Recently, there is an initiative to tighten up security control on terraform deployment. In this post, I will demo how to use provider alias and tell terraform to switch role for resource management
Tag: terraform
jq transformation
I was working on a terraform module that creates cloudwatch alarms. AWS uniquely identifies metric with dimensions. All dimensions must be supplied to select the metric. In this case, the dimension comes from CWAgent and terraform external data source is used to obtain the dimension. A bit of jq work is needed to transform the…
Terraform module: Delete default VPCs
Terraform itself does not have the capability to delete default VPCs. In this example, I will use terraform and a shell script to perform the deletion.
Create security groups with terraform using a map
If you have 10s of security group rules, it’s not effective to use aws_security_group_rule directly. Here I use a map and feed it to a module.
Terraform conditional resource and blocks
In this example, I will first demonstrate how to conditionally create a terraform resource. Then how to add a configuration block inside a resource conditionally.
Using list and lookup in terraform HCL
Terraform delivers consistent build and save a lot of time from clicking and scrolling. But when the resources, in this case ec2 resources are slightly different, it may be necessary to create a tf config for every instance. That defeats the purpose of automation. By storing the differences in a list and use the lookup…