| .gitignore | ||
| main.tf | ||
| README.md | ||
| secrets.yml | ||
NWS Demo Service
About
This is a Hello World service for Neurodyne Web Services Cloud. This creates, updates, manages and destroys an in-memory resource called Friends for the account owner.
Friends resource doesn't depend on any other cloud resources. However, it implements the full pledged API, authentication and authorization and delivers a realistic experience for new users.
Usage
Binaries
-
Download
Terraformfrom the official downloads page or using this mirror -
Init the provider:
terraform init
You should see the following output:
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
Token
Terraform depends on NWS API, which in turn requires a Bearer Token for authorization. NWS uses own Identity Provider(IdP), which issues and validates tokens with own resources.
Token is a short lived JWT Token with a lifetime of 4 hours. Token is issued for a User and is attached to it.
For security reasons, we chose to have a short lived tokens and thus it's safe to store and checkout the token into a git repository, since every token expires in just 4 hours.
-
Register an NWS Root Account here
-
Confirm your email after registration
-
Generate an access token in console
-
Copy generated token to the
secrets.ymlfile. -
Init the provider:
terraform init -
Validate connection to NWS Cloud with plan:
terraform plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# nws_demo_friends.friends will be created
+ resource "nws_demo_friends" "friends" {
+ friends = [
+ {
+ age = 21
+ name = "Nastya"
+ sex = "F"
},
+ {
+ age = 34
+ name = "Semen"
+ sex = "M"
},
]
+ id = (known after apply)
+ name = "Ivan"
}
Plan: 1 to add, 0 to change, 0 to destroy.
If you see this output, then all things are set up correcly.
Use Friends resource
- Deploy Friends with the default config:
terraform apply --auto-approve
If your token expires, you'll get the following output:
nws_demo_friends.friends: Creating...
╷
│ Error: ❌ API call failed
│
│ with nws_demo_friends.friends,
│ on main.tf line 25, in resource "nws_demo_friends" "friends":
│ 25: resource "nws_demo_friends" "friends" {
│
│ rpc error: code = Unauthenticated desc = ❌ access token is invalid or expired
This means that the token provided in the secrets.yml file is either invalid or has expired after 4 hours.
If you get this, come generate a NEW token in console and save it to the secrets.yml.
-
Run
terraform planagain -
Run
terraform apply --auto-approveagain. For successful deployment, you should see the following:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# nws_demo_friends.friends will be created
+ resource "nws_demo_friends" "friends" {
+ friends = [
+ {
+ age = 21
+ name = "Nastya"
+ sex = "F"
},
+ {
+ age = 34
+ name = "Semen"
+ sex = "M"
},
]
+ id = (known after apply)
+ name = "Ivan"
}
Plan: 1 to add, 0 to change, 0 to destroy.
nws_demo_friends.friends: Creating...
nws_demo_friends.friends: Creation complete after 0s [id=58ccd668-26d9-46e6-b8d2-b0ff38e8c0f8]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
-
Check and validate deployed resource:
terraform show -
Now change
Nastya'sage to 24 in themain.tfand runterraform plan. You should get this:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# nws_demo_friends.friends will be updated in-place
~ resource "nws_demo_friends" "friends" {
~ friends = [
~ {
~ age = 21 -> 24
name = "Nastya"
# (1 unchanged attribute hidden)
},
# (1 unchanged element hidden)
]
id = "58ccd668-26d9-46e6-b8d2-b0ff38e8c0f8"
name = "Ivan"
}
Plan: 0 to add, 1 to change, 0 to destroy.
-
Notice that terraform offers an update for resource
nws_demo_friendsand wants to setNastya'sage to 24. Runterraform apply --auto-approveagain -
Run
terraform showto check the updated state:
# nws_demo_friends.friends:
resource "nws_demo_friends" "friends" {
friends = [
{
age = 24
name = "Nastya"
sex = "F"
},
{
age = 34
name = "Semen"
sex = "M"
},
]
id = "58ccd668-26d9-46e6-b8d2-b0ff38e8c0f8"
name = "Ivan"
}
As you see, the NEW Nastya's age is 24.
- Destroy the resource with
terraform destroy --auto-approve
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# nws_demo_friends.friends will be destroyed
- resource "nws_demo_friends" "friends" {
- friends = [
- {
- age = 24 -> null
- name = "Nastya" -> null
- sex = "F" -> null
},
- {
- age = 34 -> null
- name = "Semen" -> null
- sex = "M" -> null
},
] -> null
- id = "58ccd668-26d9-46e6-b8d2-b0ff38e8c0f8" -> null
- name = "Ivan" -> null
}
Plan: 0 to add, 0 to change, 1 to destroy.
nws_demo_friends.friends: Destroying... [id=58ccd668-26d9-46e6-b8d2-b0ff38e8c0f8]
nws_demo_friends.friends: Destruction complete after 0s
Destroy complete! Resources: 1 destroyed.
As a result, resource is DESTROYED
- Make sure that resource doesn't exist anymore. Run
terraform showto see the current state:
The state file is empty. No resources are represented.
No resources! We destroyed our Friends resource on the previous step.
Links
- HashiCorp docs