DEV Community

Cover image for Working Less, Automating More: Simplifying AWS Management with Terraform and GitHub Actions
Lester Diaz Perez
Lester Diaz Perez

Posted on • Updated on

Working Less, Automating More: Simplifying AWS Management with Terraform and GitHub Actions

Image description

📌Prerequisites:

🎯Workflow

1️⃣Create IAM user👤
2️⃣Save🔒 Acces & Secret
3️⃣Key Pair for ssh🔑
4️⃣Terraform Pipeline📝
5️⃣Job from Github Actions📝


1️⃣Create IAM user👤

  • Login AWS
  • IAM -> Users -> Create user

Name of user whatever as you wish

  • Select Attach policies directly -> Select AmazonEC2FullAccess

It's not❌ the best practice, but it's simple for this purpose

Image description

User created successfully✅

Create Credentials

Image description

  • Create Access Key -> Third-party service

Image description

2️⃣Save🔒 Acces & Secret

  • Go to Github repository
  • Settings -> Secrets & Variables -> Actions
  • Save as a Secret

AWS_ACCESS_KEY_ID TF_USER_AWS_SECRET
Image description

3️⃣Create Key Pair for ssh

  • Just go here and name it.Is simple

The key will download⬇ automatically

Image description

4️⃣Terraform Pipeline📝

Create a new directory in the root project
🔰Name: terraform

This is a very simple pipeline. Remember this is a tutorial. I will soon make📍 a Terraform series.

provider "aws" {
  region = "us-east-2" #Region as you wish
}

resource "aws_instance" "nodeapp" {
  ami           = "ami-00cda30cf72311684" #Check the AMI list for free tier
  instance_type = "t2.micro" #Well... very intuitive -_-
  key_name = "ec2_key" #Name of key pair created in step 3
  vpc_security_group_ids = [aws_security_group.nodeapp.id] # ID security group


  tags = {
    Name = "Nodeapp"
  }
}

#Security Group
resource "aws_security_group" "nodeapp" {
  name        = "ec2_ecurity-group" #Whatever name
  description = "Allow inbound traffic on port 8080 and SSH" #The app expose port  8080




  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 8080
    to_port     = 8080
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}
Enter fullscreen mode Exit fullscreen mode

5️⃣Job from Github Actions📝

name: Deploy Node app 

on:
  push:
    branches:
      - master

jobs:
  tf-aws:
    name: Deploy Node app to AWS
    runs-on: ubuntu-latest

    defaults:
      run:
        working-directory: terraform #Path directory

    steps:

      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-2

      - name: Setup Terraform CLI
        uses: hashicorp/setup-terraform@v3

      - name: Terraform Init
        run: terraform init

      - name: Terraform Validate
        run: terraform validate

      - name: Terraform Plan
        run: terraform plan 

      - name: Terraform Apply
        run: terraform apply -auto-approve 
Enter fullscreen mode Exit fullscreen mode

🎬 Run the job

job done

ec2_nodeapp

security group


LinkedIn

Top comments (0)