diff --git a/.devcontainer/config/terraform.env b/.devcontainer/config/terraform.env
index f1d629f..e253412 100644
--- a/.devcontainer/config/terraform.env
+++ b/.devcontainer/config/terraform.env
@@ -21,4 +21,4 @@ TF_CLI_ARGS_apply=""
# GCP Provider Configuration
# GOOGLE_APPLICATION_CREDENTIALS=/home/vscode/.config/gcloud/application_default_credentials.json
-# CLOUDSDK_CORE_PROJECT=your-project-id
\ No newline at end of file
+# CLOUDSDK_CORE_PROJECT=your-project-id
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 7c7bf94..b154881 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -21,10 +21,8 @@
"postStartCommand": "post-start",
"remoteUser": "vscode",
- // Configure tool-specific properties
"customizations": {
"vscode": {
- // Add the IDs of extensions you want installed when the container is created
"extensions": [
"hashicorp.terraform",
"ms-azuretools.vscode-azureterraform",
@@ -46,7 +44,6 @@
"ms-python.vscode-pylance"
],
- // Set *default* container specific settings.json values on container create
"settings": {
"terminal.integrated.defaultProfile.linux": "bash",
"terminal.integrated.profiles.linux": {
@@ -63,7 +60,6 @@
"files.insertFinalNewline": true,
"files.trimFinalNewlines": true,
- // Terraform settings
"[terraform]": {
"editor.defaultFormatter": "hashicorp.terraform",
"editor.formatOnSave": true,
@@ -80,14 +76,12 @@
},
"terraform.experimentalFeatures.validateOnSave": true,
- // YAML settings
"[yaml]": {
"editor.defaultFormatter": "redhat.vscode-yaml",
"editor.formatOnSave": true,
"editor.tabSize": 2
},
- // Markdown settings
"[markdown]": {
"editor.defaultFormatter": "yzhang.markdown-all-in-one",
"editor.formatOnSave": true
@@ -96,7 +90,6 @@
}
},
- // Mount host volumes for credentials and caching
"mounts": [
"source=${localEnv:HOME}${localEnv:USERPROFILE}/.aws,target=/home/vscode/.aws,type=bind,consistency=cached",
"source=${localEnv:HOME}${localEnv:USERPROFILE}/.azure,target=/home/vscode/.azure,type=bind,consistency=cached",
@@ -105,10 +98,8 @@
"source=terraform-cache,target=/home/vscode/.terraform.d/plugin-cache,type=volume"
],
- // Use 'forwardPorts' to make a list of ports inside the container available locally
- // "forwardPorts": [],
+ "forwardPorts": [],
- // Features to add to the dev container
"features": {
"ghcr.io/devcontainers/features/github-cli:1": {},
"ghcr.io/devcontainers/features/git:1": {
@@ -117,7 +108,6 @@
}
},
- // Environment variables
"containerEnv": {
"TF_PLUGIN_CACHE_DIR": "/home/vscode/.terraform.d/plugin-cache"
}
diff --git a/.devcontainer/library-scripts/cloud-cli-tools.sh b/.devcontainer/library-scripts/cloud-cli-tools.sh
index aefccd3..cb2d59f 100755
--- a/.devcontainer/library-scripts/cloud-cli-tools.sh
+++ b/.devcontainer/library-scripts/cloud-cli-tools.sh
@@ -30,4 +30,4 @@ chown -R vscode:vscode /home/vscode/.aws
chown -R vscode:vscode /home/vscode/.azure
chown -R vscode:vscode /home/vscode/.config/gcloud
-echo "Cloud CLI tools installation complete!"
\ No newline at end of file
+echo "Cloud CLI tools installation complete!"
diff --git a/.devcontainer/library-scripts/common-utils.sh b/.devcontainer/library-scripts/common-utils.sh
index a916ed2..cde77f7 100755
--- a/.devcontainer/library-scripts/common-utils.sh
+++ b/.devcontainer/library-scripts/common-utils.sh
@@ -37,4 +37,4 @@ mkdir -p /home/vscode/.ssh
chown -R vscode:vscode /home/vscode/.ssh
chmod 700 /home/vscode/.ssh
-echo "Common utilities installation complete!"
\ No newline at end of file
+echo "Common utilities installation complete!"
diff --git a/.devcontainer/library-scripts/terraform-tools.sh b/.devcontainer/library-scripts/terraform-tools.sh
index 41c26c1..e0c4881 100755
--- a/.devcontainer/library-scripts/terraform-tools.sh
+++ b/.devcontainer/library-scripts/terraform-tools.sh
@@ -77,7 +77,9 @@ if ! command -v go &> /dev/null; then
GO_VERSION="1.20.5"
curl -sSLo /tmp/go.tar.gz "https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz"
sudo tar -C /usr/local -xzf /tmp/go.tar.gz
+ #shellcheck disable=SC2016
echo 'export PATH=$PATH:/usr/local/go/bin' >> /home/vscode/.bashrc
+ #shellcheck disable=SC2016
echo 'export PATH=$PATH:$HOME/go/bin' >> /home/vscode/.bashrc
rm -f /tmp/go.tar.gz
fi
@@ -100,7 +102,7 @@ sudo mv /tmp/infracost-linux-amd64 /usr/local/bin/infracost
rm -f /tmp/infracost.tar.gz
echo "Installing Checkov v${CHECKOV_VERSION}..."
-pip3 install checkov==${CHECKOV_VERSION}
+pip3 install checkov=="${CHECKOV_VERSION}"
# Create .tflint.hcl config file
mkdir -p /home/vscode/.tflint.d
diff --git a/.devcontainer/post-start.sh b/.devcontainer/post-start.sh
index 0693de1..71635e1 100755
--- a/.devcontainer/post-start.sh
+++ b/.devcontainer/post-start.sh
@@ -17,7 +17,8 @@ chmod +x /home/vscode/.devcontainer/scripts/*.sh
# Display welcome message
clear
-printf "\e[0;32mTerraform Development Environment: $(basename $PWD)\e[0m\n\n"
+#shellcheck disable=SC2059
+printf "\e[0;32mTerraform Development Environment: $(basename "$PWD")\e[0m\n\n"
# Display installed tools and versions
echo "=== Installed Tools ==="
diff --git a/.devcontainer/scripts/aws-auth.sh b/.devcontainer/scripts/aws-auth.sh
index 11f06d7..6ae8533 100755
--- a/.devcontainer/scripts/aws-auth.sh
+++ b/.devcontainer/scripts/aws-auth.sh
@@ -68,7 +68,7 @@ fi
if [ "$USE_SSO" = true ]; then
echo "Authenticating with AWS SSO..."
aws sso login
-
+
# Verify authentication
echo "Verifying authentication..."
aws sts get-caller-identity
@@ -78,4 +78,4 @@ else
aws sts get-caller-identity
fi
-echo "AWS authentication complete!"
\ No newline at end of file
+echo "AWS authentication complete!"
diff --git a/.devcontainer/scripts/azure-auth.sh b/.devcontainer/scripts/azure-auth.sh
index 5d0badc..71b2c26 100755
--- a/.devcontainer/scripts/azure-auth.sh
+++ b/.devcontainer/scripts/azure-auth.sh
@@ -83,16 +83,16 @@ if [ "$USE_SP" = true ]; then
echo "Error: Service principal authentication requires --client-id and --client-secret"
exit 1
fi
-
+
export ARM_CLIENT_ID="$CLIENT_ID"
export ARM_CLIENT_SECRET="$CLIENT_SECRET"
-
+
echo "Authenticating with Azure service principal..."
az login --service-principal --username "$CLIENT_ID" --password "$CLIENT_SECRET" --tenant "$TENANT_ID"
else
echo "Authenticating with Azure interactive login..."
az login
-
+
# Set subscription if provided
if [ -n "$SUBSCRIPTION_ID" ]; then
az account set --subscription "$SUBSCRIPTION_ID"
@@ -103,4 +103,4 @@ fi
echo "Verifying Azure authentication..."
az account show
-echo "Azure authentication complete!"
\ No newline at end of file
+echo "Azure authentication complete!"
diff --git a/.devcontainer/scripts/gcp-auth.sh b/.devcontainer/scripts/gcp-auth.sh
index 27510e7..470b175 100755
--- a/.devcontainer/scripts/gcp-auth.sh
+++ b/.devcontainer/scripts/gcp-auth.sh
@@ -59,10 +59,10 @@ if [ -n "$CREDENTIALS_FILE" ]; then
echo "Error: Credentials file not found: $CREDENTIALS_FILE"
exit 1
fi
-
+
export GOOGLE_APPLICATION_CREDENTIALS="$CREDENTIALS_FILE"
echo "Using service account credentials: $CREDENTIALS_FILE"
-
+
# Activate service account
gcloud auth activate-service-account --key-file="$CREDENTIALS_FILE"
else
@@ -74,4 +74,4 @@ fi
echo "Verifying GCP authentication..."
gcloud auth list
-echo "GCP authentication complete!"
\ No newline at end of file
+echo "GCP authentication complete!"
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 1ec772a..f51a15a 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,5 +1,4 @@
{
- // Editor settings
"editor.formatOnSave": true,
"editor.tabSize": 2,
"editor.insertSpaces": true,
@@ -8,8 +7,6 @@
"editor.codeActionsOnSave": {
"source.fixAll": "explicit"
},
-
- // Files settings
"files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true,
"files.trimFinalNewlines": true,
@@ -22,8 +19,6 @@
"**/.terraform": true,
".terraform.lock.hcl": true
},
-
- // Terraform settings
"[terraform]": {
"editor.defaultFormatter": "hashicorp.terraform",
"editor.formatOnSave": true,
@@ -39,34 +34,24 @@
"args": []
},
"terraform.experimentalFeatures.validateOnSave": true,
-
- // YAML settings
"[yaml]": {
"editor.defaultFormatter": "redhat.vscode-yaml",
"editor.formatOnSave": true,
"editor.tabSize": 2
},
-
- // Markdown settings
"[markdown]": {
"editor.defaultFormatter": "yzhang.markdown-all-in-one",
"editor.formatOnSave": true
},
-
- // Terminal settings
"terminal.integrated.defaultProfile.linux": "bash",
"terminal.integrated.profiles.linux": {
"bash": {
"path": "/bin/bash"
}
},
-
- // Git settings
"git.autofetch": true,
"git.enableSmartCommit": true,
"git.confirmSync": false,
-
- // Spell checker settings
"cSpell.enabled": true,
"cSpell.words": [
"azurerm",
diff --git a/.vscode/tasks.json b/.vscode/tasks.json
index ab09058..808ed1a 100644
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -112,4 +112,4 @@
"problemMatcher": []
}
]
-}
\ No newline at end of file
+}
diff --git a/README.md b/README.md
index 15a3834..3e8b7c5 100644
--- a/README.md
+++ b/README.md
@@ -57,13 +57,25 @@ This development container solves these problems by providing a ready-to-use, st
### Quick Start
1. Clone this repository:
+
```bash
git clone https://github.com/awslabs/aws-terraform-dev-container.git
# or with SSH
git clone git@github.com:awslabs/aws-terraform-dev-container.git
```
+ If you don't have these directories, create placeholders the container can mount in.
+
+ `mkdir -p ~/.aws ~/.ssh ~/.azure ~/.config/gcloud`
+
+ Verify your user has Docker rights
+
+ `docker run hello-world`
+
+ If that fails try: `sudo usermod -aG docker $USER` . The `newgrp docker` and run the `hello-world` again.
+
2. Open the folder in VS Code:
+
```bash
code aws-terraform-dev-container
```
@@ -116,21 +128,21 @@ This structure promotes code reuse, environment isolation, and easier testing.
## 🔧 Tools
-| Tool | Version | Description |
-|------|---------|-------------|
-| Terraform | 1.12.1 | Infrastructure as Code tool |
-| AWS CLI | 2.27.26 | Command line interface for AWS |
-| Azure CLI | Latest | Command line interface for Azure |
-| Google Cloud SDK | Latest | Command line interface for GCP |
-| terraform-docs | 0.20.0 | Documentation generator for Terraform modules |
-| tflint | 0.48.0 | Terraform linter |
-| tfsec | 1.28.13 | Security scanner for Terraform code |
-| terrascan | 1.19.9 | Detect compliance and security violations |
-| terragrunt | 0.50.1 | Thin wrapper for Terraform that provides extra tools |
-| terratest | v0.49.0 | Testing utility for infrastructure code |
-| infracost | 0.10.41 | Cloud cost estimates for Terraform |
-| checkov | 3.2.439 | Static code analysis tool for IaC |
-| pre-commit | Latest | Framework for managing git pre-commit hooks |
+| Tool | Version | Description |
+| ---------------- | ------- | ---------------------------------------------------- |
+| Terraform | 1.12.1 | Infrastructure as Code tool |
+| AWS CLI | 2.27.26 | Command line interface for AWS |
+| Azure CLI | Latest | Command line interface for Azure |
+| Google Cloud SDK | Latest | Command line interface for GCP |
+| terraform-docs | 0.20.0 | Documentation generator for Terraform modules |
+| tflint | 0.48.0 | Terraform linter |
+| tfsec | 1.28.13 | Security scanner for Terraform code |
+| terrascan | 1.19.9 | Detect compliance and security violations |
+| terragrunt | 0.50.1 | Thin wrapper for Terraform that provides extra tools |
+| terratest | v0.49.0 | Testing utility for infrastructure code |
+| infracost | 0.10.41 | Cloud cost estimates for Terraform |
+| checkov | 3.2.439 | Static code analysis tool for IaC |
+| pre-commit | Latest | Framework for managing git pre-commit hooks |
---
@@ -298,24 +310,28 @@ You can extend this development environment to suit your specific needs:
Click to expand Use Cases
### Enterprise Infrastructure Teams
+
- Standardize development environments across large teams
- Enforce security and compliance policies through built-in tools
- Simplify onboarding of new team members
- Ensure consistent practices across multiple cloud providers
### DevOps Engineers
+
- Rapidly prototype and test infrastructure changes
- Validate changes before applying to production environments
- Generate documentation automatically
- Estimate costs before deploying resources
### Cloud Architects
+
- Design and test multi-cloud architectures
- Validate designs against security best practices
- Create reusable infrastructure modules
- Document architecture decisions
### Individual Developers
+
- Learn Terraform and cloud infrastructure in a pre-configured environment
- Experiment with different cloud providers without complex setup
- Follow industry best practices from day one
@@ -331,18 +347,21 @@ You can extend this development environment to suit your specific needs:
Click to expand Productivity Benefits
### Time Savings
+
- **Environment Setup**: Save 4-8 hours per developer on initial setup
- **Tool Updates**: Eliminate 1-2 hours per month maintaining tools
- **Onboarding**: Reduce new team member onboarding from days to hours
- **Troubleshooting**: Minimize environment-related issues that can waste hours of development time
### Quality Improvements
+
- **Consistent Validation**: Every code change is automatically validated
- **Security Scanning**: Catch security issues before they reach production
- **Documentation**: Automatically generate and maintain documentation
- **Testing**: Verify infrastructure works as expected with integrated testing tools
### Collaboration Enhancements
+
- **Standardized Environment**: Everyone works with the same tools and versions
- **Reproducible Results**: Eliminate "works on my machine" problems
- **Knowledge Sharing**: Common toolset makes it easier to share techniques and solutions
diff --git a/terraform-devcontainer-plan.md b/terraform-devcontainer-plan.md
index 36e883d..7974942 100644
--- a/terraform-devcontainer-plan.md
+++ b/terraform-devcontainer-plan.md
@@ -10,25 +10,25 @@ flowchart TD
A --> C[devcontainer.json]
A --> D[Volume Mounts]
A --> E[Environment Variables]
-
+
B --> B1[Base Image]
B --> B2[Cloud CLIs]
B --> B3[Terraform Tools]
B --> B4[Supporting Tools]
-
+
C --> C1[Extensions]
C --> C2[Settings]
C --> C3[Post-Start Commands]
C --> C4[Mount Configurations]
-
+
E --> E1[AWS Auth]
E --> E2[Azure Auth]
E --> E3[GCP Auth]
-
+
F[Pre-commit Hooks] --> F1[Terraform Validation]
F --> F2[Security Checks]
F --> F3[Formatting]
-
+
G[VS Code Tasks] --> G1[Terraform Workflows]
G --> G2[Cloud Provider Tasks]
```
@@ -225,4 +225,4 @@ gantt
4. Implement the pre-commit hooks for Terraform validation
5. Configure the environment variables for cloud provider authentication
6. Create the VS Code tasks.json for common Terraform workflows
-7. Test and optimize the container performance
\ No newline at end of file
+7. Test and optimize the container performance