Our goal is to describe our infrastructure using code only and configure it accordingly for each environment using Terraform together with Terragrunt.
| Environment | Type | Account ID | Account alias |
|---|---|---|---|
production |
production | 53********85 |
*********-prod |
preview |
staging | 99********45 |
*********-dev |
Use our Single Sign-On to login to AWS Management Console.
We provide a Brewfile for all necessary dependencies:
brew bundle && make installYou need the following tools:
- saml2aws - AWS credentials utility
- tfenv - Terraform version manager
- tgenv - Terragrunt version manager
Get the correct versions of Terraform and Terragrunt defined in .terraform.version/ .terragrunt.version:
make installWe use saml2aws to retrieve temporary credentials to access AWS resources. Find detailed information about the required setup on Confluence.
saml2aws loginHave a look at USAGE.md for project usage.
Have a look at RUNBOOK.md for standard operating procedures.
Terraform best practices is a good source for examples how to do things, especially key concepts how to structure your modules.
These are our recommendations how to name resources at New Work.
🙋 this repo only exists as mirror on source.xing.com the actual truth is on github.com
Please take these constraints into account when you manage our infrastructure as code.
- Use a dedicated AWS account for each environment of a workload
- For CI using GitHub Action you need to host on github.com and have an OIDC provider provisioned in your AWS account
- At Tech Core we are evalutaing GitHub Actions and there is no offical support at this point in time
- You can make use of GitHub Action for Infrastructure as Code CI pipelines by request upon approval
Find more information about Github Actions service offering and its limitations here.
Feedback is always welcome 🌈 Feel free to open an Issue (Bug- /Feature-Request) or provide a Pull request. We will take care soon 🔧