Practical GitOps: Infrastructure Management Using Terraform, AWS, and GitHub Actions
- 3h 39m
- Rohit Salecha
Infrastructure as Code (IaC) is gaining popularity and developers today are deploying their application environments through IaC tools to the cloud. However, it can become extremely difficult and time-consuming to manage the state of the infrastructure that has been deployed. This book will provide a complete walkthrough of deploying a SpringBoot application on AWS with multiple environments like production, staging and development. Everything is orchestrated through GitHub Actions and executed through Terraform Cloud to monitor changes in your infrastructure and manage its state.
You'll start by reviewing how your infrastructure can be stored in code by spinning up an EC2 server first through the console, then AWS CLI and then using Terraform. You'll then be presented with a practical scenario of setting up a simple EC2 server in a multi-environment (production, staging and development) using GitHub Actions and Terraform Cloud. In the advanced section that follows, this simple EC2 server is expanded into an application that is deployed on an AWS EKS (Elastic Kubernetes Service) using AWS RDS (Relational Database Service) exposed through an AWS ALB (Application Load Balancer) protected using AWS ACM (AWS Certificate Manager), and accessible by setting the AWS Route53.
The book then builds up on this infrastructure and demonstrates how it can be deployed in a multi-environment scenario by implementing accounts through AWS organizations. You'll see how to put in restrictions through Service Control Policies, how to protect secrets using AWS Secrets Manager, and how to work with least privileges using IRSA (IAM Roles for Service Accounts). Finally, you'll make the infrastructure more observable using Graphana, Prometheus, and AWS OpenSearch, run security tools, host Route53 zones dynamically based on environments, and implement CloudWatch Alarms for various use cases.
About the Author
Rohit Salecha is a technology enthusiast with over 11 years of experience in IT and the Cybersecurity industry. He loves to find security flaws in the web applications and api's, automate boring tasks and tinker around with new tech and help design secure by default systems. Lately, he has become quite smitten by the DevOps technologies and techniques and loves tinkering around with them.
In this Book
What is GitOps?
Introduction to AWS
Introduction to Terraform
Introduction to Terraform Cloud and Workspaces
Terraform Automation with Git
Spring Boot App on AWS EKS
Authentication and Authorization
Security and Secrets Management