How to automate one-off AWS resources using Terraform?

0
votes

When using infrastructure as code tools like Terraform to create resources, what are the best practices for creating of one-off creation resources like VPCs and databases via an automated pipeline?

For example, when creating an Lambda function, we need to provide a VPC ID. This VPC ID can only be supplied if the VPC is already created via the Terraform. So should there be 2 different pipelines based on the resource type created? For one-off resources a separate pipeline which will be ideally only run once and another pipeline to create disposable resources?

1
amazon-web-servicesterraformterraform-provider-aws
This VPC ID can only be supplied if the VPC is already created via the Terraform isn't true. You can use data sources to select a pre-existing VPC in your account, regardless of whether Terraform created it (either in the same state file or another) or if you created it outside of Terraform.ydaetskcoR
@Vino, If you liked the answer and it worked for you, kindly approve it and upvote it as well as recommended by Stack Overflow. Thanks.abdullahkhawer

1 Answers

0
votes

If you're talking about general best practices for IaC (Infrastructure as Code), check out the following:

  1. Codify everything.
  2. Document as little as possible.
  3. Maintain version control.
  4. Continuously test, integrate, and deploy.
  5. Make your infrastructure code modular.
  6. Make your infrastructure immutable whenever possible.

I would recommend using AWS CloudFormation as it is free and provides you an interface to manage stacks and get visibility of the resources created. Also, it has the auto-rollback capability on the stack create or update failure.

This VPC ID can only be supplied if the VPC is already created via the Terraform. So should there be 2 different pipelines based on the resource type created?

Not really as you can use the VPC ID as a parameter to your AWS CloudFormation template or Terraform template.

For one-off resources a separate pipeline which will be ideally only run once and another pipeline to create disposable resources?

It is always better to have a separate stack for continuous deployment or disposable resources and a separate stack for one-off resources defining your base infrastructure.