An easy to understand, opinionated terraform composable set of Stack-composite modules that solves real-world problems βοΈwhile using Stacks.
This repository is a collection (always evolving) of terraform modules that I use in my day-to-day work. It's a collection of modules that I use to solve real-world problems, and I'm sharing them with the community. I hope you find them useful. The collection of modules placed here are stack-composite modules, that implement specific functionality as ready-to-use architectures for common use-cases. Common uses cases refers to:
- Network: VPC, Subnets, NAT Gateways, Internet Gateways, Route Tables, etc.
- Restful services: ALB, on top of an Elastic Container service, with the necessary settings to allow a quick deployment
- etc.
The documentation is automatically generated by terraform-docs, and it's available in the module's README.md file.
| Module | Status | Description |
|---|---|---|
stack-aws-dns-zone-multi-account |
Stable β | A stack-composite module that implements a multi-account DNS zone delegation. |
stack-aws-alb-http |
Stable β | Stack-composite module that implement a common ALB/Ingress architecture, for fronting a backend such as an ECS-based (micro?) service, API or equivalent. |
stack-secrets-manager |
Stable β | Stack-composite that implement a common set of actions on top of an AWS secret, including replication, permissions, etc.. |
stack-auth (cognito) |
Stable β | Stack-composite that implement a full set of capabilities to perform authorization/authentication using Cognito, and SES (for email verification, password recoveryu, etc.). |
Check the example recipes π₯ here
- π¨π»βπ» Add built-in ACM certificates into the stack-alb-http module
The module's relevant components, structure and "skeleton" is described below:
βββ README.md
βββ TaskFile.yml
βββ docs
βΒ Β βββ contribution_guidelines.md
βββ examples
βΒ Β βββ README.md
βΒ Β βββ TaskFile.yml
βΒ Β βββ default
βΒ Β βββ basic
βΒ Β βββ README.md
βΒ Β βββ config
βΒ Β βΒ Β βββ fixtures.tfvars
βΒ Β βββ main.tf
βΒ Β βββ providers.tf
βΒ Β βββ variables.tf
βΒ Β βββ versions.tf
βββ modules
βΒ Β βββ TaskFile.yml
βΒ Β βββ default
βΒ Β βββ README.md
βΒ Β βββ data.tf
βΒ Β βββ locals.tf
βΒ Β βββ main.tf
βΒ Β βββ outputs.tf
βΒ Β βββ variables.tf
βΒ Β βββ versions.tf
βββ pre-commit-config-githubactions.yaml
βββ tests
βββ README.md
βββ TaskFile.yml
βββ default
βββ integration
βΒ Β βββ default_basic_integration_test.go
βΒ Β βββ go.mod
βΒ Β βββ go.sum
βΒ Β βββ target
βΒ Β βββ basic
βΒ Β βββ main.tf
βββ unit
βββ default_basic_unit_test.go
βββ go.mod
βββ go.sum
βββ target
βββ basic
βββ main.tfWhere:
- β‘οΈModules: refers to the actual module's directory. Where the
.tffiles reside. Eachsubdirectoryis a module. - β‘οΈExamples: refers to the examples directory, where the examples recipes lives. These are also used for testing the infrastructure using Terratest. For its specific documentation, query this link
- β‘οΈTests: refers to the tests directory, where the tests recipes lives. These are also used for testing the infrastructure using Terratest. For its specific documentation, query this link
Some tools that this repo uses:
- π§° Terraform β strongly recommended the latest versions
- π§° Go β justified mostly for Terratest
- π§° TaskFile β for the automation of the tasks.
NOTE: For automation during the development process, I use precommit, which is a framework for managing and maintaining multi-language pre-commit hooks. It's a great tool, and I highly recommend it. All the hooks required are installed by this script. It's recommended though to run it through the TaskFile task
pre-commit-init.
To initialize your pre-commit configuration, and ensure all the hooks are installed, run the following command:
task pre-commit-initTo run these hooks against all the files, you can use the following Task command:
task pre-commitFor sure you've seen that in the main Taskfile, there's a task called gen-env-aws. That task aims to generate a proper .env.<env>.aws dotEnv file which is used by the TaskFile.yml tasks. If you have a proper AWS credentials file, you can run the following command:
task gen-env-awsIn simple terms, that tasks (which runs a shell script) scan your pre-existing AWS profiles, and generate the .env.<env>.aws file for you. When it's generated, running a task that wraps a terraform command, will use the generated .env.<env>.aws file to set the proper AWS credentials. For example:
# dev refers to the environment selected, which's how the file is also named. E.g.: env.dev.aws
ENV=dev task module-planRun unit tests (wrapping Terratest):
# If you want to list the available tasks.
task list
# Run the unit tests.
task test-unitRun integration tests β if exists (wrapping Terratest):
# If you want to list the available tasks.
task list
# Run the unit tests.
task test-integrationRun all the configured pre-commit hooks (forcing them to run on all files):
task pre-commitRun a vanilla terraform plan over the example/basic (recipe) example:
# No arguments are required, since it's using its defaults: example as the module's name, and basic as its recipe's name.
task recipe-planSee the detailed documentation here.
This Module follows the principles of Semantic Versioning (SemVer).
Given a version number MAJOR.MINOR.PATCH, we increment the:
MAJORversion when we make incompatible changes,MINORversion when we add functionality in a backwards compatible manner, andPATCHversion when we make backwards compatible bug fixes.
- Backwards compatibility in versions
0.0.zis not guaranteed whenzis increased. (Initial development) - Backwards compatibility in versions
0.y.zis not guaranteed whenyis increased. (Pre-release)
Contributions are always encouraged and welcome! β€οΈ. For the process of accepting changes, please refer to the CONTRIBUTING.md file, and for a more detailed explanation, please refer to this guideline here.
This module is licensed under the Apache License Version 2.0, January 2004. Please see LICENSE for full details.
made/with β€οΈ π€