Terraform Components allow you to deploy Terraform from a public or connected repo, to provision infrastructure resources in customer installs.

Configuring a Terraform component

To configure a Terraform component, specify a repo, the required configuration values, and the version of Terraform to run it with.
nuon.<your-component>.toml
#:schema https://api.nuon.co/v1/general/config-schema?source=terraform
name              = "certificate_wildcard_public"
type              = "terraform_module"
terraform_version = "1.11.3"

[public_repo]
repo      = "nuonco/byoc"
directory = "byoc-nuon/src/components/certificate"
branch    = "main"

[vars]
install_id  = "{{ .nuon.install.id }}"
region      = "{{ .nuon.install_stack.outputs.region }}"
zone_id     = "{{ .nuon.sandbox.outputs.nuon_dns.public_domain.zone_id }}"
domain_name = "*.{{ .nuon.sandbox.outputs.nuon_dns.public_domain.name }}"
You can configure Terraform Components to use either a public repo (using a public_repo block) or a private GitHub repo (using a connected_repo block). Read more about VCS configuration here.

Configuring Terraform Vars

You can configure terraform variables for a component using component variables. These variables can access inputs, other Components, the sandbox, and details on the install itself using interpolation.
nuon.<your-component>.toml
#:schema https://api.nuon.co/v1/general/config-schema?source=terraform
name              = "dynamodb_table"
type              = "terraform_module"
terraform_version = "1.11.4"

[public_repo]
repo      = "nuonco/example-app-configs"
directory = "aws-lambda/src/components/dynamodb-table"
branch    = "main"

[vars]
name       = "widgets-{{.nuon.install.id}}"
hash_key   = "ID"
install_id = "{{.nuon.install.id}}"
region     = "{{.nuon.install_stack.outputs.region}}"

State Management

All Terraform state is managed by the Nuon data plane through the Nuon http-based API.

Execution and Permissions

The runner is responsible for executing Terraform, and is provisioned as part of the initial Install Stack. e.g., in AWS, the CloudFormation stack creates a VPC, networking, ASG and an EC2 instance to start the runner. The runner is separate from the Install’s infrastructure e.g., Kubernetes cluster. To learn more about the runner, read the Nuon Runner Architecture blog post.