Example with multiple IaC pipelines to setup a basic AWS solution with Terraform CDK, AWS CDK, and Pulumi. The purpose of this sample is to
- Demonstrate a standard directory layout for IaC, src code
- Demonstrate DevOps environment configuration that supports CI pipelines that deploy to LocalStack and AWS
- Demonstrate DevOps tooling with multiple flavors of IaC
- Demonstrate integration tests running against solutions deployed to LocalStack
- Demonstrate Typescript Lambda Hot Reloading in LocalStack
Features deploying an HTTP API Gateway, Lambda, as well as S3 and other resources.
Features deploying a VPC, Private Application Load Balancer (ALB), and Lambda.
Features deploying a Cloudfront distribution, S3 bucket, and a React web app. Checkout the test here. The Terraform pipeline is here.
Features using private jumphost in private VPC for secure access to protected resources. This jumphost does not have a public IP and does not allow any inbound network traffic.
AWS Customers build cloud-based solutions in layers 3-5. DevOps CI pipelines can also be broken down separately along layer boundaries. The Terraform CDK main.ts file has App solution pipelines at layer 5 and account level VPC configuration pipelines at level 3.
To deploy your infrastructure, follow the steps below.
-
Select Node version 18
nvm install 18- Install Terraform CDK Install cdktf in the node 18 version you just installed in step (4).
npm install --global cdktf-cli@^0.18.0-
Install
make,gcc,g++, etc. For MacOS, runbrew install make gcc openssl readline sqlite3 xzand for Ubuntu machines runapt install build-essential libbz2-dev libssl-dev libreadline-dev libffi-dev zlib1g-dev libsqlite3-dev liblzma-dev. -
Install
zlib1g-dev. For MacOS, runxcode-select --installand for Ubuntu machines runapt install zlib1g-dev. -
Install Pyenv. Make sure the prerequisites are also there.
From the working directory:
-
Set your LocalStack pro key. Add this line of code to a file named
.env-gdc-localat the root of this project. Set your actual LocalStack key.export LOCALSTACK_AUTH_TOKEN=<your key>
-
Start LocalStack.
make start-localstack
- Setup an AWS_PROFILE for LocalStack.
[profile localstack]
region=us-east-1
output=json
endpoint_url = http://localhost:4566
[localstack]
aws_access_key_id=test
aws_secret_access_key=test
- Setup the virtual Python environment.
pyenv install 3.11 && \
pyenv local 3.11 && \
python -m venv .venv && \
. .venv/bin/activate && \
pip install -r devops-tooling/requirements.txtSolution Guide for Terraform CDK
First export the following env vars:
export LOCALSTACK_AUTH_TOKEN=<auth-token>
export DOCKER_COMPOSE_FLAGS="--build"
export BUILDKIT_PROGRESS=plainAnd then run the AWS CDK and the Terraform-based AWS CDK deployments:
export CI_TEST_NAME=awscdk make run-ci-test
export CI_TEST_NAME=awscdktf make run-ci-test
Note: If you run the above tests with Rosetta turned on, and still want to go with arm64, you need to
export export OVERRIDE_LOCAL_ARCH=arm64.
The Lambda is setup for hot reloading in this project on LocalStack by default. After everything is deployed by following one of complete IaC deployments above, you can work with the Lambda in hot-reload mode. See LocalStack Hot Reloading
Now, your DevX looks like a rapid TDD cycle. There's a test in auto_tests/test_apigw_name.py.
Run watch to do a build whenever code changes in the Lambda.
make watch-lambda