Terraform on IGAAWI docs /tags/terraform/ Recent content in Terraform on IGAAWI docs Hugo en-us Thu, 19 Mar 2026 00:00:00 +0000 Terraform /infrastructure/terraform/ Thu, 19 Mar 2026 00:00:00 +0000 /infrastructure/terraform/ <h2 id="teragrunt">Teragrunt</h2> <p>Entire implementation is implemented as terraform. In order to use it, make sure you have <a href="https://terragrunt.gruntwork.io/">terragrunt</a> installed as per <a href="/infrastructure/tools/" title="Tools">tools requirements</a></p> <p>&#x1f680; Terraform repository: <a href="https://github.com/saritasa-nest/igaawi-infra-aws">saritasa-nest/igaawi-infra-aws</a></p> <div class="highlight"><pre tabindex="0" style="color:#4c4f69;background-color:#eff1f5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>➜ tree -d </span></span><span style="display:flex;"><span>. </span></span><span style="display:flex;"><span>├── bin </span></span><span style="display:flex;"><span>├── envs </span></span><span style="display:flex;"><span>│ ├── prod </span></span><span style="display:flex;"><span>│ │ ├── apps </span></span><span style="display:flex;"><span>│ │ │ ├── api-backend </span></span><span style="display:flex;"><span>│ │ │ └── frontend </span></span><span style="display:flex;"><span>│ │ ├── aws </span></span><span style="display:flex;"><span>│ │ │ ├── backups </span></span><span style="display:flex;"><span>│ │ │ ├── billing </span></span><span style="display:flex;"><span>│ │ │ ├── ecr </span></span><span style="display:flex;"><span>│ │ │ ├── eks </span></span><span style="display:flex;"><span>│ │ │ ├── elasticache </span></span><span style="display:flex;"><span>│ │ │ ├── guardduty </span></span><span style="display:flex;"><span>│ │ │ ├── notifications </span></span><span style="display:flex;"><span>│ │ │ ├── organizations </span></span><span style="display:flex;"><span>│ │ │ ├── rds </span></span><span style="display:flex;"><span>│ │ │ ├── route53 </span></span><span style="display:flex;"><span>│ │ │ ├── ses </span></span><span style="display:flex;"><span>│ │ │ ├── sso </span></span><span style="display:flex;"><span>│ │ │ └── vpc </span></span><span style="display:flex;"><span>│ │ └── platforms </span></span><span style="display:flex;"><span>│ │ ├── airbyte </span></span><span style="display:flex;"><span>│ │ ├── docs </span></span><span style="display:flex;"><span>│ │ ├── github </span></span><span style="display:flex;"><span>│ │ ├── keycloak </span></span><span style="display:flex;"><span>│ │ ├── opsgenie </span></span><span style="display:flex;"><span>│ │ ├── rattic </span></span><span style="display:flex;"><span>│ │ ├── redash </span></span><span style="display:flex;"><span>│ │ ├── reportportal </span></span><span style="display:flex;"><span>│ │ └── sentry </span></span><span style="display:flex;"><span>│ ├── root </span></span><span style="display:flex;"><span>│ │ ├── aws </span></span><span style="display:flex;"><span>│ │ │ ├── organizations </span></span><span style="display:flex;"><span>│ │ │ └── sso </span></span><span style="display:flex;"><span>│ │ └── platforms </span></span><span style="display:flex;"><span>│ │ └── terraform-state </span></span><span style="display:flex;"><span>│ └── security </span></span><span style="display:flex;"><span>│ ├── aws </span></span><span style="display:flex;"><span>│ │ ├── chatbot </span></span><span style="display:flex;"><span>│ │ ├── health </span></span><span style="display:flex;"><span>│ │ ├── inspector </span></span><span style="display:flex;"><span>│ │ ├── organizations </span></span><span style="display:flex;"><span>│ │ └── sso </span></span><span style="display:flex;"><span>│ └── platforms </span></span><span style="display:flex;"><span>│ └── statuscake </span></span><span style="display:flex;"><span>├── modules </span></span><span style="display:flex;"><span>│ ├── aws </span></span><span style="display:flex;"><span>│ │ ├── health-forwarder </span></span><span style="display:flex;"><span>│ │ └── secret-manager </span></span><span style="display:flex;"><span>│ │ └── secret </span></span><span style="display:flex;"><span>│ ├── gcp </span></span><span style="display:flex;"><span>│ │ └── service-account </span></span><span style="display:flex;"><span>│ ├── sentry-project </span></span><span style="display:flex;"><span>│ └── sso </span></span><span style="display:flex;"><span>│ └── iam-assumable-role-with-saml </span></span><span style="display:flex;"><span>├── stacks </span></span><span style="display:flex;"><span>│ ├── apps </span></span><span style="display:flex;"><span>│ │ ├── api-backend </span></span><span style="display:flex;"><span>│ │ └── frontend </span></span><span style="display:flex;"><span>│ ├── aws </span></span><span style="display:flex;"><span>│ │ ├── backups </span></span><span style="display:flex;"><span>│ │ ├── billing </span></span><span style="display:flex;"><span>│ │ ├── ecr </span></span><span style="display:flex;"><span>│ │ ├── eks </span></span><span style="display:flex;"><span>│ │ ├── elasticache </span></span><span style="display:flex;"><span>│ │ ├── guardduty </span></span><span style="display:flex;"><span>│ │ ├── notifications </span></span><span style="display:flex;"><span>│ │ ├── organizations </span></span><span style="display:flex;"><span>│ │ ├── rds </span></span><span style="display:flex;"><span>│ │ ├── route53 </span></span><span style="display:flex;"><span>│ │ ├── ses </span></span><span style="display:flex;"><span>│ │ ├── sso </span></span><span style="display:flex;"><span>│ │ └── vpc </span></span><span style="display:flex;"><span>│ ├── gcp </span></span><span style="display:flex;"><span>│ └── platforms </span></span><span style="display:flex;"><span>│ ├── airbyte </span></span><span style="display:flex;"><span>│ ├── docs </span></span><span style="display:flex;"><span>│ ├── github </span></span><span style="display:flex;"><span>│ ├── keycloak </span></span><span style="display:flex;"><span>│ ├── opsgenie </span></span><span style="display:flex;"><span>│ ├── rattic </span></span><span style="display:flex;"><span>│ ├── redash </span></span><span style="display:flex;"><span>│ ├── reportportal </span></span><span style="display:flex;"><span>│ ├── sentry </span></span><span style="display:flex;"><span>│ ├── statuscake </span></span><span style="display:flex;"><span>│ └── terraform-state </span></span><span style="display:flex;"><span>└── taskfiles </span></span></code></pre></div> <div class="alert alert-info" role="alert"> <h4 class="alert-heading">Important</h4> <ul> <li><strong>apps</strong> contains terraform code for business apps deployed in the infra, such as api-backend, frontend,</li> <li><strong>modules</strong> contains terraform reusable modules used in stacks/apps,</li> <li><strong>stacks</strong> contains infrastructure specific code, i.e. EKS, ECR, SSO, Route53 etc.</li> </ul> </div> <h3 id="apps">Apps</h3> <div class="highlight"><pre tabindex="0" style="color:#4c4f69;background-color:#eff1f5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span>aws-vault <span style="color:#04a5e5">exec</span> igaawi/sso/administrators </span></span></code></pre></div><div class="highlight"><pre tabindex="0" style="color:#4c4f69;background-color:#eff1f5;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-sh" data-lang="sh"><span style="display:flex;"><span><span style="color:#04a5e5">cd</span> envs/prod/apps/api-backend </span></span><span style="display:flex;"><span><span style="color:#04a5e5">export</span> <span style="color:#dc8a78">ENV</span><span style="color:#04a5e5;font-weight:bold">=</span>prod </span></span><span style="display:flex;"><span>tg init </span></span><span style="display:flex;"><span>tg apply </span></span></code></pre></div><p>If you want to see specific credentials generated inside the app you can do:</p>