Working Less, Automating More: Simplifying AWS Management with Terraform and GitHub Actions
Lester Diaz Perez
Posted on April 13, 2024
📌Prerequisites:
🎯Workflow
1️⃣Create IAM user👤
2️⃣Save🔒 Acces & Secret
3️⃣Key Pair for ssh🔑
4️⃣Terraform Pipeline📝
5️⃣Job from Github Actions📝
1️⃣Create IAM user👤
- Login AWS
- IAM -> Users -> Create user
Name of user whatever as you wish
- Select Attach policies directly -> Select AmazonEC2FullAccess
It's not❌ the best practice, but it's simple for this purpose
User created successfully✅
Create Credentials
- Create Access Key -> Third-party service
2️⃣Save🔒 Acces & Secret
- Go to Github repository
- Settings -> Secrets & Variables -> Actions
- Save as a Secret
AWS_ACCESS_KEY_ID
TF_USER_AWS_SECRET
3️⃣Create Key Pair for ssh
- Just go here and name it.Is simple
The key will download⬇ automatically
4️⃣Terraform Pipeline📝
Create a new directory in the root project
🔰Name: terraform
This is a very simple pipeline. Remember this is a tutorial. I will soon make📍 a Terraform series.
provider "aws" {
region = "us-east-2" #Region as you wish
}
resource "aws_instance" "nodeapp" {
ami = "ami-00cda30cf72311684" #Check the AMI list for free tier
instance_type = "t2.micro" #Well... very intuitive -_-
key_name = "ec2_key" #Name of key pair created in step 3
vpc_security_group_ids = [aws_security_group.nodeapp.id] # ID security group
tags = {
Name = "Nodeapp"
}
}
#Security Group
resource "aws_security_group" "nodeapp" {
name = "ec2_ecurity-group" #Whatever name
description = "Allow inbound traffic on port 8080 and SSH" #The app expose port 8080
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
5️⃣Job from Github Actions📝
name: Deploy Node app
on:
push:
branches:
- master
jobs:
tf-aws:
name: Deploy Node app to AWS
runs-on: ubuntu-latest
defaults:
run:
working-directory: terraform #Path directory
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2
- name: Setup Terraform CLI
uses: hashicorp/setup-terraform@v3
- name: Terraform Init
run: terraform init
- name: Terraform Validate
run: terraform validate
- name: Terraform Plan
run: terraform plan
- name: Terraform Apply
run: terraform apply -auto-approve
🎬 Run the job
💖 💪 🙅 🚩
Lester Diaz Perez
Posted on April 13, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.