Hello, Could you tell me please, how are you deploy services to the AWS? Just describe by Terraform the infrastructure in a separate repository?
Or describe the service in Terraform and put terraform code in the repository of the service?
@evgmoskalenko usually #1 - describe infrastructure in a separate repo. We do multi-account setup, one AWS account per environment (prod, staging, dev, testing etc.). Each environment/account is represented by a GitHub repo, which usually provides all the variables (from Dockerfile, ENV vars, TF vars, etc.)
take a look here:
Get up and running quickly with one of our reference architecture using our fully automated cold-start process. - cloudposse/reference-architectures
All TF code is in one central catalog that is reused across all repos https://github.com/cloudposse/terraform-root-modules
Example Terraform service catalog of “root module” blueprints for provisioning reference architectures - cloudposse/terraform-root-modules
NCC Group researcher finds security flaws impacting more than 100 Jenkins plugins.
What is the go-to or standard approach to SDLC for infrastructure code?
Anyone got some articles/docs? I’m also wondering what CloudPosse uses and suggests.
@cabrinha i don’t have it written down, but have lots and lots to say about it
if you want to join this wednesday office hours at 11:30 am
i’ll try to make it to that, let me know if you throw a blog post out there in the meantime