Integrate AWS using Terraform

Run the Terraform integration code from a dedicated workspace/state. Do not interfere with Production resource provisioning.

Before you begin

• Use Terraform v0.13 or later. To check your version of Terraform, run: terraform --version

• Install AWS CLI on your workstation

• Configure AWS credentials on your workstation. To configure AWS CLI installation, run: aws configure

• Create IAM user with the roles needed to run AWS

• Select your AWS region or select all regions

• To verify you fulfilled these requirements, at your terminal, run the command: cat ~/.aws/credentials && terraform init && terraform --version

Procedure

1. In Firefly, select Settings > Integrations.

2. Select Add New > AWS > Terraform.

3. Enter a descriptive name in Integration Nickname field.

   • (Optional) Select the Event-driven checkbox and select your AWS region(s) OR Select all regions.

   • (Optional) Select S3 Event Notifications of TF State Files, enter your Region and Bucket Names, and select Add.

4. Select Next.

5. Copy the details created by the wizard, and paste them into the Terraform code file.

6. In the directory that contains the provided code, run: terraform init

7. Run the command: terraform apply

8. Select Done.

Using the Event-driven method for fetching your IaC stacks ensures that Firefly refreshes your assets in the inventory in near real-time as soon as they change. This method is the optimal choice for maintaining an up-to-date inventory of your assets.

To use the event-driven service, enable CloudTrail in your AWS account.

Select Enable IaC Auto-Discovery to allow Firefly to scan your cloud for new Terraform state files.

By setting up S3 Event Notifications for Terraform State Files, Firefly can monitor updates to your IaC stacks stored in S3 buckets and optimize the IaC status in the system.