Get started quickly with AWS infrastructure using a robust Terraform starter kit incorporating secure state management, VPC configuration, security groups, RDS provisioning, secrets management, SSM parameter store, and GitHub Actions integration!
License: MIT License
the bastion host should have the permissions to read secrets from secrets manager, that way it would be possible to access database credentials or other sensitive information
adding the following lines to the file https://github.com/nanlabs/terraform-aws-starter/blob/main/modules/bastion/iam.tf should do the trick
{ "Effect" : "Allow", "Action" : [ "secretsmanager:GetSecretValue" ], "Resource" : "arn:aws:secretsmanager:*:*:secret:*" }
No response
.
any!
When run for the first time with the default configuration. It fails creating a secrets manager linked to the VPC
Be able to attach secrets manager to the VPC endpoint
throws an error with this message
Error: creating EC2 VPC Endpoint (com.amazonaws.us-west-2.secretsmanager): InvalidParameter: Subnet IDs are only supported for Interface and GatewayLoadBalancer type VPC Endpoints.
│ status code: 400, request id: c3858cb1-8278-4dea-a6d2-177948dcf477
│
│ with module.vpc.aws_vpc_endpoint.secrets_manager,
│ on ..\..\modules\vpc\endpoints.tf line 3, in resource "aws_vpc_endpoint" "secrets_manager":
│ 3: resource "aws_vpc_endpoint" "secrets_manager" {
Run through the default example
No response
No response
latest
windows 10
We should have a VPC endpoint to connect from the private subnets to Secrets Manager without having internet access, this way is more secure and would avoid the cost of having a NAT gateway for cases when internet access is not required
This will be useful for applications stored in AWS lambda that need to connect to an RDS instance where the secrets to connect are stored in Secrets Manager
No response
No response
.
any!
I propose switching our CI linting setup, which includes shellcheck, markdownlint, eslint, and others, to use super-linter exclusively for GitHub Actions. super-linter is a comprehensive and centralized linter that supports multiple languages, providing a unified linting experience.
There are some benefits of super-linter:
Unified Linting: super-linter supports a wide range of languages and linters, providing a unified linting solution for our GitHub Actions workflow.
Easy Configuration: Simplifies configuration by having a single .github/linters configuration file.
Consistent Output: Standardizes the output format for linting results across different languages and linters.
Extensibility: Supports adding or customizing linters easily, making it adaptable to our specific requirements.
Configure super-linter:
.github/workflows configuration file to specify the linters and configurations needed.GitHub Actions Workflows:
super-linter for linting instead of the actual implementationTesting:
super-linter in the GitHub Actions workflow to ensure it covers all relevant languages and provides accurate results. You can test this by submitting a PRNo response
latest
any
The current documentation segment "Connecting to the Database" of the directory live/core is outdated and might generate confusions, we should update the correct variable names an proper steps to achieve the connection between the bastion host and the RDS instance
https://github.com/nanlabs/terraform-aws-starter/tree/main/live/core
We need to dig into new ways of connecting to the private DB Instance to make it easier for the developers to run migrations and more
Connect to the database from outside the AWS Console and/or bastion host instance to run migrations and/or simple queries.
Use the following new feature!
No response
any!
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.