Ensure access to the Amazon Console and create an account if necessary.
Ensure the AWS CLI is installed and configured:
Visit the security credentials
- Click on Access key (access key ID and secret access key).
- Click on the button Create New Access Key.
Write down the AWSAccessKeyId and AWSSecretKey
In a further episode, the access and secret key will be obtained from a dedicated IAM user with the correct role and policy.
Configure the account with the previously obtained AWSAccessKeyId and AWSSecretKey, as well as the region, for instance
node is present on your system:
The version must be greater than 14
Install the GrucCloud command-line utility gc with npm
Check the current version of gc:
In this section, we'll create the files needed to describe an infrastructure with GruCloud:
- package.json: specifies the npm dependencies and other information.
- config.js: the config function.
- iac.js: exports createStack with provider and resources associated
- hooks.js: optionally provides hook functions called after deployment or destruction.
The source code for this example in on GitHub.
Create a new directory, for instance
Let's create a new
package.json with the
npm init command:
Let's install the GruCloud AWS provider called @grucloud/provider-aws, as well as the GruCloud core library
You will have to find out the
ImageId for your specific region. One way to retrieve to list of images is with the aws cli:
This step will be automated in a future episode with the help of the Amazon Managed Image resource.
Create a file called
iac.js which stands for infrastructure as code.
We'll first import AwsProvider from @grucloud/provider-aws
iac.js must export the
createStack function which returns the provider and the resources.
Then, instantiate AwsProvider by providing the config function.
In the case, an EC2 Instance is defined with
As a way to verify that gc can connect to the AWS API, one can use the
We are ready to deploy with
At this point, you are given the opportunity to look at what is going to be deployed.
y to accept:
gc apply is executed a second time, resources should not be created or destroyed.
As expected, nothing to deploy, the target resources defined in the code match the live resources.
To list all the resources, and generate a diagram:
This will include the default AWS resources such as VPC, subnet, internet gateway, and security group.
To list only the resources created by GruCloud:
Note that tags have been added to the EC2 Instance, it gives GruCloud a way to identify the resources under its control. Unlike other infrastructure as code tools such as Terraform and Pulumi, GruCloud does not need a state file. Hence removing a lot of complexity and issues.
The ec2 instance configuration might change, for instance, let's modify the machine type to
t3.micro located in config.js
plan command is a read-only command which fetches the live resources and compares them with the target resources defined in the code.
Let's apply the change:
Bear in mind that the machine requires to be stopped and restarted.
Trust but verify, hence, list the EC2 instances and check the
InstanceType has been changed.
Another useful command is gc output, which extract information for a specific field of a given resource
Nested field can be accessed too, for example, let's retrieve the public IP address attached to the EC2 instance:
The temptation to ping is high:
Time to destroy the resources allocated and therefore save a lot of £$€.
Once again, you are given the opportunity to look at what is going to be destroyed. Type 'y' to confirm the destruction:
Let's run the
gc list command with the
E2 filter to verify the EC2 is gone:
This example demonstrates how to code a very basic infrastructure with one EC2 instance, and how can we use the
gc destroy and
gc graph to manage the infrastructure.
It paves the way for more AWS examples
A picture is worth a thousand words, GruCloud generates an SVG file describing the resources and their relationship.
Here is the graph of a typical web application managed by Kubernetes running on AWS where the master node is managed by EKS.