This playground includes three exercises
This playground will follow a test-driven-development
approach. We will start off with a set of tests (using Regula) and implement our Terraform resources to meet the requirements of these tests.
When a test is successful, the exercise has been completed successfully.
Regula includes a set of built-in rules which are enabled by default. To introduce ourselves to the tool, we'll run Regula over a set of Terraform resources using only the built in rules.
The Terraform template included will not immediately be valid, and we will follow a TDD
approach of making changes and running tests until our tests pass.
Terraform Resources:
Click here to get started in the first exercise.
In this exercise, we will be looking at S3 buckets, implementing real world compliance rules. S3 is AWS' simple storage service, which is an object-based storage service. Objects are stored in buckets
.
We will be implementing custom rules to ensure:
- the S3 buckets are private
- the S3 buckets are versioned
While these rules are included in Regula's built-in toolset, we will be introducing our own implementation of these rules to familiarise ourselves with OPA Rego.
Terraform Resources:
Click here to get started in the second exercise.
This exercise will focus on tagging. Tags are a way of including metadata with various AWS resources. It is common for large organisations to have tagging standards which include various pieces of business information such as:
- Team
- Confidentiality
Demonstraded in this exercise is the ability to implement rule sets using Rego which span multiple resource types.
Terraform Resources:
Click here to get started in the third exercise.