https://github.com/osquery/osquery logo
Join Slack
Powered by
I found this terraform module useful for setting u...
# kolide
w
I found this terraform module useful for setting up fleet in fargate last year: https://github.com/davidrecordon/terraform-aws-kolide-fleet It needs a little cleanup but nothing intense
o
that's the same one shared above, and it has a few issues. for one, it uses a fork of fleet for twirp support and as a result is 2 years out of date. it also doesn't handle secrets properly, so your tfstate file will contain database credentials, jwt keys, etc. also imo the way it's architected makes monitoring and introspection difficult too. basically it would require a bunch of changes that for me it made more sense to just do it from scratch
what type of work did you do to get it to production?
w
I used the fleet base image since aws added support for tls termination on the alb
I was using terraform enterprise so the tfstate didn't live on my development machine
🤷
aws isn't available to me rn so I'm using docker-compose again
o
haha, I've heard of TFE being the solution to a lot of common issues but alas it's not in our budget
w
yeah it's crazy expensive and doesn't support SAML
o
> enterprise
> doesn't support SAML
w0t
m
errr... what kind of saml?
"Terraform Enterprise is our self-hosted distribution of Terraform Cloud. It offers enterprises a private instance of the Terraform Cloud application, with no resource limits and with additional enterprise-grade architectural features like audit logging and SAML single sign-on."
w
the SaaS version of terraform enterprise is terraform cloud, which doesn't support saml
4 Views
Open in Slack
PreviousNext
Powered by