Terraform No Code Provisioning made easy on Scalr

Terraform is a flexible way to manage infrastructure, but it does require writing code in HCL. Not everyone on your team will pick up Terraform as fast as you might like, and most organizations don't need many Terraform experts anyway. What you need is a core group who can write reusable modules. Everyone else can consume them. That's the gap Scalr "no code" workspaces fill.

A no code workspace lets any user deploy a Scalr workspace and run Terraform without writing any code themselves. It works in two steps: a module team publishes modules, then end users deploy them.

Publishing Modules

The publishing of the modules is likely going to be handled by the team that is creating and managing the Terraform code. After the module has been created, it can be pushed to the Scalr module registry, which makes it available to be used in a workspace.

Screenshot of Module publication in Scalr

Module administrators have the choice of limiting which modules can be deployed through a no code workspace by adding a scalr-module.hcl to the repository

Example: All modules in the modules/ directory are included, except for the system module.

version="v2"
root-modules = ["modules/**", "!modules/system"]

See more examples here.

Deploying the Modules

Consuming a published module takes a few clicks. As an end user, you go to the module registry within your environment, click the module you want, and select create workspace. You'll then see the workspace settings, with the module and version already filled in for you:

Screenshot of Workspace creation

Once the workspace is created, Scalr will review the configuration file and if there are any required variables that have not been set, you will be prompted to fill in a value:

Screenshot of Prompt to add variables

Once the values are added, you can then execute the run, which will deploy your resources through Terraform.

That's the whole flow. With a few clicks, we deployed a Terraform workspace and ran it without writing any code.

Upgrading Module Versions

After your initial deployment, the module your workspace was built from will change. You don't have to tear down the workspace and rebuild it. Go to the settings and select the new version:

Screenshot of updating the module in Scalr.

Just create a new run in the same workspace and your infrastructure will now use the new version of the module.

Advantages to No Code Workspaces

• Quickly Standardize - It may be impractical to bring every individual up to speed with writing Terraform code, yet your organization wants to establish Terraform as a standard. No code workspaces allow you to adopt and standardize on Terraform, while the team gets up to speed.
• Improve Security - By publishing modules to consume, you know that your users are following the best practices and not creating potential vulnerabilities in their own code.
• Not a Service Catalog - Sometimes users are resistant to change and organizations resort to a service catalog to push a new standard. Service catalogs usually don't help a cultural change, it's just a way to hide what's going on in the background. The no-code workspace allows users to have the self-service feeling while still understanding the basics of Terraform.

Other features to use in conjunction get the most value:

• Reporting - Use Scalr reporting to understand which modules are the most popular and which modules are not used or out of date. Get all workspaces on the latest version by viewing reports.
• Open Policy Agent - Use OPA to check if users are violating any security controls.
• RBAC - Control who can manage modules, who can create Terraform plans, or who can approve and apply.

All of the features we talked about as part of the no-code provisioning are available on all plans, including the free plan. Sign up and try it out! Want to see it in action? Check out our video of it in action.