You're reading from Architecting AWS with Terraform Design resilient and secure Cloud Infrastructures with Terraform on Amazon Web Services

Product type Paperback

Published in Dec 2023

Publisher Packt

ISBN-13 9781803248561

Length 260 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Computing

Author (1):

Erol Kavas

View More author details

Table of Contents (21) Chapters

Preface

1. Part 1:Introduction to IAC and Terraform in AWS

2. Chapter 1: Understanding Patterns and Antipatterns of IaC and Terraform FREE CHAPTER

3. Chapter 2: How Not to Use IaC and Terraform

4. Chapter 3: Building Your First Terraform Project

5. Chapter 4: Discovering Best Practices for Terraform IaC Projects

6. Part 2:Become an Expert in Terraform with AWS

7. Chapter 5: Planning and Designing Infrastructure Projects in AWS

8. Chapter 6: Making Decisions for Terraform Projects with AWS

9. Chapter 7: Implementing Terraform in Projects

10. Chapter 8: Deploying Serverless Projects with Terraform

11. Chapter 9: Deploying Containers in AWS with Terraform

12. Part 3:How to Structure and Advance Terraform in Enterprises

13. Chapter 10: Leveraging Terraform for the Enterprise

14. Chapter 11: Building Git Workflows for IaC and Terraform Projects

15. Chapter 12: Automating the Deployment of Terraform Projects

16. Chapter 13: Governing AWS with Terraform

17. Chapter 14: Building a Secure Infrastructure with AWS Terraform

18. Chapter 15: Perfecting AWS Infrastructure with Terraform

19. Index

Why subscribe?

20. Other Books You May Enjoy

Introducing IaC

IaC refers to the process of managing and provisioning computing infrastructure through machine-readable definition files instead of relying on interactive configuration tools or physical hardware setups.

IaC leverages coding techniques that have been tried and tested in software systems, extending their application to infrastructure. It is one of the key DevOps practices that enable teams to deliver infrastructure and software rapidly and reliably at scale. Having a fast and dependable infrastructure provisioning mechanism is essential for organizations that want to achieve continuous delivery for their applications.

In IaC, a declarative language is typically used to describe the desired state of a system, as well as the steps required to bring it into compliance with that state. The IaC tool then uses these descriptions to construct and manage the necessary steps automatically, transitioning the system from one state to another. As a result, IaC enables organizations to automate processes such as resource installation, configuration, deployment, scaling, updating, and deletion in their IT infrastructures.

Key principles of IaC

There are two key principles of IaC, which we will gain an understanding of in this section.

Idempotency

Idempotency is a characteristic of certain operations in mathematics, programming languages, and computer science. It refers to the property where applying these operations multiple times produces the same result without altering it except for generating identical copies.

In the context of IaC, idempotency means that regardless of the starting state and the number of times the IaC is executed, the end state remains the same. This simplifies the infrastructure provisioning process and minimizes the likelihood of inconsistent outcomes. This property offers several advantages for operations, such as the capability to roll back changes and retry them in case of failure.

One way to achieve idempotency is by using a stateful tool such as Terraform. With Terraform, you can specify the desired end state of the infrastructure, and the tool will handle the process of reaching that state.

Immutability

Configuration change management is an important topic for infrastructure provisioning. For success, we need a powerful change management recording system that records all changes made to the infrastructure, and it includes details about why those changes were made, who was responsible for them, when they were implemented, and so on.

Configuration drift can pose a significant challenge to infrastructure management. It arises when changes are made to the infrastructure without proper documentation, causing different environments to diverge in ways that are difficult to replicate. This problem is particularly prevalent in mutable infrastructures that are active for extended periods.

The consequence of configuration drift can be severe, leading to inconsistent performance and stability and security issues in the infrastructure. Since it is difficult to reproduce the exact conditions that led to the drift, troubleshooting such problems can be time-consuming and error-prone.

Immutable infrastructure is a technique for constructing and managing infrastructure in a dependable, repeatable, and foreseeable manner. This approach offers several advantages over traditional IT environment management methods. Rather than altering the existing infrastructure, immutable infrastructure involves replacing it with a new one. By provisioning fresh infrastructure each time, the approach ensures that the infrastructure remains reproducible and free from configuration drift over time.

Immutable infrastructure also provides scalability when provisioning infrastructure in cloud environments.

Now that we know what IaC is and what its key principles are, let’s look at the patterns of IaC.