CHANGELOG.md

Terraform Infra

Production Grade Terraform for Provisioning Infrastructure

---

Version 3.5

Features

• Upgrade EKS version to 1.23 from previous 1.22
• Added Terraform Monitoring OpenTelemetry with ADOT (AWS Distro for OpenTelemetry)
• Added Terraform EKS ADOT Collector
• Update Manifest EKS
• Added Manifest NLB (Network Load Balancer) for EKS

---

Version 3.4

Features

• Added EKS node, autoscale & taggination for Laravel Framework
• Added RDS node for LaravelDB
• Added EC2 resources for Nifi

---

Version 3.3

Features

• All features from version 3.2

• Added zone c in Core Infra

• Refactoring resources EKS with zone c capabilities

• Refactoring CIDR range VPC

• Refactoring subnet ip range class

• Added Documentation Terraform Infra

  • Build Container devopscorner/cicd

    • Build Container devopscorner/cicd for DockerHub, detail here
    • Build Container devopscorner/cicd for ECR, detail here

  • Build Container devopscorner/terraform-infra

    • Build Container devopscorner/terraform-infra for DockerHub, detail here
    • Build Container devopscorner/terraform-infra for ECR, detail here

  • Terraform Plan Inventory

    • Terraform Plan - Core Staging
    • Terraform Plan - Core Prod
    • Terraform Plan - Jumphost Staging
    • Terraform Plan - Jumphost Prod
    • Terraform Plan - EKS Staging
    • Terraform Plan - EKS Prod
    • Terraform Security Analysis - Core Staging
    • Terraform Security Analysis - Core Prod
    • Terraform Security Analysis - Jumphost Staging
    • Terraform Security Analysis - Jumphost Prod
    • Terraform Security Analysis - EKS Staging
    • Terraform Security Analysis - EKS Prod
    • Terraform Infra Costing - Core Staging
    • Terraform Infra Costing - Core Prod
    • Terraform Infra Costing - Jumphost Staging
    • Terraform Infra Costing - Jumphost Prod
    • Terraform Infra Costing - EKS Staging
    • Terraform Infra Costing - EKS Prod

• Terraform State Inventory

  • Core Infrastructure Staging
  • Core Infrastructure Prod
  • EKS Staging
  • EKS Production
  • Jumphost Staging
  • Jumphost Production

• Reproduce DEMO, detail here

---

Version 3.2

Features

• All features from version 3.1
• Change references path Dockerfile with spesific tag version
  • Alpine: devopscorner/cicd:alpine-nginx-1.23
  • Ubuntu: devopscorner/cicd:ubuntu-nginx-1.23
  • CodeBuild: devopscorner/cicd:codebuild-4.0

---

Version 3.1

Features

• All features from version 3.0

• Added Multi Static Code Analysis for Terraform, inside pipeline terraform plan

  • Tenable terrascan
  • Aqua tfsec

  # ========================= #
  #  Terraform Plan (Review)  #
  # ========================= #
  - terraform init
  - terraform workspace select ${WORKSPACE_ENV} || terraform workspace new ${WORKSPACE_ENV}
  - terraform plan --out tfplan.binary
  - terraform show -json tfplan.binary > tfplan.json
  
  # ================== #
  #  Terraform Addons  #
  # ================== #
  # ~ Terrascan ~
  - terrascan init
  - terrascan scan -o human
  # ~ Tfsec ~
  - tfsec .
  # ~ Checkov
  - checkov -f tfplan.json
  # ~ Infracost
  - infracost breakdown --path tfplan.json
  

---

Version 3.0

Features

• Added Terraform Container with CodeBuild Distribution (AWS Linux) version 4.0

• Refactoring Buildspec for Building Image devopscorner/terraform-infra for Alpine, Ubuntu & CodeBuild Container

• Refactoring Buildspec for terraform plan, terraform apply & terraform destroy

• Added GitHub Action Workflow for Core, Resources & TFState

• Added Terraform addons inside pipeline terraform plan:

  • Static Code Analysis for Terraform
    • Tenable terrascan
  • Terraform Plan Scanning with checkov
  • Terraform Version Manager with tfenv
  • Cloud Cost Estimate with infracost

  # ========================= #
  #  Terraform Plan (Review)  #
  # ========================= #
  - terraform init
  - terraform workspace select ${WORKSPACE_ENV} || terraform workspace new ${WORKSPACE_ENV}
  - terraform plan --out tfplan.binary
  - terraform show -json tfplan.binary > tfplan.json
  
  # ================== #
  #  Terraform Addons  #
  # ================== #
  # ~ Terrascan ~
  - terrascan init
  - terrascan scan -o human
  # ~ Checkov
  - checkov -f tfplan.json
  # ~ Infracost
  - infracost breakdown --path tfplan.json
  

---

Version 2.0

Features

• Upgrade EKS Cluster version to 1.22 from 1.19
• Added Schedule Autoscale Node Group for Optimization (Staging/Develop Environment)
• Added Monitoring Datadog Installation. See Datadog installation readme here
• Added GitHub Action Workflow for Infracost EKS (trigger by Pull Request / PR). See Infracost readme here.
• Added Kubecost for Monitoring Costing EKS Cluster, securing with basic-auth access. See Kubecost readme here.
• Added Jumppods (Jump Host Pods) for maintenance EKS inside pods (curl, wget, telnet, ping, etc), securing with basic-auth access

---

Version 1.1

Features

• Update IAM policy for DEV & UAT environment
• Update subnet ip range from /24 (256 ips) to /20 (4096 ips)
• Update latest manifest installation
  • Ingress Nginx ver-1.1.2
  • Ingress ALB ver-2.4.1
• Added python scripts as new feature inspect & patch (update) tags of each autoscale EKS nodes

---

Version 1.0

Features

• Docker (docker)
• Docker Compose (docker-compose)
• AWS Cli version 2 (aws)
• Terraform Cli (terraform)
• Terraform Environment (tfenv)

Documentation

• Read this

Terraform Features

Multi Environment Workspace:

• Remote State Terraform (S3 & DynamoDB)

• Core Infrastructure

  • VPC
  • Subnet EC2 & EKS
  • Security Group
  • NAT Gateway
  • Internet Gateway
  • VPC Peers Single CIDR
  • VPC Peers Multi CIDR

• Resources Other Infra

  • Budget
  • Cloud9 IDE
  • AWS Elastic Computing (EC2)
    • Airflow
    • Jumphost
    • PostgreSQL (PSQL)
  • Amazon Managed Kubernetes Service (EKS)
  • Amazon Elastic Map Reduce (EMR)
  • Amazon Managed Workflows for Apache Airflow (MWAA)
  • Amazon Relational Database Service (RDS)
  • Amazon ElastiCache for Redis