The organization currently does not have a terraform code template for which CloudFix has reccomendations. Hence, to test out Cloudfix-linter, this demo repo with sample terraform code has been made.
If you are using Devspaces this repo will load up a vscode extension. This video demonstrates how to use the extension.
Resource Type | Count |
---|---|
aws_dynamodb_table | 1 |
aws_ebs_volume | 4 |
aws_instance | 4 |
aws_nat_gateway | 1 |
aws_vpc_endpoint | 1 |
aws_s3_bucket | 3 |
aws_efs_file_system | 1 |
aws_s3_bucket_acl | 1 |
aws_s3_bucket_public_access_block | 1 |
aws_s3_bucket_versioningterraforte | 1 |
aws_neptune_cluster | 1 |
To create them, first terraform will need to be provided creds to your AWS account. If using a personal account, this can be done by exporting AWS_ACCESS_KEY and AWS_SECRET_KEY as environment variables. If using federated login (as trilogy does), saml2aws can be used instead. For more details on how to authorize terraform can be found here
If you are using the DevFactory OIDC session tokens, then upload the credentials file to the base folder and run
./demo_setup.sh credentials.json
. run1.sh
terraform apply
to create the resources
In order to generate mock recommnedations and tell the linter that it needs to read reccomendations from a file rather than from CloudFix itself, on the terminal run
$env:CLOUDFIX_FILE=$true
terraform show -json > tf.show
python3 utils/gen_recco.py tf.show
export CLOUDFIX_FILE=true
terraform show -json > tf.show
python3 utils/gen_recco.py tf.show
$env:CLOUDFIX_FILE=$false
$env:CLOUDFIX_USERNAME="<MY_USERNAME>"
$env:CLOUDFIX_PASSWORD="<PASSWORD>"
export CLOUDFIX_FILE=false
export CLOUDFIX_USERNAME="<MY_USERNAME>"
export CLOUDFIX_PASSWORD="<PASSWORD>"
template in question does have recomendations, the user would only need to export CLOUDFIX_USERNAME and CLOUDFIX_PASSWORD as environement variables rather than performing the above steps. The linter would automatically get the reccomendations from Cloudfix using their credentials.
Add the binary to PATH
export PATH=$PATH:~/.cloudfix-linter/bin
$Env:PATH += ";${HOME}\.cloudfix-linter\bin"
Note: In the following commands replce cloudfix-linter
with cloudfix-linter.exe
for windows
Run
cloudfix-linter tf init
to init the directory in which the linter has to be run
terraform apply
to deploy the resources
cloudfix-linter tf reco
to get reccomendations on the console
OR Run
cloudfix-linter tf reco -j
to get reccomendations in json format. (This command may not prompt descriptive errors currently, try without -j
flag if having issues)
cloudfix-linter
Ctrl+Shift+P
and run command Cloudfix-linter: Init
.mock-recommendations
for the demo repo.terraform init
terraform apply
mock-recommendations
, run the following commands.
terraform show -json > tf.show
python3 utils/gen_recco.py tf.show
a. Run
git clean -fxd
this should remove all the local files created in current directory
b. Run
git reset --hard HEAD
This should set the state of repo to current HEAD
c. Finally do a reload with clear cache in your IDE. For VSCode Steps are -
cmd+shift+P
.cloudfix-linter/logs
folderctrl+shift+p
to open command paletteDeveloper: Reload Window