To address the recommendations of the Well-Architected Review while keeping costs to a minimum, EZOPS asked Risk Focus to provide a solution that could be delivered within a budget of 10 days effort. The solution focused on the AMI construction and core AWS build, since these are the most fragile and time-consuming part of any deployment. EZOPS elected to defer automation of the account setup and VPN setup to focus on the most time-consuming and complex steps.
Risk Focus migrated the manual process of building an environment to infrastructure as code, automating 72 manual steps by creating a 2-step process to install a CodeBuild job into the AWS account and to then run the CodeBuild to build the infrastructure with HashiCorp Terraform. The solution had 2 parts:
Part 1 – Automation of the AMI build and Database Setup. This was solved by introducing the opensource software HashiCorp Packer to build the AMI and leverage Terraform to generate database passwords dynamically when CodeBuild job runs Terraform. The database setup was handled by leveraging the user data script in EC2 to initialize the database after the EC2 is created.
Part 2 – Convert the manual process to create 27 AWS entities, VPC, EC2, RDS, etc. to Infrastructure as code. This was delivered by creating a CodeBuild project installed using the Terraform command line. The CodeBuild project is then run with configurable parameters to complete the infrastructure build with the push of a button.