This repository contains an integration between AWS IAM and Indent. Once deployed, you will be able to use this integration with Indent to:
- PullUpdate
- ApplyUpdate
Before you deploy these webhooks for the first time, create an S3 bucket to store Terraform state, add your credentials as GitHub Secrets, then update the bucket in main.tf once you're done.
1. Configuring the S3 bucket
- Go to AWS S3 and select an existing bucket or create a new one.
- Select the settings given your environment:
- Name — easily identifiable name for the bucket (example = indent-deploy-state-123)
- Region — where you plan to deploy the Lambda (default = us-west-2)
- Bucket versioning — if you want to have revisions of past deployments (default = disabled)
- Default encryption — server-side encryption for deployment files (default = Enable)
2. Configuring AWS credentials
- Go to AWS IAM → New User and create a new user for deploys, e.g.
indent-terraform-deployer - Configure the service account access:
- Credential type — select Access key - Programmatic access
- Permissions — select Attach existing policies directly and select
AdministratorAccess
- Add the
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYas GitHub Secrets to this repo
3. Connecting to AWS IAM
4. Connecting to Indent
- If you're setting up as part of a catalog flow, you should be presented a Webhook Secret or go to your Indent space and create a webhook
- Add this as
INDENT_WEBHOOK_SECRETas a GitHub Secret
5. Deploy
- Enter the bucket you created in
main.tfin thebackendconfiguration - This will automatically kick off a deploy, or you can manually trigger from GitHub Actions
Visit this link to our documentation for information on setting up GitHub Secrets in this repository.
This repository auto-deploys to AWS Lambda when you push or merge PRs to the main branch. You can manually redeploy the webhooks by re-running the latest GitHub Action job.