CI/CD for AWS infrastructure using Terraform
Build, change, and destroy AWS infrastructure using Terraform.
Use template →1env:
2 AWS_ROLE_ARN: your-arn-role-here
3
4steps:
5 - label: ":terraform: terraform init"
6 key: "init"
7 plugins:
8 - docker#v5.9.0:
9 image: hashicorp/terraform:1.5
10 command: ["init", "-input=false"]
11 - artifacts#v1.9.2:
12 upload: [".terraform", ".terraform.lock.hcl"]
13 compressed: terraform.tgz
14
15 - label: ":terraform: terraform plan"
16 depends_on: "init"
17 key: "plan"
18 plugins:
19 - artifacts#v1.9.2:
20 download: [".terraform", ".terraform.lock.hcl"]
21 compressed: terraform.tgz
22 - aws-assume-role-with-web-identity:
23 role-arn: $AWS_ROLE_ARN
24 - docker#v5.9.0:
25 image: hashicorp/terraform:1.5
26 propagate-aws-auth-tokens: true
27 command: ["plan", "-out=tfplan", "-input=false"]
28 artifact_paths:
29 - "tfplan"
30
31 - block: "Apply?"
32
33 - label: ":terraform: terraform apply"
34 plugins:
35 - artifacts#v1.9.2:
36 download: ["tfplan"]
37 - artifacts#v1.9.2:
38 download: [".terraform", ".terraform.lock.hcl"]
39 compressed: terraform.tgz
40 - aws-assume-role-with-web-identity:
41 role-arn: $AWS_ROLE_ARN
42 - docker#v5.9.0:
43 image: hashicorp/terraform:1.5
44 propagate-aws-auth-tokens: true
45 command: ["apply", "-input=false", "-auto-approve", "tfplan"]
CI/CD for AWS using Terraform
Build, change, and destroy AWS infrastructure using Terraform.
Use template →CI/CD for AWS infrastructure using Terraform
This template gives you a continuous integration (CI) pipeline for building, changing, and destroying AWS infrastructure using Terraform.
At a glance:
- For Terraform
- Uses Docker with a Terraform image
- Uses the AWS Assume Role plugin to access AWS credentials
How it works
This template:
- Validates the Terraform configuration in a Docker image.
- Assumes an AWS role using the AWS Assume Role with Web Identity plugin.
- Initializes Terraform and plans changes, outputting a plan file, which is available as an artifact.
- Blocks for input before conditionally applying the proposed Terraform plan.
The pipeline runs all steps in a Docker container with the HashiCorp Terraform image, passing through all the necessary AWS environment variables.
Next steps
After you select Use template, you’ll:
- Connect the Git repository with your Terraform configuration.
- Replace the placeholder AWS role ARN in the pipeline definition.
- Configure the compute—run locally, on-premises, or in the cloud.
- Run the pipeline.
You can then play around with the pipeline settings. For example, run the pipeline locally while you iterate on the definition or set a schedule to trigger a nightly build.
If you need help, please check our documentation, raise an issue , or reach out to support.