This repository manage the following infrastructure on AWS:
- Build VPC / subnets on single or multi-region
- Build a Nat Gateway or HA-Nat Gateway
- Build a Bastion EC2 with packer
- Build a complete EKS
- Build a Vault on EC2.
- terraform
- jq
- git
- curl
- helm
- terraform-docs
- tfenv
- python3
- uv
Read the documentation.
Define your current version of Terraform in ./.terraform-version And use the following command to uniformize the terraform version for all existing services.
task init:tf:checkWe use here the go-task for wrap all commands (terraform, jq, helm, and scripts) A global file at the root of the project : ./TaskFile.yml All tasks are defined in the subfolder: _tools/taskfiles/*.yml.
- create a new key pair on AWS Console and use 'iac-aws-key' like key name
Host : bastion.qa.<project_name>.domain.com Username : admin
_tools
├── ansible
│ ├── playbooks
│ │ ├── group_vars
│ │ └── inventory
│ └── roles
├── packer
│ ├── scripts
│ └── templates
├── scripts
└── terraform
└── modules
└── terraform-aws-vpcvpc
├── qa
│ ├── eu-west-1
│ │ ├── override.tf
│ │ ├── Makefile
│ │ ├── terraform.auto.tfvars
│ └── us-east-1
│ ├── override.tf
│ ├── Makefile
│ ├── terraform.auto.tfvars
└── _terraform
├── outputs.tf
├── main.tf
├── variables.tf
├── backend.tf
├── remote-states.tf
└── provider.tfFor some services, inside packer folder, you can build AMIs from different ISO based OS (Debian / CentOS).
# Validate or inspect
./packer.sh validate
./pacher.sh inspect
# With argument, we build a AMI on AWS
./packer.sh <-debug>
# With argument -local
./pacher.sh -local <qemu> -debug
```shell
Provisioning is done with Ansible.At first for using a new service, we need to initialise terraform, to generate needed links for terraform then use :
make initafter that, you can launch a plan
make plan
make apply
# or make apply-force