Terraform Cloud

Terraform Cloud Overview

Terraform Cloud (TFC) is a SaaS paid platform provided by HashiCorp that provides production-ready state management with continuous delivery for its users. Teams managing their cloud infrastructure with Terraform benefit from:

  • Terraform Cloud remote state out-of-the-box management with built-in versioning

  • A centralized location for the team to collaborate on infrastructure in order to review and approve changes.

In April 2022, Firefly created the capability to scan the Terraform cloud footprint and automatically codify unmanaged and drifted assets (Cloud resources and SaaS extensions) into Terraform code.

Integrating Terraform Cloud:

  1. Go to the left pane > Settings > Integrations.

  2. Select Add New > Terraform Cloud.

  3. Go here, to create an API token.

  4. In Firefly, enter a Nickname, and paste the API token.

  5. Select Next to import your Terraform Cloud stacks as described here.

Using Firefly for Terraform Discovery and Codification:

Discovery:

After integrating your Terraform Cloud and provider to Firefly, you'll be able to explore the current position of your Terraform coverage across any of your integrated cloud accounts and SaaS accounts. Firefly gives you full visibility of your assets and determines the state of each cloud asset:

  • Codified - The asset provided by the integrated provider is configured as described in the Terraform state file.

  • Drifted - The asset provided by the integrated provider is configured differently from the one described in the Terraform state file.

  • Unmanged - No Terraform state file is available for the asset provided by the integrated provider.

  • Ghost - No asset in the provider corresponds to the Terraform state file.

Managing IaC stacks

To explore your IaC stack: go to the left pane > IaC Stacks.

  1. To delete an IaC stack, select its delete icon.

  2. To do a search on all your IaC stacks, use the Search bar.

  3. You can filter according to the following categories:

    • IaC Type

    • Provider Type

    • Locations

    • Providers (specific)

    • Tags

Importing Terraform Stacks:

  1. Go to the left pane > IaC Stacks.

  2. Select Import Stacks.

  3. Select Terraform Cloud.

  4. Select Cloud Integration.

  5. Select Terraform Cloud Organization.

  6. Select Terraform Cloud Organization workspace.

  7. (Optional) Select All.

  8. (Optional) Select +New Label to add a tag.

  9. Select Next.

Managing Drifted Assets

  1. Go to the left pane > Inventory > Drifted.

  2. To explore drift details for a specific asset, locate the asset in the Inventory table, and select Drifted in that row. The Drift drawer opens and displays the difference between the Running Configuration (cloud value) and the Desired Configuration (IaC state value).

  3. To view drifts in JSON format, select JSON.

  4. To copy or export the drift in the displayed format, select Copy or Export.

Fixing drifted assets

  1. Verify that your version control system is integrated with Firefly.

  2. Verify that the IaC stack (such as HCL for Terraform) of the drifted asset is in your version control system.

  3. Select Fix Drift. Firefly locates the drifted block in your code, and proposes a fix to the drifted properties by creating a pull request in your version control system to replace the Desired Configuration with the Running Configuration.

  4. After the drift is fixed, the pull request needs to be approved in your version control system.

  5. To reflect the fix in your state file (and in Firefly), refresh the resource state by running the following command in your Terminal: terraform refresh -target "resource_type.resource_name"

  6. To maintain the Desired Configuration, and restore it in the cloud, run the following command in your Terminal (instead of selecting Fix Drift in Firefly): terraform apply -target "resource_type.resource_name"

Codifying Assets to Terraform

The code describes the configuration of the dependencies rather than referencing the specific ID.

The following codification options are available:

TypeDescription

Explicit Values

Creates code for one or multiple assets using the resource IDs of dependencies.

Data Sources

Creates code that describes the configuration of the dependencies rather than referencing the explicit resource IDs.

Codify Unmanaged Dependencies

Creates code that codifies all unmanaged dependencies with explicit resource IDs.

Codify All Dependencies

Creates code for the asset and all of its dependencies, including codified dependencies. For unmanaged dependencies, the configuration of the data source is used rather than the explicit resource ID. Use this code to create multiple instances of the same environment. This code can also be used to create a module.

Module Call

Creates code for the asset and all of its dependencies in the private or public module that you specify. The module is used to create additional instances of the asset. The module is stored in the repository that holds your Terraform files. (If your public module is not included in Terraform AWS or GCP modules, contact us, and we will create it for you).

Create Module

Creates a reusable module for any type of asset and its dependencies. The module can be created either from a private module in your Git or from a public module in the Terraform Registry. After creating the module, you can store it in your Git and import the assets. You can deploy this module in any region or account.

  1. Go to the left pane > Inventory.

  2. Select desired asset, and select Codify > Terraform.

  3. To import the resource into your state file, select >_ Import Commands, and copy the code.

  4. Open the Terraform console, and paste the Terraform code to your Terraform file.

  5. Run the command in your Terraform file.

  6. Select Copy to copy the code.

  7. Select Export to create a Terraform file with the code inside.

For the Create Module feature:

  • Select Export to export a specific file.

  • Select Export All to export all files into a ZIP file.

NextRun Tasks

Last updated