Tool Manager Configuration

Ready to get into the nitty-gritty? You've come to the right place. If you want a softer introduction to the DevXP workflow, please visit the Example Workflow page of the wiki.

Terraform

This section will discuss how to use DevXP to set up your cloud services with Terraform, but for more background information about what Terraform is and why you should use it, please read the Terraform page of the wiki.

The Goal

It is always useful to start by identifying your goal. Perhaps you are like Dave and have been tasked to set up [insert Dave's requirements] on top of your already long list of responsibilities. Perhaps you:

are investigating what resources are available to you through each provider and what some of the configuration parameters mean.
want to get an understanding of how to write a complete Terraform configuration file.
were overwhelmed by all the options that were available to you and are looking for a simpler set of configuration options that you can digest.

You may have a different goal in mind, but regardless, you probably want to end up with a set of cloud services configured and deployed. If you are just here to learn, feel free to keep exploring the wiki and clicking around in the tool manager to see what this is all about.

Prerequisites

Determine what cloud resources you would like to configure to achieve your end goal. You can find information about supported resources in the resources section of the Terraform page in this wiki.
Choose a provider, and create an account with them. Currently DevXP only supports three major providers as discussed in the linked Terraform page of the wiki.
Download Terraform
Familiarize yourself with the core workflow commands. Run terraform -help to get a list of commands. The main commands are init, plan, apply, and destroy.
Configure credentials so that Terraform knows what account to deploy the resources to (and so the cloud service provider knows who to bill!). There are multiple ways to do this (a good initial technique is to pass them as environment variables), so long as you are careful not to let your credentials leak into your repository or any other public files.
Now you are ready to create a terraform configuration file using DevXP!

Terraform Resource Configuration

This section describes the required configuration parameters associated with each supported resource for terraform. To learn more about the resources themselves, please visit the supported resources section in the Terraform page of the wiki.

General Configuration
- Global Settings
- Common Resource Settings
AWS
- EC2
- S3
- Lambda Functions
- Glacier Vault
- Dynamo DB
GCP
Azure (Coming Soon!)

General Configuration

Begin by selecting a provider. Presently only Amazon (AWS) and Google (GCP) are supported.

Global Settings

The following settings affect all resources, but are currently only available when Amazon is the selected provider.

Secure

Dictates whether or not to:
- put all the configured resources into their own VPC,
- setup a subnet, and
- give them IAM permissions to access each other.
The secure option will force IAM users to be created for some resources that need one. It will then automatically attach those IAM users to any EC2 instances so that, by default, those EC2 instances will have access to the other resources with no further authentication needed.
Please note that there are additional costs associated with setting up a VPC for your resources, but it is considered best practice for the security of your projects and to follow the principle of least privilege.

SSH

Opens port 22 on the network gateway, which closes all ports in and out of the VPC by default. Enabling this option allows the user to set up an SSH connection with the configured resources.
If you do not need this functionality, it is more secure to leave it unchecked.

Inbound Web Traffic

Opens ports 443 and 80 inbound to the VPC via the network gateway.
Suppose you decide to run a web server, this option allows outside entities to make requests to it.
If you do not need this functionality, it is more secure to leave it unchecked.

Outbound Web Traffic

Opens ports 443 and 80 outbound from the VPC via the network gateway.
This means your resources can access the internet.
If you do not need this functionality, it is more secure to leave it unchecked.

Network Load Balancing

Creates a load balancer instance.
This allows requests to go to a single service (that is, the load balancer) where they are then distributed across your compute instances.
This can help optimize your usage and cut down on costs. During times of high request rates, more resources can be provisioned, and during times of low request rates, resources can be shut down.
Please note that there are additional costs associated with enabling network load balancing, and it may not be necessary unless your system receives a high rate of requests.

Common Resource Settings

[Resource] ID

This will be used to identify the resource in the future.
By default, an ID is generated following this template: ResourceName-[random allowable characters]
If the checkbox is ticked, you may enter a more recognizable ID.
NOTE: Storage resources must be globally unique (S3, Glacier, GCP, Blobs & Containers), so it is recommended that you leave the randomly generated ID, or make your ID sufficiently unique.
- Allowable Values: Letters and hyphens. No other special characters, numbers, or spaces are allowed.
SPECIAL NOTE: As of right now, no special validation is done for storage resources, so it is the user's responsibility to make sure that the resource ID meets the criteria given by the respective provider (see the links in the point above).

Number of [Resource]

The number of resources with these settings. Note that the instance name for each instance will be the same with the addition of a unique suffix.
- (e.g. If the resource name was "Bob" and the number of resources was 2, they would be named "Bob-a" and Bob-b").
- Allowable Values: Positive integers.

Create IAM User (Advanced)

Creates an IAM user with permissions for the resource in question.
To access/modify this resource programmatically, through code, or from another resource, you must use an IAM user with the right permissions.
If this is disabled, the only way to access/modify the resource is manually (e.g. through the console).
This option creates an access key that can be downloaded and used to access the resource through tools such as a CI/CD pipeline.
- Allowable Values: Checked (True) or Unchecked (False)

Amazon Web Services

EC2

Common Resource Settings
OS: This is the operating system your instance will run on.
- Allowable Values: Dropdown (Amazon Linux 2, Ubuntu Server, Windows Server, MacOS Monterey, etc.)
Hardware: The computational power of your instance. This controls the number of CPUs and the amount of RAM your instance has access to.
- Allowable Values: Dropdown (micro, small, medium, etc.)
- To learn more about the hardware, visit this page. DevXP currently supports subsets of the t2 (general purpose), c3 (compute optimized), d2 (storage optimized), and r3 (memory optimized) hardware types.
- Note: When MacOS is the chosen OS, there is only the Mac Hardware option. See details about it here, and be aware that there is a special pricing plan that charges a minimum of 24 hours usage.

Dynamo DB

Common Resource Settings
Attribute Name: This is the name of an attribute within the database.
- Allowable Values: Alphanumeric text (letters and numbers). No special characters or spaces are allowed.
Type: This determines the datatype of the attribute.
- Allowable Values: Dropdown (String, Number, Binary)
isHash: Determines whether the attributes acts as a hash key for the database.
- Allowable Values: Checked (True) or Unchecked (False)