IaC documentation update

thunderbird · May 22, 2024 · 2421fb7 · 2421fb7
1 parent 5c2c710
commit 2421fb7
Showing 1 changed file with 52 additions and 9 deletions.
diff --git a/tofu/README.md b/tofu/README.md
@@ -53,7 +53,7 @@ All infrastructure should be deployed via terragrunt commands from the appropria
 
 ### Remote State
 
-This is deployed individually before any other stacks and generally should not change with application or infrastructure deployments
+This is deployed individually before any other stacks and generally should not change with application or infrastructure deployments.  For the initial run in a new environment comment out the "generate "backend" block in tofu/environments/terragrunt.hcl.  This is required to created the backend S3 state bucket and DynamoDB lock table.
 
 1. tofu/environments/\<env>/terraform/tfbackend
    1. `cd tofu/environments/<env>/terraform/tfbackend`
@@ -64,33 +64,58 @@ This is deployed individually before any other stacks and generally should not c
 
 ### Infrastructure Stacks
 
-These should be deployed in the following order and generally will only be updated with infrastructure changes while remaining static for code changes
+These should be deployed in the following order and generally will only be updated with infrastructure changes while remaining static for code changes.  The Tofu files pull some information from environment variables.  When Github Actions workflows are run these are populated by Github environment/repository variables.  When running terragrunt commands locally the specified environment variables must be set/
 
 1. tofu/environments/\<env>/network/vpc
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+
    1. `cd tofu/environments/<env>/network/vpc`
    2. `terragrunt init`
    3. `terragrunt validate`
    4. `terragrunt plan -out tfplan`
    5. `terragrunt apply tfplan`
 2. tofu/environments/\<env>/services/backend-infra
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+
    1. `cd tofu/environments/<env>/services/backend-infra`
    2. `terragrunt init`
    3. `terragrunt validate`
    4. `terragrunt plan -out tfplan`
    5. `terragrunt apply tfplan`
 3. tofu/environments/\<env>/data-store/cache
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+
    1. `cd tofu/environments/<env>/datastore/cache`
    2. `terragrunt init`
    3. `terragrunt validate`
    4. `terragrunt plan -out tfplan`
    5. `terragrunt apply tfplan`
 4. tofu/environments/\<env>/data-store/database
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+
    1. `cd tofu/environments/<env>/data-store/database`
    2. `terragrunt init`
    3. `terragrunt validate`
    4. `terragrunt plan -out tfplan`
    5. `terragrunt apply tfplan`
 5. tofu/environments/\<end>/services/frontend
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+
    1. `cd tofu/environments/<env>/services/frontend`
    2. `terragrunt init`
    3. `terragrunt validate`
@@ -99,18 +124,36 @@ These should be deployed in the following order and generally will only be updat
 
 ### Application Stacks
 
-1. tofu/environments/\<env>/services/backend-service
-   1. `cd tofu/environments/<env>/services/backend-service`
-   2. `terragrunt init`
-   3. `terragrunt validate`
-   4. `terragrunt plan -out tfplan`
-   5. `terragrunt apply tfplan`
+#### Backend
 
-### Application Stacks
+The application backend is deployed as an ECS service via terragrunt
 
 1. tofu/environments/\<env>/services/backend-service
+   Required Environment Variables:
+    - TF_VAR_name_prefix
+    - TF_VAR_environment
+    - TF_VAR_region
+    - TF_VAR_name_frontend_url
+    - TF_VAR_short_base_url
+    - TF_VAR_app_env
+    - TF_VAR_sentry_dsn
+    - TF_VAR_zoom_callback
+    - TF_VAR_db_enc_secret
+    - TF_VAR_smtp_secret
+    - TF_VAR_google_oauth_secret
+    - TF_VAR_zoom_secret
+    - TF_VAR_fxa_secret
+    - TF_VAR_log_level
+
    1. `cd tofu/environments/<env>/services/backend-service`
    2. `terragrunt init`
    3. `terragrunt validate`
    4. `terragrunt plan -out tfplan`
    5. `terragrunt apply tfplan`
+
+#### Frontend
+
+The application frontend is deployed to an S3 bucket fronted by Cloudfront.  As such it can be deployed by deploying files to S3 and creating a Cloudfront invalidation.
+
+- aws s3 sync frontend/dist \<Appointment Environment Frontend S3 Bucket URI>
+- aws cloudfront create-invalidation --distribution-id \<Appointment Environment Cloudfront Distribution ID> --paths "/*"