It’s amazing how quickly time may fly by. Over the past almost month I have been utilizing Terraform to incrementally capture existing infrastructure while trying to deliver value. As a general rule I believe strongly in incremental work. This results in some rather amusing conversation as to why things are taking so long. Most recently I received several suggestions regarding tools which takes an AWS account as input then produces Terraform descriptions.

Funny enough most of my work has not centered around figuring out how to describe resources in AWS. Describing a set of resources tends to be trivial and time consuming. As with most programming the issue is around structure. The real question to be answered is how do produce a system which is modular, cohesive, and yet still uncoupled.

Automation is definitely the future. Working within an platforms group my job is to enable other developers to move more expediently while automating repetitious tasks. To that end I declared a Terraform resource set designed to mimic the life cycle of the system itself.

Resources should begin in a dev environment. Unfortunately this can not be built or tested locally so I setup an AWS account specific to allow developers to toy around this. Once the changes are ready this is merged into an integration environment. The first of the automated and controlled environments. Each commit is automatically applied on protected branches. Once the integration environment is deemed sufficiently stable the infrastructure may be promoted onto what ever release candidate or production environment you desire. In this case the Platforms group is still responsible for supporting via code reviews and aiding in outage scenarios however individuals are free to change infrastructure as they deem fit.

The underlying mechanism is tragically a script which uses variables substitution. I was hoping there would be some magical methods to applying this. Terraform workspaces break down when brought under Git and this style of workflow. Really I am trying to model changes to systems over time rather than a specific state in all environments at the same time. This is where a lot of my frustration with Terraform comes from but managed correctly it works well. Overall I am able to service requests for a platform, enable developers to own their infrastructure, and deliver results with the lessons learned while implementing.