Scripting Host¶
Documentation that outlines the configuration of the terraform deployable scripting host.
Module Input Variables¶
Variable: subnet_id
Description: The target subnet id for the TerraSnow instance
Variable: env_type
Description: Suffix added to the instance name (dev, test, prod, etc.)
Variable: alias_name
Description: Value used in building the instance name and the instance domain name.
Variable: target_r53_zone
Description: Target route 53 zone in which to build the resulting domain name entry.
Variable: pub_access_sg
Description: The security group within the target AWS account that allows public access.
Variable: priv_access_vpc_id
Description: ID of the VPC that provides private access within the target AWS account.
Variable: priv_alb_subnets
Description: List of subnets that are backed by the private ALB.
Variable: subnet_id
Description: The id of the security group in which to place the instance
Variable: sg_allow_inbound_from
Description: Source security group to allow inbound traffic into the instance’s private security group.
Variable: instance_type
Description: AWS instance type (t2.micro, t2.medium, etc.)
Variable: key_name
Description: SSH public key used to login to the TerraSnow instance.
Variable: instance_role
Description: Role to associate with the TerraForm Scripting host instance. Requires read access to the S3 bucket where the TerraSnow configuration file is stored.
Variable: private_gitlab_server
Description: “hostname of the gitlab server. ex: gitlab.mydomain.net. Passed as a variable into the TerraSnow host initialization script. Used to add the gitlab host as a trusted ssh endpoint and enable use of git clone
via SSH.
Outputs¶
Variable: _private_ip
Value: IPv4 IP address
Description: The private IP address of the TerraSnow instance
Variable: aws_assume_role_webhook
Value: https://INSTANCE_FQDN/aws-assume-role-webhook
Description: The AWS assume role API endpoint of the TerraSnow instance
Variable: gitlab_webhook
Value: https://INSTANCE_FQDN/gitlab-webhook
Description: The gitlab webhook endpoint of the TerraSnow instance
Variable: pub_deployment_key
Value: https://INSTANCE_FQDN/pub-key/key.txt
Description: The web accessible path to the public key of the TerraSnow instance. This key is added to the target gitlab repo as a deploy key with read access to enable the TerraSnow instance to successfully git clone
.
Variable: tfe_workflow_webhook
Value: https://INSTANCE_FQDN/workflow-webhook
Description: The Terraform Enterprise workspace API endpoint of the TerraSnow instance.
Variable: sn_variables_webhook
Value: http://INSTANCE_FQDN/variables-webook
Description: The webhook that triggers the ServiceNow catalog item variables.
Overview¶
The included terraform module will deploy the following resources.
Terraform Enterprise Scripting Host¶
Description: An EC2 instance of the size of your choosing (via the instance_type
variable).
Requirements:
- An IAM role that at a minimum has read access to the S3 bucket where the TerraSnow configuration file is stored.
- An AWS environment that has a security group that provides public access. Port 443 is required as all communications done with the TerraSnow api endpoints are over https via the TerraSnow alb.
Application Load balancer¶
Description: Created via the included alb
module. An ALB that proxies http connections from the TerraSnow instance to https. Backed by an AWS issued https certificate.
Requirements: A separate public access security group within the target AWS account.
TerraSnow Initialization Script¶
Description: A bash script that will install and configure the flask application on an EC2 instance.
Requirements: The EC2 instance on which this script is run will require internet access.