code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.

A typical tool for IaC is terraform which allows you to define a set of source files in a declarative manner ( you define the desired end state and the system alters itself to mirror what you declare ) to build virtual resources in some cloud provider ( hetzner, azure, google cloud,aws )

You can use IaC to dynamically create, modify or destroy virtual machines, database servers, networks together with all the necessary DevOps related definitions to manage DNS, TLS, firewalls, load balancers, api gateways, reverse proxies etc. This allows software engineers to synthesize a compute platform where they can execute their application code.

449 questions
30
votes
7 answers

How to give a .tf file as input in Terraform Apply command?

I'm a beginner in Terraform. I have a directory which contains 2 .tf files. Now I want to run Terraform Apply on a selected .tf file & neglect the other one. Can I do that? If yes, how? If no, why & what is the best practice?
Ajinkya Bapat
  • 619
  • 1
  • 10
  • 26
28
votes
5 answers

AWS CDK VS SDK for IaC

I recently started working with AWS and IaC, I'm using Cloudformation to provision my AWS resources, but I discovered that AWS provide both a SDK and a CDK to enable you to provision resources programmatically instead of plain json/yaml. But based…
dev.tom
  • 489
  • 2
  • 5
  • 16
23
votes
3 answers

Error deleting Target Group: ResourceInUse when changing target ports in AWS through Terraform

I am currently working through the beta book "Terraform Up & Running, 2nd Edition". In chapter 2, I created an auto scaling group and a load balancer in AWS. Now I made my backend server HTTP ports configurable. By default they listen on port…
aef
  • 4,498
  • 7
  • 26
  • 44
16
votes
3 answers

CloudFormation Resource Creation if not exist

I want to create Route53 HostedZone with CloudFormation so I want to check some information in Route53 about HostedZone is exist. In logic of my case I need check if resource is exist, ignore the resource creation. How I can handle this problem. My…
ColossusMark1
  • 1,189
  • 4
  • 14
  • 27
12
votes
1 answer

terraform resource creation - this keyword

I came across a pattern in couple of terraform code in Github. resource "aws_vpc" "this" I wanted to know how keyword this provides a particular advantage over a named resource. I can't find a Hashicorp documentation on this…
cs1193
  • 1,090
  • 1
  • 16
  • 28
11
votes
6 answers

How to enable CORS with AWS SAM

I'm trying to enable CORS in my AWS SAM app. Here is the snippet from my template.yaml: Globals: Api: Cors: AllowMethods: "'*'" AllowHeaders: "'*'" AllowOrigin: "'*'" Resources: MyApi: Type: AWS::Serverless::Api …
Jan
  • 453
  • 1
  • 5
  • 13
11
votes
3 answers

How do you dynamically create an AWS IAM policy document with a variable number of resource blocks using terraform?

In my current terraform configuration I am using a static JSON file and importing into terraform using the file function to create an AWS IAM policy. Terraform code: resource "aws_iam_policy" "example" { policy = "${file("policy.json")}" } AWS…
andrew citera
  • 385
  • 1
  • 2
  • 7
10
votes
3 answers

How to use multiple AWS account to isolate terraform state between environment

How can I do to use s3 backend that points to a different AWS account? In other words, I would like to have something like that: Dev environment state on an S3 bucket in AWS account A Stage environment state on another S3 bucket on AWS account…
sergioska
  • 325
  • 5
  • 18
10
votes
4 answers

AWS CDK multiple Apps

Would it be possible to have two CDK Apps in the same project, something like this: from aws_cdk import core from stack1 import Stack1 from stack2 import Stack2 app1 = core.App() Stack1(app1, "CDK1") app1.synth() app2 = core.App() Stack2(app2,…
Laimonas Sutkus
  • 3,247
  • 2
  • 26
  • 47
10
votes
4 answers

AWS RDS IAM Authentication with Terraform

I am trying to set up my infrastructure properly with no passwords or keys laying around. AWS RDS has an option to do so, by enabling users(applications) to authenticate with generated tokens. However, in the documentation, one of the steps(this…
blahblah
  • 1,161
  • 2
  • 14
  • 30
10
votes
1 answer

AWS and Terraform - Default egress rule in security group

There is a repeatable configuration that I see in many Terraform projects where the provider is AWS: The configuration of an outbound (egress) rule to allow ALL outbound traffic. As far as I understand, this is the default behavior in AWS as…
Rot-man
  • 18,045
  • 12
  • 118
  • 124
9
votes
3 answers

Should the infrastructure code be stored in the same repository as the application code?

I am setting up an infrastructure to support a WebApp. One of my repositories have all the Network Infrastructure (VPC, Subnets, NAT, Bastion and so on). The WebApp has a Route 53 + ALB + AutoScalling Group + EC2 Instances. All of them were coded in…
p.magalhaes
  • 7,595
  • 10
  • 53
  • 108
9
votes
2 answers

Export existing AWS CloudWatch alarms to CloudFormation template

How to export existing, configured and tested AWS CloudWatch alarms to Cloudformation template? I know about CloudFormer tool, but it supports limited number of AWS services (Amazon VPC, DynamoDB, etc) and don't supports some of services which we…
Hleb
  • 7,037
  • 12
  • 58
  • 117
9
votes
1 answer

How to Attach Custom GCP Role to a GCP Service Account Using Terraform

I have created a service account and a custom role in GCP using Terraform. How do I attach this custom role to the service account? I could do this using GCP Console but that is not the need here as I have to do it using Terraform. Please find…
R Thottuvaikkatumana
  • 173
  • 2
  • 7
8
votes
5 answers

ARM Template - auto approval of managed private endpoint

I am developing an ARM template for Azure Data Factory with managed private endpoints to SQL Server and Azure Datalake. However, when the ARM template completes execution, the managed private endpoints are in "Pending" state. How can I provision the…
Sormita Chakraborty
  • 1,015
  • 2
  • 19
  • 36
1
2 3
29 30