geekmungus

We use IaC (Infrastructure as Code) for the deployment and management of all cloud (AWS) workloads to ensure we can manage and update infrastructure and applications that are deployed in the cloud rapidily and on an ongoing basis, while maintaining flexibility, security and availability. However issues may occur when changes are made using automated processes, … Read more

A potential scenario is to have a single Terraform template repository where you need to manage AWS resources across a number of different AWS Accounts. However, because each AWS Account is the edge of its authentication and authorisation profile, there is a need to be able cross this boundary within your Terraform to be able … Read more

AWS CloudFront allows you to front your application (be it on EC2 instances or REST API etc.) so you can provide high availability, caching and protection (with WAF) to the workload. When configuring your application, you don’t want the application to be directly accessible without using CloudFront, so therefore you need to add some restrictions, … Read more

Here’s a little oddity with AWS Route Tables within Terraform, if you want to remove all of the routes in a route table, you can’t just delete or comment them out, otherwise it treats them as if nothing has changed. See the below example, you comment/remove the routes, then in its place add a blank … Read more

During my learning of AWS and its deployment via Terraform, I came across an issue where my EC2 instances kept getting destroyed, even when no changes had been made to them. For example in the plan output: Notice the “# forces replacement” on the security_groups directive. Turns it it was quite a simple fix, although … Read more