AMP Terraform Exercises

The following exercises are recommended for becoming familiar with Cloudsoft AMP, especially when using with Terraform to describe the infrastructure:

• 1 Deploy an AMP blueprint - create an S3 bucket using AMP and Terraform, become familiar with the Cloudsoft AMP environment, and provide the backend store used for the other exercises

• 2 Manage a multi-tier application with AMP - compose and extend blueprints to build rich, automatable deployments

• 3 Learn the main ingredients of AMP blueprints

  • 3-1 Combine multiple IaC templates - create an EFS file system and a bastion server manageable separately
  • 3-2 Add sensors, effectors, and config - extend the previous blueprint to collect KPIs and expose management operations
  • 3-3 Policies for compliance and automation - extend the previous blueprint for drift detection, security scans, and scheduled actions

These exercises assume that:

• You are using an AMP Trial AMI on an AWS EC2 instance: t3.large with a 30Gb volume.
• You have an AMP server running.
• The kubectl command on the AMP server is connected to a Kubernetes environment (locally or hosted) and able to download public containers or has pre-requisite containers installed.
• Your AWS credentials are set up and accessible as AMP externalized configuration, using an external supplier called exercise-secrets with keys aws-access-key-id and aws-secret-access-key.
• The exercise blueprints are installed into AMP (see below).

These steps are done as part of the AMP trial environment setup.

When you are finished with all the exercises, use the “stop” effector in the Inspector to tear down these deployments. Make sure to stop the “S3” application after you have completely stopped the others which use it as a backend, as the Terraform state will be lost when destroying the S3 bucket, preventing cleanup of the other resources.

Dangerous bends (click this) ⌃
This symbol is used to mark optional sections which might introduce more advanced material, provide alternative ways to do things, or give advice for problems in some environments. If the title looks interesting, expand it, and feel free to do as little or as much of these sections as you want.

You can now start the first exercise. Or you can explore the dangerous bends below first.

Installing the br CLI tool ⌃
Some of the “dangerous bend” sections will use the command-line tool to automate AMP. You can download this from the Cloudsoft AMP UI by clicking the “modules” button in the top right (a square of nine dots) and going to “CLI Download”, then selecting the “AMP Client CLI”. Once downloaded, unpack the archive, copy the binary to br in your path. Login with br login <URL> where <URL> is the AMP UI URL, supply the username and password, and then you can run various commands such as br apps or br help.

Installing the exercise blueprints (if not using the trial environment) ⌃
The exercises use some blueprints which are normally pre-installed into AMP trial environments but are not included by default in the AMP release. If you need to install these, install the CLI first (see the previous dangerous bend), and then run for x in https://docs.cloudsoft.io/tutorials/exercises/2-web-efs-multi/2-1/efs-tier.zip https://docs.cloudsoft.io/tutorials/exercises/2-web-efs-multi/2-1/web-tier-serving-efs.zip https://docs.cloudsoft.io/tutorials/exercises/2-web-efs-multi/2-1/web-and-efs-app.zip https://docs.cloudsoft.io/tutorials/exercises/3-efs-terraform-deep-dive/3-1/efs-amp.zip ; do br catalog add $x ; done.