IAM requirements differ between project to project. Depending on the complexity, we could create the IAM resources with Terraform in the relevant layer. However, having the IAM resources dynamically create within its own module, or even combining them with their resource counterparts, gives us great power. Combining the IAM instance profile/role within an ASG module …
WordPress is used by over 60 million users, it has powerful features and runs various workloads across the planet. We wanted to run WordPress on ECS as efficiently as possible, this post covers how we attempted that. We’ll also dive into how to customise the example solution to fit your requirements. Why ECS? ECS is …
When leveraging Cloudflare to help protect your site from malicious actors you’ll need to allow Cloudflare to send visitor requests to your origin. This is achieved by allowing Cloudflare IP addresses. This can be done at the time you deploy your infrastructure. However, unless you are deploying frequently the IP list will soon be outdated …
By leveraging the Cloudflare Terraform provider you can manage your Cloudflare resources using the same refined processes and pipelines you already have in place for your cloud infrastructure. Configuration kept in version control reaps various benefits, such as auditable changes and ease of rollback when issues occur. It’s clear to see why when managing vital …
You can protect load balancers from unwanted traffic in various ways. You can achieve this by using feature rich third party products such as Cloudflare & Incapsula. Or depending on the use case, you can also leverage native AWS services. In this post, I’ll be focusing on using ALB with WAF & Cloudfront. I’ll also …
This post showcases the simplicity of leveraging Terraform Workspaces for blue green deployments. Including the benefits this can bring to your projects and how to best structure your project repo when leveraging Jenkins, Terraform & Ansible together. Blue and Green Deployments Blue Green deployments is a deployment strategy that reduces downtime and risk by running …
Auto rotating credentials with secrets manager enables you to follow AWS security best practices. It allows you to rotate your credentials often to a set schedule in a safe and controlled manner. With AWS Secrets Manager, you can either rotate the secret for a single user with a single password or rotate by alternating between …
Running Terraform locally is perfect when creating and testing new functionality in development or testing accounts. However, it’s best not to use this approach for staging and production environments. A Terraform Pipeline gives us predictable, well defined and repeatable actions to take when deploying Terraform infrastructure. In this post we’ll run through the base structure …
Sometimes instantiating a fresh Jenkins instance is perfect for testing various aspects of the CI pipeline. Whether this is to test major changes in a safe and controlled manner completely separate from your existing pipelines or to test new plugins or processes without any risk. By far the quickest and easiest way is to spin …
When managing resources in multiple AWS accounts you need to know how you want to manage your state files. This will determine which approach is viable for managing multiple AWS accounts with Terraform. If you’re happy to have a single state file in a central account containing all resources for all other accounts then life …
