BluBracket VPC Deployment using Terraform

List of resources required:

• Download Terraform binary and add to path

  • https://releases.hashicorp.com/terraform/

  • Download 0.13.7

• AWS account token

• VPC

  • BluBracket will create it via Terraform (TF)

  • VPC must have connectivity to http://index.docker.io to pull down the BluBracket Docker images - nothing will be uploaded to http://index.docker.io  

  • VPC must have outbound connectivity to http://github.com to scan the repos. 

  • VPC must have inbound connectivity from http://github.com for features related to Org/Repo webhooks 

  • For optional feature ‘Token Activeness Check’ - Outbound connectivity to various services e.g. AWS, Google, Slack etc 

• S3 bucket 

  • BluBracket team will create it manually

  • TF will use it to preserve state

• DB

  • BluBracket will create it via TF 

  • Instance type will be t3.small 

• If using IAM Permission Boundary

  • ARN of the IAM Permission Boundary to be used during the deployment

• SSL Certificate 

• Identify the FQDN to be used to access 

  • CNAME record will need to be created manually after the install is complete

• EC2 instance

  • BluBracket will create via TF

  • Instance type will be m4.xlarge

List of resources BluBracket will provide:

• BluBracket-Deployment.zip  (Terraform files)

• TFVARS file

• Docker token 

Deployments Steps:

• Download BluBracket-Deployment.zip

  • To be provided by BluBracket

• Configuration TFVARS file

  • Accessible in BluBracket-Deployment.zip

• Create or use existing AWS S3 bucket (Terraform state)

  • Enable versioning of objects 

• Create or import SSL certificate into ACM

• Ensure AWS Account token is available

  • Set environment variable to use the AWS token

    • export AWS_DEFAULT_REGION=

    • export AWS_ACCESS_KEY_ID=

    • export AWS_SECRET_ACCESS_KEY=

• Run Terraform commands to deploy

• Create CNAME (pointing to load balancer)

• Set admin password