Skip to content

Tool Manager Configuration

Jump to bottom
Keanelek Enns edited this page Mar 30, 2022 · 21 revisions

Ready to get into the nitty-gritty? You've come to the right place. If you want a softer introduction to the DevXP workflow, please visit the Example Workflow page of the wiki.

Terraform

This section will discuss how to use DevXP to set up your cloud services with Terraform, but for more background information about what Terraform is and why you should use it, please read the Terraform page of the wiki.

The Goal

It is always useful to start by identifying your goal. Perhaps you are like Dave and have been tasked to set up [insert Dave's requirements] on top of your already long list of responsibilities. Perhaps you:

  • are investigating what resources are available to you through each provider and what some of the configuration parameters mean.
  • want to get an understanding of how to write a complete Terraform configuration file.
  • were overwhelmed by all the options that were available to you and are looking for a simpler set of configuration options that you can digest.

You may have a different goal in mind, but regardless, you probably want to end up with a set of cloud services configured and deployed. If you are just here to learn, feel free to keep exploring the wiki and clicking around in the tool manager to see what this is all about.

Prerequisites

  • Determine what cloud resources you would like to configure to achieve your end goal. You can find information about supported resources in the resources section of the Terraform page in this wiki.
  • Choose a provider, and create an account with them. Currently DevXP only supports three major providers as discussed in the linked Terraform page of the wiki.
  • Download Terraform
  • Familiarize yourself with the core workflow commands. Run terraform -help to get a list of commands. The main commands are init, plan, apply, and destroy.
  • Configure credentials so that Terraform knows what account to deploy the resources to (and so the cloud service provider knows who to bill!). There are multiple ways to do this (a good initial technique is to pass them as environment variables), so long as you are careful not to let your credentials leak into your repository or any other public files.
  • Now you are ready to create a terraform configuration file using DevXP!

Terraform Resource Configuration

This section describes the required configuration parameters associated with each supported resource for terraform. To learn more about the resources themselves, please visit the supported resources section in the Terraform page of the wiki.

General Configuration

Begin by selecting a provider. Presently only Amazon (AWS) and Google (GCP) are supported.

The following settings apply to all resources, but are currently only available when Amazon is the selected provider.

Secure

  • Dictates whether or not to:
    • put all the configured resources into their own VPC,
    • setup a subnet, and
    • give them IAM permissions to access each other.
  • The secure option will force IAM users to be created for some resources that need one. It will then automatically attach those IAM users to any EC2 instances so that, by default, those EC2 instances will have access to the other resources with no further authentication needed.
  • Please note that there are additional costs associated with setting up a VPC for your resources, but it is considered best practice for the security of your projects and to follow the principle of least privilege.

SSH

  • Opens port 22 on the network gateway, which closes all ports in and out of the VPC by default. Enabling this option allows the user to set up an SSH connection with the configured resources.
  • If you do not need this functionality, it is more secure to leave it unchecked.

Inbound Web Traffic

  • Opens ports 443 and 80 inbound to the VPC via the network gateway.
  • Suppose you decide to run a web server, this option allows outside entities to make requests to it.
  • If you do not need this functionality, it is more secure to leave it unchecked.

Outbound Web Traffic

  • Opens ports 443 and 80 outbound from the VPC via the network gateway.
  • This means your resources can access the internet.
  • If you do not need this functionality, it is more secure to leave it unchecked.

Network Load Balancing

  • Creates a load balancer instance.
  • This allows requests to go to a single service (that is, the load balancer) where they are then distributed across your compute instances.
  • This can help optimize your usage and cut down on costs. During times of high request rates, more resources can be provisioned, and during times of low request rates, resources can be shut down.
  • Please note that there are additional costs associated with enabling network load balancing, and it may not be necessary unless your system receives a high rate of requests.

Amazon Web Services

EC2

  • Instance OS: This is the operating system your instance will run on.
    • Allowable Values: Dropdown (Amazon Linux 2, Ubuntu Server, Windows Server, MacOS Monterey, etc.)
  • Instance Hardware: The computational power of your instance. This controls the number of CPUs and the amount of RAM your instance has access to.
    • Allowable Values: Selectable (micro, small, medium, etc.)
  • Enable IAM Users: Creates an IAM user with permissions for the resource in question. It also creates an access key that can be downloaded and used to access the resource through tools such as a CI/CD pipeline.
    • Allowable Values: Checked (True) or Unchecked (False)
  • Instance Name: This will be used to identify the resource in the future.
    • Allowable Values: Alphanumeric text (letters and numbers) and hyphens. No other special characters or spaces are allowed.
  • Number of Instances: The number of resources with these settings. Note that the instance name for each instance will be the same with the addition of a unique suffix (e.g. If the instance name was "Bob", and the number of instances was 2, they would be named "Bob-a" and Bob-b").
    • Allowable Values: Positive integers.

S3

  • Enable IAM Users: Creates an IAM user with permissions for the resource in question. It also creates an access key that can be downloaded and used to access the resource through tools such as a CI/CD pipeline.
    • Allowable Values: Checked (True) or Unchecked (False)
  • Instance Name: This will be used to identify the resource in the future.
    • Allowable Values: Alphanumeric text (letters and numbers) and hyphens. No other special characters or spaces are allowed.
  • Number of Instances: The number of resources with these settings. Note that the instance name for each instance will be the same with the addition of a unique suffix (e.g. If the instance name was "Bob", and the number of instances was 2, they would be named "Bob-a" and Bob-b").
    • Allowable Values: Positive integers.

Lambda Functions

Support is on its way!

Glacier Vault

  • Enable IAM Users: Creates an IAM user with permissions for the resource in question. It also creates an access key that can be downloaded and used to access the resource through tools such as a CI/CD pipeline.
    • Allowable Values: Checked (True) or Unchecked (False)
  • Instance Name: This will be used to identify the resource in the future.
    • Allowable Values: Alphanumeric text (letters and numbers) and hyphens. No other special characters or spaces are allowed.
  • Number of Instances: The number of resources with these settings. Note that the instance name for each instance will be the same with the addition of a unique suffix (e.g. If the instance name was "Bob", and the number of instances was 2, they would be named "Bob-a" and Bob-b").
    • Allowable Values: Positive integers.

Dynamo DB

  • Attribute Name: This is the name of an attribute within the database.
    • Allowable Values: Alphanumeric text (letters and numbers). No special characters or spaces are allowed.
  • Type: This determines the datatype of the attribute.
    • Allowable Values: Dropdown (String, Number, Binary)
  • isHash: Determines whether the attributes acts as a hash key for the database.
    • Allowable Values: Checked (True) or Unchecked (False)
  • Enable IAM Users: Creates an IAM user with permissions for the resource in question. It also creates an access key that can be downloaded and used to access the resource through tools such as a CI/CD pipeline.
    • Allowable Values: Checked (True) or Unchecked (False)
  • Instance Name: This will be used to identify the resource in the future.
    • Allowable Values: Alphanumeric text (letters and numbers) and hyphens. No other special characters or spaces are allowed.
  • Number of Instances: The number of resources with these settings. Note that the instance name for each instance will be the same with the addition of a unique suffix (e.g. If the instance name was "Bob", and the number of instances was 2, they would be named "Bob-a" and Bob-b").
    • Allowable Values: Positive integers.

Google Cloud Platform

GCE

Support is on its way!

Google Storage Bucket

Support is on its way!

Google Functions

Support is on its way!

Google Cloud Run

Support is on its way!

Microsoft Azure

Support for Microsoft Azure features is on its way!

DevXP - Empowering developers by making DevOps simple.

Clone this wiki locally