AWS — Infrastructure as Code Tutorial — Step 2.0 — Introduction to secret tools
This chapter is coming ahead of “AWS — Infrastructure as Code Tutorial — Step 1.3 — AWS CDK”, but I thought it would benefit everyone to take a look at additional tools before talking about Level 1,2,3 Constructs.
Ok, Here’s a secret — sacred knowledge from the gods of Olympus 😃, (it is free, and I do not work for them ) — https://former2.com/ — where all code comes from. It’s really helpful. So let us start with Setup
- Install browser Former2 Helper for your browser — 3 browsers are supported as of 11/28/2020
Warning, Achtung — do not do it on your Production account — instead create a new account for practicing.
- Create IAM user — I named it tempuser , name it as something you can delete
- You can use policy ViewOnlyAccess
OR, it’s better to create a managed policy based on ViewOnlyAccess — you can easily distinguish and delete it later. I went with the name -former2policy.
- As an add on security measure I added “Condition” (full policy is in GitHub)
“Effect”: “Allow”,
“Resource”: “*”,
“Condition”: {
“StringEquals”: {
“aws:RequestedRegion”: [
“us-east-1”
]
Note: Most of the services are available first in us-east-1.
Note: If you want to play with RedShift Cluster, you need to explicitly add statements from arn:aws:iam::aws:policy/AmazonRedshiftReadOnlyAccess . For some reason, an error will occur without it:
2. Create Access Key in IAM for user, and enter it on step 2. As you can see, you can make it more secure, e.g Set role, get token — probably good for Production if that’s your goal.
3. You can set more parameters for CloudFormation stack, but we’ll skip it for now. Later, we will come back to this.
4. The Settings tab allows you to customize some settings, like space indent in yaml, and default programming language output. Keep the rest with default settings.
All right. Let’s get this party started.
- Select your region on the top right. My selection is us-east-1. Click Search/Search again
2. Once the resources scan is completed, expand Networking & Content delivery
3. Click VPC on the left pane, and click VPC on the right pane. On the bottom, select empty VPC, created in Step 1 of AWS — Infrastructure as Code — Tutorial
4. Click the Generate button on the top of the page
5. And … Magic!!!: You will be taken right away to the Output section, with a CloudFormation template ready for you
8 Click Terraform (another template in HCL)
9. Click CDK: Yet another template
Summary:
https://former2.com/ is going to be your friend when working not only through this tutorial, but also in your own learning of Infrastructure as Code.