Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Optimizing AWS workflows with the CDK for Terraform

Optimizing AWS workflows with the CDK for Terraform

There are countless ways to provision and manage the plethora of available AWS services. In this session, discover how using the CDK for Terraform allows you to easily manage your Kubernetes cluster and overall AWS infrastructure without impacting your applications. Learn how a consistent workflow has never been more critical, from AMIs to Amazon EKS and from IAM roles to security groups.

Taylor Dolezal

December 14, 2021
Tweet

More Decks by Taylor Dolezal

Other Decks in Programming

Transcript

  1. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Optimizing AWS workflows with the CDK for Terraform S P O N S O R E D B Y H A S H I C O R P Kyle Ruddy (he/him) C O P 4 0 2 - S Senior Technical Product Marketing Manager HashiCorp Taylor Dolezal (he/him) Senior Developer Advocate HashiCorp
  2. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Agenda • Terraform: Year in review • Terraform Cloud • What is the CDK for Terraform? • CDK workflows • Demo
  3. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Terraform: Year in review
  4. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Terraform 0.14 – User experience • Concise diffs • Sensitive value masking • Easier upgrades
  5. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Terraform 0.15 – Preparing for 1.0 • Unified CLI Experience • 1.0 Stabilization • Undeclared variable use no longer deprecated
  6. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Terraform 1.0 – Stability No significant changes (as planned!)
  7. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Terraform state compatibility • Terraform 0.15 is forward-compatible with state files to 1.0 • Backward-compatible to >0.14.0 0.14 0.15 1.0
  8. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Remote state Terraform remote-state data sources are forward-compatible 0.12 0.13 0.14 0.15 1.0 0.12.30 0.13.6
  9. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Sensitive function Introduction of a new set of sensitive/non-sensitive functions to help organizations build on Terraform’s sensitivity resource “aws_db_instance” “mydb” { password = sensitive(data.resource.name.id) ... }
  10. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Terraform Cloud
  11. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Terraform Cloud F U L L Y - M A N A G E D I N F R A S T R U C T U R E A S C O D E C L O U D S E R V I C E Developers Plan Cost Estimation PRIVATE MODULE REGISTRY Operations Apply Sentinel Policy Run Tasks
  12. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. What is the CDK for Terraform?
  13. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Because. Anonymous
  14. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. HashiCorp Configuration Language (HCL)
  15. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. HCL • Providers • Resources • Functions
  16. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. HCL • Variables (inputs, outputs, locals) • Modules
  17. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Success? © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  18. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Success? © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  19. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. CDK for Terraform The CDK for Terraform is a project that allows users to define infrastructure using programming languages CDK for (CRDS) HCL JSON
  20. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. CDK for Terraform Supported languages include • TypeScript • Python • Java • C# • Go
  21. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. CDK for Terraform Packages • cdktf-cli – A CLI that allows users to run commands to initialize, import, and synthesize CDK for Terraform applications • cdktf – A library for defining Terraform resources using programming constructs
  22. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. CDK workflows
  23. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. CDK commands • cdktf init • cdktf synth • cdktf diff • cdktf deploy
  24. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Architecture © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  25. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Providers and resources import { Construct } from "constructs"; import { App, TerraformStack } from "cdktf"; import { AwsProvider } from "./.gen/providers/aws"; ... new AwsProvider(this, "aws", { region: "us-west-2", });
  26. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Stacks class MyStack extends TerraformStack { constructor(scope: Construct, id: string) { super(scope, id); // Your Infrastructure Here } } const app = new App(); new MyStack(app, "a-single-stack"); app.synth();
  27. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Functions import { Fn, TerraformOutput } from "cdktf"; import { DataAwsAvailabilityZones } from "@cdktf/provider-aws"; const zones = new DataAwsAvailabilityZones(this, "zones", { state: "available", }); new TerraformOutput(this, "first-zone", { value: Fn.element(zones.names, 0), });
  28. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Tokens const vpc = new Vpc(this, vpcName, { name: vpcName, publicSubnets: ["10.0.1.0/24", "10.0.2.0/24"], }); new Eks(this, "EksModule", { clusterName: "my-kubernetes-cluster", subnets: Token.asList(vpc.publicSubnetsOutput), clusterLogRetentionInDays: logRetention.numberValue, });
  29. © 2021, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Kyle Ruddy (he/him) @kmruddy [email protected] Taylor Dolezal (he/him) @onlydole [email protected]