One-Click Complete Deploy
๐ฅ Vibe Prompt
"Build a complete web architecture with Terraform: VPC + ALB + ECS Fargate + RDS PostgreSQL."
module "vpc" {
source = "./modules/vpc"
vpc_cidr = "10.0.0.0/16"
environment = "production"
public_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
private_subnets = ["10.0.10.0/24", "10.0.20.0/24"]
}
resource "aws_ecs_cluster" "main" { name = "web-cluster" }
resource "aws_ecs_service" "web" {
name = "web-service"
cluster = aws_ecs_cluster.main.id
task_definition = aws_ecs_task_definition.web.arn
desired_count = 2
launch_type = "FARGATE"
}
resource "aws_db_instance" "main" {
engine = "postgres"
instance_class = "db.t3.micro"
allocated_storage = 20
db_name = "myapp"
}
output "alb_dns" { value = aws_lb.main.dns_name }
Terraform Course Complete! ๐
- โ HCL Syntax
- โ Remote State
- โ Modules
- โ Multi-Environment
- โ One-Click Deploy
Chapter Summary
- Understand core concepts and principles
- Master implementation methods and techniques
- Familiar with common issues and solutions
- Able to apply in real projects
Further Reading
- Official documentation and API references
- Open source examples on GitHub
- Technical books and online courses
- Community discussions and tech blogs
Implementation Example
Basic Example
# This section provides a complete implementation example
Steps
- Setup: Configure development environment
- Data: Prepare required data
- Implementation: Build core functionality
- Testing: Verify correctness
- Optimization: Improve performance
Common Errors
| Error Type | Cause | Solution | |------------|-------|----------| | Compilation | Syntax | Check code syntax | | Runtime | Environment | Verify dependencies installed | | Logic | Algorithm | Step-by-step debugging | | Performance | Efficiency | Use profilers |
Code Example
import sys
def main():
print("Hello, World!")
if __name__ == "__main__":
main()
References
- Official documentation
- API reference
- Open source examples
- Community discussions
Complete Deployment Script
A single shell script that handles the entire CI/CD pipeline.
#!/bin/bash
# deploy.sh โ One-click deployment script
set -euo pipefail
PROJECT="my-infrastructure"
ENVIRONMENT="${1:-production}"
# Colors for output
GREEN='\033[0;32m'
RED='\033[0;31m'
NC='\033[0m'
echo "=== Deploying $PROJECT to $ENVIRONMENT ==="
# Step 1: Validate configuration
echo "[1/5] Validating Terraform configuration..."
terraform fmt -check -recursive || {
echo -e "${RED}Format check failed. Run 'terraform fmt' first.${NC}"
exit 1
}
terraform validate || {
echo -e "${RED}Validation failed.${NC}"
exit 1
}
echo -e "${GREEN}โ
Configuration valid${NC}"
# Step 2: Select workspace
echo "[2/5] Selecting workspace..."
terraform workspace select "$ENVIRONMENT" 2>/dev/null || \
terraform workspace new "$ENVIRONMENT"
# Step 3: Review changes
echo "[3/5] Planning changes..."
terraform plan -out=tfplan -var-file="environments/$ENVIRONMENT.tfvars"
# Step 4: Apply (requires manual confirmation in CI)
if [ "${CI:-}" != "true" ]; then
echo -e "${RED}About to apply changes. Ctrl+C to abort.${NC}"
read -p "Continue? (yes/no): " confirmation
if [ "$confirmation" != "yes" ]; then
echo "Aborted."
exit 0
fi
fi
echo "[4/5] Applying changes..."
terraform apply tfplan
echo -e "${GREEN}โ
Infrastructure deployed${NC}""
# Step 5: Output results
echo "[5/5] Deployment summary:"
terraform output
CI/CD Integration (GitHub Actions)
name: Deploy Infrastructure
on:
push:
branches: [main]
paths:
- 'terraform/**'
- '.github/workflows/deploy.yml'
jobs:
terraform:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./terraform
steps:
- uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.5.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET }}
aws-region: us-east-1
- name: Terraform Init
run: terraform init
- name: Terraform Plan
run: terraform plan -var-file="environments/production.tfvars"
- name: Terraform Apply
if: github.ref == 'refs/heads/main'
run: terraform apply -auto-approve \
-var-file="environments/production.tfvars"
Makefile Automation
.PHONY: init plan apply destroy fmt validate workspace
init:
terraform init
fmt:
terraform fmt -recursive
validate: fmt
terraform validate
plan: validate
terraform plan -out=tfplan -var-file="environments/$(ENV).tfvars"
apply: plan
terraform apply tfplan
destroy:
terraform destroy -var-file="environments/$(ENV).tfvars"
workspace:
terraform workspace select $(ENV) || terraform workspace new $(ENV)
# Usage: make apply ENV=production
Multi-Environment Directory Structure
terraform/
โโโ environments/
โ โโโ production.tfvars
โ โโโ staging.tfvars
โ โโโ development.tfvars
โโโ modules/
โ โโโ networking/
โ โโโ compute/
โ โโโ database/
โโโ main.tf
โโโ variables.tf
โโโ outputs.tf
โโโ providers.tf
โโโ deploy.sh
Security Best Practices
| Practice | Implementation | |----------|---------------| | Secrets in CI variables | GitHub Secrets, not in code | | State file encryption | S3 with server-side encryption | | DynamoDB lock table | Prevents concurrent modifications | | Least privilege IAM | Specific roles for Terraform | | Version pin providers | Prevent unexpected upgrades |
Summary
One-click deployment combines Terraform, CI/CD, and automation scripts into a single workflow. A well-designed pipeline deploys infrastructure reliably, repeatedly, and safely.
Key takeaways:
- Shell script automates: validate โ plan โ apply โ output |
- GitHub Actions runs Terraform on every push to main |
- Makefile simplifies local development commands |
- Environment-specific tfvars files per stage |
- Always validate and fmt before applying |
- Use -auto-approve in CI, manual confirmation locally |
- Secrets from CI variables, never hardcoded |
- Remote state with S3 + DynamoDB for team collaboration |
What's Next: Terraform Modules
This course continues with reusable Terraform modules.