Skip to content

threeio/terraform-infra-as-code-coverage-badges

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
terraform-coverage.sh
terraform-coverage.sh
 
 

Repository files navigation

DEMO

AWS

US-EAST-1

ec2-instances-coverage ec2-sgs-coverage ec2-ami-coverage ec2-volumes-coverage ec2-albs-coverage ec2-elbs-coverage lambda-functions-coverage rds-instances-coverage vpcs-coverage subnets-coverage route-tables-coverage internet-gateways-coverage dhcp-option-sets-coverage network-acls-coverage s3-buckets-coverage

WHAT

A small script that is useful to track the level of 'infrastructure-as-code' coverage; ie how much of your AWS infrastructure is managed by Terraform?

It checks the following AWS resources:

  • EC2 Instances
  • EC2 Security Groups
  • EC2 AMIs
  • EC2 Volumes
  • EC2 ALBs
  • EC2 ELBs
  • Lambda Functions
  • RDS Instances
  • VPCs
  • VPC Subnets
  • VPC Route Tables
  • VPC IGWs
  • VPC DHCP Options
  • VPC Network ACLs
  • S3 Buckets

WHY

It can be difficult track the status of existing AWS resources when attempting to import a large existing project into Terraform managed infrastructure-as-code. One of the challenges is identifying what AWS resources are currently managed by Terraform and which ones still need to be imported. This script is an initial attempt.

HOW

A series of bash functions that call the AWS API, performs some basic mathematics as needed, and writes the output to a badge using https://shields.io/

  • git clone this repo
  • configure the variables at the top of the script
  • run the script
    • it will make the AWS API calls, checking all AWS resources in the specified region of your specified account for the existence of the specified tag.
    • it will calculate the total number of resources vs the total number of tagged resources
    • it will use the output of the above function as the input for the badges.io API to create coverage badges
    • it will write the badges to the specified S3 bucket
  • you can point to the URL of the S3 badges in order to embed anywhere you want, see above Demo for an example.

REQUIREMENTS

  • An existing AWS account.
    • Permissions: Create S3 bucket
    • what else?
  • Locally configured AWS profile with AWS credentials
  • AWS resources that are consistently identified via a single tag
    • tag is configurable. Our example is "Terraform = True"
    • Any resource containing this tag is assumed to be managed via Terraform
  • jq

FAQ

  • Q) Why bash?
    • A) I like bash. It's simple and is easy for coders of all levels to contribute to.
  • Q) Does this show my coverage for ALL AWS resources?
    • A) No. It currently checks for over a dozen resources that 1) support AWS tags & 2) Have Terraform support for reading/writing AWS tags.
  • Q) Do you plan on extending this?
    • A) Sure, see the TODO section.

TODO

Issues

About

Terraform / infrastructure-as-code coverage badges - how much of your AWS infrastructure is managed by Terraform?

www.chrisanthropic.com/blog/2017/script-to-automate-tracking-terraform-infra-as-code-coverage-badges/

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%