camptocamp / Terraboard
Licence: apache-2.0
🌍 📋 A web dashboard to inspect Terraform States
Stars: ✭ 1,192
Programming Languages
go
31211 projects - #10 most used programming language
Projects that are alternatives of or similar to Terraboard
Terracognita
Reads from existing Cloud Providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration
Stars: ✭ 452 (-62.08%)
Mutual labels: aws, terraform, infrastructure-as-code, devops, devops-tools
Toc
A Table of Contents of all Gruntwork Code
Stars: ✭ 111 (-90.69%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Terraform Modules
Terraform Modules
Stars: ✭ 25 (-97.9%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Stars: ✭ 2,687 (+125.42%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Terraform
Terraform automation for Cloud
Stars: ✭ 121 (-89.85%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Lambda The Terraform Way
AWS Lambda using Terraform., an Introductory Cookbook
Stars: ✭ 1,056 (-11.41%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+199.66%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Terratag
Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources
Stars: ✭ 385 (-67.7%)
Mutual labels: aws, terraform, infrastructure-as-code, devops
Terraform Sqs Lambda Trigger Example
Example on how to create a AWS Lambda triggered by SQS in Terraform
Stars: ✭ 31 (-97.4%)
Mutual labels: aws, terraform, infrastructure-as-code
Module Security Public
The public documentation for the gruntwork-io/module-security repo, which contains packages for setting up best practices for managing secrets, credentials, and servers
Stars: ✭ 67 (-94.38%)
Mutual labels: aws, terraform, devops
Devops Exercises
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
Stars: ✭ 20,905 (+1653.78%)
Mutual labels: aws, terraform, devops
Ansible Meta Dynamic Inventory
Naming is hard. This wrapper script allows you to use set notation with dynamic host groups.
Stars: ✭ 24 (-97.99%)
Mutual labels: aws, devops, devops-tools
Karch
A Terraform module to create and maintain Kubernetes clusters on AWS easily, relying entirely on kops
Stars: ✭ 38 (-96.81%)
Mutual labels: aws, terraform, infrastructure-as-code
Geodesic
🚀 Geodesic is a DevOps Linux Distro. We use it as a cloud automation shell. It's the fastest way to get up and running with a rock solid Open Source toolchain. ★ this repo! https://slack.cloudposse.com/
Stars: ✭ 629 (-47.23%)
Mutual labels: aws, terraform, infrastructure-as-code
Terraform Aws Secure Baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (-50%)
Mutual labels: aws, terraform, devops
Docker Swarm
🐳🐳🐳 This repository is part of a blog series on Docker Swarm example using VirtualBox, OVH Openstack, Azure and Amazon Web Services AWS
Stars: ✭ 43 (-96.39%)
Mutual labels: aws, infrastructure-as-code, devops
Tau
Tau is a thin wrapper on top of terraform to manage multiple deployments, dependencies and secrets.
Stars: ✭ 53 (-95.55%)
Mutual labels: terraform, infrastructure-as-code, devops
Terraform Modules
Reusable Terraform modules
Stars: ✭ 63 (-94.71%)
Mutual labels: aws, terraform, devops
Awless Templates
Repository of examples for awless templates (see https://github.com/wallix/awless)
Stars: ✭ 59 (-95.05%)
Mutual labels: aws, devops, devops-tools
Terraboard
Website: https://terraboard.io
🌍 📋 A web dashboard to inspect Terraform States
What is it?
Terraboard is a web dashboard to visualize and query Terraform states. It currently features:
- an overview page listing the most recently updated state files with their activity
- a state page with state file details, including versions and resource attributes
- a search interface to query resources by type, name or attributes
- a diff interface to compare state between versions
It currently supports several remote state backend providers:
Overview
The overview presents all the state files in the S3 bucket, by most recent modification date.
Search
The search view allows to find resources by various criteria.
State
The state view presents details of a Terraform state at a given version.
Compare
From the state view, you can compare the current state version with another version.
Requirements
Independently of the location of your statefiles, Terraboard needs to store an internal version of its dataset. For this purpose it requires a PostgreSQL database. Data resiliency is not paramount though as this dataset can be rebuilt upon your statefiles at anytime.
AWS S3 (state) + DynamoDB (lock)
- A versioned S3 bucket name with one or more Terraform states, named with a
.tfstatesuffix - AWS credentials with the following IAM permissions over the bucket:
s3:GetObjects3:ListBuckets3:ListBucketVersionss3:GetObjectVersion
- If you want to retrieve lock states from a dynamoDB table, you need to make sure the provided AWS credentials have
dynamodb:Scanaccess to that table.
Terraform Cloud
- Account on Terraform Cloud
- Existing organization
- Token assigned to an organization
Configuration
Terraboard currently supports configuration in three different ways:
- Environment variables
- CLI parameters
- Configuration file (YAML). A configuration file example can be found in the root directory of this repository.
The precedence of configurations is as described below.
Available parameters
| CLI | ENV | YAML | Description | Default |
|---|---|---|---|---|
-V or --version
|
- | - | Prints version | - |
-p or --port
|
TERRABOARD_PORT |
web.port |
Port to listen on | 8080 |
-c or --config-file
|
CONFIG_FILE |
- | Config File path | - |
-l or --log-level
|
TERRABOARD_LOG_LEVEL |
log.level |
Set log level (debug, info, warn, error, fatal, panic) | info |
--log-format |
TERRABOARD_LOG_FORMAT |
log.format |
Set log format (plain, json) | plain |
--db-host |
DB_HOST |
db.host |
Database host | db |
--db-port |
DB_PORT |
db.port |
Database port | 5432 |
--db-user |
DB_USER |
db.user |
Database user | gorm |
--db-password |
DB_PASSWORD |
db.password |
Database password | - |
--db-name |
DB_NAME |
db.name |
Database name | gorm |
--db-sslmode |
DB_SSLMODE |
db.sslmode |
SSL mode enforced for database access (require, verify-full, verify-ca, disable) | require |
--no-sync |
- | db.no-sync |
Do not sync database | false |
--sync-interval |
- | db.sync-interval |
DB sync interval (in minutes) | 1 |
--dynamodb-table |
AWS_DYNAMODB_TABLE |
aws.dynamodb-table |
AWS DynamoDB table for locks | - |
--s3-bucket |
AWS_BUCKET |
aws.bucket |
AWS S3 bucket | - |
--app-role-arn |
APP_ROLE_ARN |
aws.app-role-arn |
Role ARN to Assume | - |
--aws-external-id |
AWS_EXTERNAL_ID |
aws.external-id |
External ID to use when assuming role | - |
--key-prefix |
AWS_KEY_PREFIX |
aws.key-prefix |
AWS Key Prefix | - |
--file-extension |
AWS_FILE_EXTENSION |
aws.file-extension |
File extension(s) of state files. Use multiple CLI flags or a comma separated list ENV variable | .tfstate |
--base-url |
TERRABOARD_BASE_URL |
web.base-url |
Base URL | / |
--logout-url |
TERRABOARD_LOGOUT_URL |
web.logout-url |
Logout URL | - |
--tfe-address |
TFE_ADDRESS |
tfe.tfe-address |
Terraform Enterprise address for states access | - |
--tfe-token |
TFE_TOKEN |
tfe.tfe-token |
Terraform Enterprise token for states access | - |
--tfe-organization |
TFE_ORGANIZATION |
tfe.tfe-organization |
Terraform Enterprise organization for states access | - |
--gcs-bucket |
N/A |
gcp.gcs-buckets |
Google Cloud Storage buckets to access | - |
--gcp-sa-key-path |
GCP_SA_KEY_PATH |
gcp.gcp-sa-key-path |
Path to the service account key to use for Google Cloud Storage | - |
GODEBUG |
netdns=go |
DNS resolver to use (see https://github.com/camptocamp/terraboard/issues/118) | netdns=cgo |
Use with Docker
Docker-compose
Configuration file can be provided to the container using a volume or a configuration.
# Set AWS credentials as environment variables:
export AWS_ACCESS_KEY_ID=<access_key>
export AWS_SECRET_ACCESS_KEY=<access_secret>
# Set AWS configuration as environment variables:
export AWS_DEFAULT_REGION=<AWS default region>
export AWS_BUCKET=<S3 Bucket name>
export AWS_DYNAMODB_TABLE=<Aws DynamoDB Table>
docker-compose up
Then point your browser to http://localhost:8080.
Docker command line
# Set AWS credentials as environment variables:
export AWS_ACCESS_KEY_ID=<access_key>
export AWS_SECRET_ACCESS_KEY=<access_secret>
# Set AWS configuration as environment variables:
export AWS_DEFAULT_REGION=<AWS default region>
export AWS_BUCKET=<S3 Bucket name>
export AWS_DYNAMODB_TABLE=<AWS_DYNAMODB_TABLE>
# Spin up the two containers and a network for them to communciate on:
docker network create terraboard
docker run --name db \
-e POSTGRES_USER=gorm \
-e POSTGRES_DB=gorm \
-e POSTGRES_PASSWORD="<mypassword>" \
-e GODEBUG="netdns=go" \
--net terraboard \
--detach \
--restart=always \
postgres:9.5
docker run -p 8080:8080 \
-e AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}" \
-e AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}" \
-e AWS_REGION="${AWS_DEFAULT_REGION}" \
-e AWS_BUCKET="${AWS_BUCKET}" \
-e WS_DYNAMODB_TABLE="${AWS_DYNAMODB_TABLE}" \
-e DB_PASSWORD="<mypassword>" \
-e DB_SSLMODE="disable" \
--net terraboard \
camptocamp/terraboard:latest
Then point your browser to http://localhost:8080.
Use with Rancher
Camptocamp's Rancher Catalog contains a Terraboard template to automate its installation in Cattle.
Authentication and base URL
Terraboard does not implement authentication. Instead, it is recommended to use an authentication proxy such as oauth2_proxy.
If you need to set a route path for Terraboard, you can set a base URL by
passing it as the BASE_URL environment variable.
When using an authentication proxy, Terraboard will retrieve the logged in
user and email from the headers passed by the proxy.
You can also pass a TERRABOARD_LOGOUT_URL parameter to allow users to
sign out of the proxy.
Install from source
$ go get github.com/camptocamp/terraboard
Compatibility Matrix
| Terraboard | Max Terraform version |
|---|---|
| 0.15.0 | 0.12.7 |
| 0.16.0 | 0.12.7 |
| 0.17.0 | 0.12.18 |
| 0.18.0 | 0.12.18 |
| 0.19.0 | 0.12.20 |
| 0.20.0 | 0.12.26 |
| 0.21.0 | 0.12.28 |
| 0.22.0 | 0.13.0 |
| 1.0.0 | 0.14.5 |
Development
Architecture
Terraboard is made of two components:
A server process
The server is written in go and runs a web server which serves:
- the API on known access points, taking the data from the PostgreSQL database
- the index page (from static/index.html) on all other URLs
The server also has a routine which regularly (every 1 minute) feeds the PostgreSQL database from the S3 bucket.
A web UI
The UI is an AngularJS application served from index.html. All the UI code
can be found in the static/ directory.
Testing
$ docker-compose build && docker-compose up -d
# Point your browser to http://localhost
Contributing
See CONTRIBUTING.md
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].