Terraform Components
Terraform components allow you to provision infrastructure in your customer’s cloud account to power your install.
Terraform components allow you to deploy Terraform from a public or connected repo, to provision infrastructure resources in customer installs. Please refer to the Terraform reference for full configuration options.
In order for Terraform modules to properly work with Nuon, they must specify an s3 {}
backend for state. Read more below for more details.
Configuring a Terraform component
To configure a Terraform component, specify a repo, the required build paramaters and Dockerfile path.
You can configure Terraform components to use either a public repo (using a public_repo
block) or a private GitHub
repo (using a connected_repo
block). Read more about VCS configuration here.
TF Var / Env Var Configuration
You can configure both environment and terraform variables for a component using component variables.
These variables can access inputs, other components, the sandbox, and details on the install itself.
Some common examples:
State Management
All Terraform state is managed using an S3 backend, within the Nuon platform.
In order for Terraform modules to be compatible with Nuon, and not lose state, they must set the backend to the s3 backend.
Execution and Permissions
The runner is responsible for executing Terraform, which means that Terraform is executed from within
the Kubernetes cluster in aws-eks
sandboxes, and from with ECS Fargate for aws-ecs
sandboxes. In both cases, this is
inside of the install network.
Since Terraform is executed from within the install sandbox, Terraform resources can access both the local Kubernetes cluster, or resources within the network (such as internal APIs).
The runner uses a dedicated IAM role defined in the sandbox when executing Terraform.