CI/CD for AWS infrastructure using Terraform
Build, change, and destroy AWS infrastructure using Terraform.
Use template →1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45env: AWS_ROLE_ARN: your-arn-role-here steps: - label: ":terraform: terraform init" key: "init" plugins: - docker#v5.9.0: image: hashicorp/terraform:1.5 command: ["init", "-input=false"] - artifacts#v1.9.2: upload: [".terraform", ".terraform.lock.hcl"] compressed: terraform.tgz - label: ":terraform: terraform plan" depends_on: "init" key: "plan" plugins: - artifacts#v1.9.2: download: [".terraform", ".terraform.lock.hcl"] compressed: terraform.tgz - aws-assume-role-with-web-identity: role-arn: $AWS_ROLE_ARN - docker#v5.9.0: image: hashicorp/terraform:1.5 propagate-aws-auth-tokens: true command: ["plan", "-out=tfplan", "-input=false"] artifact_paths: - "tfplan" - block: "Apply?" - label: ":terraform: terraform apply" plugins: - artifacts#v1.9.2: download: ["tfplan"] - artifacts#v1.9.2: download: [".terraform", ".terraform.lock.hcl"] compressed: terraform.tgz - aws-assume-role-with-web-identity: role-arn: $AWS_ROLE_ARN - docker#v5.9.0: image: hashicorp/terraform:1.5 propagate-aws-auth-tokens: true command: ["apply", "-input=false", "-auto-approve", "tfplan"]
CI/CD for AWS using Terraform
Build, change, and destroy AWS infrastructure using Terraform.
Use template →CI/CD for AWS infrastructure using Terraform
This template gives you a continuous integration (CI) pipeline for building, changing, and destroying AWS infrastructure using Terraform.
At a glance:
- For Terraform
- Uses Docker with a Terraform image
- Uses the AWS Assume Role plugin to access AWS credentials
How it works
This template:
- Validates the Terraform configuration in a Docker image.
- Assumes an AWS role using the AWS Assume Role with Web Identity plugin.
- Initializes Terraform and plans changes, outputting a plan file, which is available as an artifact.
- Blocks for input before conditionally applying the proposed Terraform plan.
The pipeline runs all steps in a Docker container with the HashiCorp Terraform image, passing through all the necessary AWS environment variables.
Next steps
After you select Use template, you’ll:
- Connect the Git repository with your Terraform configuration.
- Replace the placeholder AWS role ARN in the pipeline definition.
- Configure the compute—run locally, on-premises, or in the cloud.
- Run the pipeline.
You can then play around with the pipeline settings. For example, run the pipeline locally while you iterate on the definition or set a schedule to trigger a nightly build.
If you need help, please check our documentation, raise an issue , or reach out to support.