The ultimate CircleCI config for Terraform pull request workflow

Terraform is an extremely powerful tool, but the out-of-the-box workflow can lead to pitfalls such as forgetting to commit and push changes to manifest and terraform.tfstate files. Use this example CircleCI configuration for a rock-solid pull-request workflow for Terraform projects. The Workflow A project contributor creates a pull request with changes to terraform manifests. CircleCI runs a terraform plan and posts the diff as a comment in the pull request....

July 9, 2020

How to use count with data resources in Terraform

tl;dr version: "${element(data.github_team.pull.*.id, count.index)}" While writing a little terraform module to manage github repositories, team permissions and branch protection rules, I ran into an issue where github_team_repository resources need the team ID, but github_branch_protection resources need the team slug. This was annoying as I wanted the module to have a single variable which served both purposes. I ended up having a variable var.teams_pull which accepted a list of team slugs....

February 27, 2019

How to build self-deploying applications with Terraform and BitBucket Pipelines.

Background A few weeks ago I decided to replace my ageing and bloated Drupal 7 blog. I decided on the following criteria that the solution had to meet: The project git repo must be private. Hosting infrastructure had to be under my control and completely codified. The solution should require very little supporting infrastructure such as databases. Deployment of changes to the site or infrastructure must be automated. These requirements immediately ruled out a few options including GitHub Pages and SaaS blogging platforms like wordpress....

November 17, 2016

How to peer two AWS VPCs using Terraform

During a recent project, I ran into an issue where the new stack (defined using Terraform) needed to connect to a legacy server via private network interfaces. The Terraform stack was encapsulated within its own VPC, and the legacy server was in the default VPC. Both VPCs were in the same region. AWS has a feature called “VPC peering” which establishes a connection between two VPCs - exactly what was required for this use case....

November 15, 2016