This repository contains the necessary files and configurations to deploy AWS cloud infrastructure resources using Terraform. For a detailed walkthrough on creating an AWS Lambda function using Terraform please check -create-aws-lambda-using-github-actions.

Additionally, this repository includes:
- a Checkov pipeline for scanning the Terraform code for security and compliance issues.

The entire setup and deployment process is automated via the GitHub Actions pipelines, eliminating the need for manual steps.

Prerequisites

For this code to function without errors, create an OpenID connect identity provider in Amazon Identity and Access Management that has a trust relationship with your GitHub repository. You can read about it here to get a detailed explanation with steps.
Store the ARN of the IAM Role as a GitHub secret which is referred in the terraform.yml file.
For the Infracost integration, create an INFRACOST_API_KEY and store that as a GitHub Actions secret. You can manage the cost estimate process using a GitHub Actions variable INFRACOST_SCAN_TYPE where the value is either hcl_code or tf_plan, depending on the type of scan desired.
You can read about that at - integrate-Infracost-with-GitHub-Actions.

Usage

Ensure that the policy attached to the IAM role whose credentials are being used in this configuration has permission to create and manage all the resources that are included in this repository.
Review the code including the terraform.yml to understand the steps in the GitHub Actions pipeline. Also review the terraform code to understand all the concepts associated with creating the AWS Cloud resources..

If you want to check the pipeline logs, click on the Build Badges above the image in this ReadMe.

Contributing

If you find any issues or have suggestions for improvement, feel free to open an issue or submit a pull request. Contributions are always welcome!

License

This code is released under the Unlicense License. See LICENSE.