1. Infrastructure as Code with
Terraform

2. What is the AWS Web Console for?
● Having a look at the state of my
infrastructure?

3. What is the AWS Web Console for?
● Having a look at the state of my
infrastructure?
✔

4. What is the AWS Web Console for?
● Having a play with new AWS features?

5. What is the AWS Web Console for?
● Having a play with new AWS features?
✔

6. What is the AWS Web Console for?
● Building resources to be used in production
environments?

7. What is the AWS Web Console for?
● Building resources to be used in production
environments?
✘

8. What is the AWS Web Console for?
● Building resources to be used in test
environments?

9. What is the AWS Web Console for?
● Building resources to be used in test
environments?
✘

10. Production Infrastructure
● Documented
● Tested
● Repeatable

11. Infrastructure as Code
● Build multiple copies of your environment
○ Dev
○ Test
○ UAT
○ Staging
○ Production
● Ensure changes have been tested before
being applied

12. Infrastructure as Code
● git provides complete, contextualised
configuration history
● git provides an audit trail

13. Terraform
● Specify infrastructure using a
declarative language
● Open Source (golang)
● Supports multiple IaaS/PaaS platforms*
*Does not provide an abstraction layer

14. Alternatives: CloudFormation
● Official AWS product
● … but support for new features often lags by
weeks or even months
● Has no mechanism for coping with external
change or even detecting it
● No ‘dry-run’ mode

15. Alternatives: Puppet/Chef/Ansible
● Use your existing configuration management
to build infrastructure
● Works well for simple environments
● Single process - makes building very slow
● Round peg / Square hole?

16. Terraform
● Quick
● plan mode to show the changes that will be
made
● graph mode to visualise infrastructure

17. Terraform: Modules
● Re-use code
● Speed up development
https://github.com/terraform-community-modules

18. Let’s Build Something!
module "vpc" {
source = "github.com/terraform-community-modules/tf_aws_vpc"
name = "awsugn"
cidr = "10.0.0.0/16"
private_subnets = "10.0.1.0/24,10.0.2.0/24,10.0.3.0/24"
public_subnets = "10.0.101.0/24,10.0.102.0/24,10.0.103.0/24"
azs = "eu-west-1a,eu-west-1b,eu-west-1c"
}

19. Add a security group
module "sg_web" {
source = "github.com/terraform-community-
modules/tf_aws_sg//sg_web"
vpc_id = "${module.vpc.vpc_id}"
security_group_name = "awsugn-web"
aws_access_key = "${var.aws_access_key}"
aws_secret_key = "${var.aws_secret_key}"
aws_region = "${var.aws_region}"
source_cidr_block = "0.0.0.0/0"
}

20. Add an instance
resource "aws_instance" "awsugn-web" {
instance_type = "t2.micro"
ami = "ami-51345f26"
subnet_id = "${element(split(",",module.vpc.public_subnets),0)}"
vpc_security_group_ids = ["${module.sg_web.
security_group_id_web}"]
tags {
Name = "awsugn-web"
}
}

21. @bashtoni / @bashtonltd
www.bashton.com/jobs/