This is mostly a research question as I can't seem to find out where I can run Terraform for my use case.
I want to build a web front end which I can enter details for configuration, click a button and the front end would tell Terraform to build the infrastructure. I understand I can use the cli, or create a .tf file and then use Jenkins to run it. But I'm looking for a way to basically call the Terraform cli commands through events like a lambda call.
Should I use cloud provider sdks for this?
Has anyone gone about doing something like this and if so, could you share your experiences?
You can use SLD (Stack-Lifecycle-Deployment)
It has a very cool ui and rest api
I think I found something really useful!
Lambda Terraform Call using Python
This would be what I had in mind, generate a Terraform plan file, drop into an S3 bucket, then invoke the lambda call to spin up the infrastructure. And all can be done with the front end configuration setting and an API call.
I hope this comes in handy for some other people and once I have it working I might come back and add to this.
Related
I am currently building on Vercel an use the serverless functions as an API.
All functions are available in <URL>/api/<FUNCTION_NAME>. I want to only allow my web page the access to the API but I have no idea how. I don't have any Authentication / JWT system in place because it is a fairly simple app.
In AWS I normally use something like IAM authentication or a simple API Key.
What are best practices for that or what is the suggested way to do this? I am not sure if I look at the problem completely wrong but I don't find many resources for that.
Thanks!
Sandro
As mentioned in here, you actually can use a simple method using QUERY. For example you can run a function to authorize it if QUERY.SECRET_KEY is equal to the secret key that you saved somewhere else on your code eg. env variable. Or using the same method, you can now use the authorization header that is sent by client. Here the example. You can use anything that suits you. It's just about personal preference. Hope it helps.
Background and Goal
I have a Debian/Linux VM on GCP which I manually start every morning and after it runs, it shuts down by itself using a Linux command. I want to automate the start of the VM by using the Cloud Scheduler. The question asked in GCP auto shutdown and startup using Google Cloud Schedulers has several answers and I am interested in pursuing the answer (https://stackoverflow.com/a/65062924/10322004) proposed by #nikelone because it seems to be simple and also it has been endorsed by #Damien and #RayFoss as being easy. I am a neophyte in these matters and I could not comprehend their replies fully. So this post was created to elicit more clear answers for a person like me.
What I have tried
I have gone to https://cloud.google.com/compute/docs/reference/rest/v1/instances/start (call this page A) and tried the API and was able to successfully start my already stopped VM when I clicked on the execute button. I presume that this means that my entries were fine and can be used in conjunction with appropriate software like Cloud Scheduler to perform the start function on a predefined schedule. But the problem is that I do not know or understand how to proceed from here. I give below my questions.
My Questions
On page A, the last three paragraphs are titled Authorization Scopes, IAM permissions, and Examples, and none of them say anything specific about what the user should do. Is it correct to assume that they have nothing to do with the Cloud Scheduler, but related to other methods to achieve the same goal? If this is not correct then my next question is what should I be doing to follow the statements in these three paragraphs?
Assuming that the answer to question 1 is "yes", meaning I can now start scheduling with the Cloud Scheduler, I next looked at the quickstart for Cloud Scheduler at https://cloud.google.com/scheduler/docs/quickstart (call this page B). The list of items to do is quite large including installing Cloud SDK, running a quite a few commands on the console, enabling some features, set up Pub/Sub, create a job, run the job and verify the results in Pub/Sub. This looks like a daunting set of tasks and I could not understand why it is necessary to jump through the hoops to use something that has already been achieved with just a few keystrokes earlier. So are these steps all necessary? Or is there a way to use the Cloud Scheduler directly without going through so many intermediate steps?
Now assume that the answer to question 2 is that I have to perform all steps stated on page B. If I run into some problem while accomplishing the tasks outlined on page B, my VM may get messed up irretrievably. Is there a way in which the Cloud Platform or its components can be used to reset my VM to its current state as of today, which is working fine? I really do not want to end up with something worse than what I have now.
To answer your questions:
Auth Scopes and IAM permissions are required for you to call the Compute Engine API methods such as instance.start & instance.stop. You need to set the right scope and the right IAM permission on your job or else it will fail. They are indeed related to the method that you're interested to call so you must keep them in mind. What you see on the examples are the ways to call the {API} using different programming languages so you don't need to pay attention to them as you will create the job through the Cloud Console. To further address this part, see the full steps I included below.
The answer that you're trying to follow uses HTTP target while the quickstart you've linked uses Pub/Sub and they are different with each other because they have separate use cases. This link shows a proper instruction how to create a scheduler job with an HTTP target. You can create this kind of job straight from the Cloud Console or a one-liner gcloud command. If your config is incorrect, the trigger will not execute the endpoint URL and you will see an error that you must fix.
Addressed on answer #2
Basically, you just need to follow the instructions to the link you've sent. However, I'll post it here as well along with my explanation:
Go to https://cloud.google.com/scheduler. Click on Go to Console. Click on Create Job. Fill up the required fields (those with red asterisks) when creating a Scheduler Job.
Select HTTP as target type.
Enter this as your URL (modify the capitalized words).
https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/INSTANCE_ZONE/instances/INSTANCE_NAME/start
Choose HTTP method POST.
Click show more and choose Auth Header "Add OAuth Token"
Enter your service account. This is used to pass an OAuth Token when your scheduler job calls the Compute API. Make sure that the service account you will use have the "Compute Instance Admin" role because this role contains the permissions to start/stop your instance. See this instruction how to grant access on a service account. If you're not sure what service account to use, feel free to use the Compute Engine default service account.
Add this on Scope:
https://www.googleapis.com/auth/cloud-platform
The description of this scope:
See, edit, configure, and delete your Google Cloud Platform data.
Repeat for Stop instance job and change URL in #3.
Has anyone managed to create a custom integration between Zapier and Xero by using the 'Webhooks by Zapier' option and a private connection on the Xero side?
At the moment Xero uses Oauth-1a to create sessions and I can't figure out how to even approach this.
I know Zapier has a normal integration with Xero, however I am interested in doing something which isn't available in their integration (create manual journals) and for this I need to figure out how to do the connection manually.
Thanks
Have you taken a look at Xero's Private Application Auth documentation? The private key you create becomes your Consumer Key for API calls. Unfortunately, from there, you do need to do a little coding to support Oauth1 in Zapier.
You have two options:
You could use a serverless function platform like Google Cloud Funtions or AWS Lambda to host your code and use one of Xero's SDKs (like pyxero). You then use a webhook step in Zapier to call the function.
This option is the most robust since and avoids Zapier code limits
You can use a Zapier code step to place the call. In order to do this, you will need to create your own Oauth1 header for your call. You can look at the post HERE by Eliot Muir.
You'll see on lines 32-34 of his example output the headers that need to be included. He has done the hard work of crafting them so you would just need to pull the relevant code and strategy.
This is the most streamlined solution, but you do have to deal with Zapier's lack of 3rd-party packages and a 10-second timeout
At the moment I am making an app. I am relatively new but have experience with a lot of different languages like PHP and SQL. My app needs to communicate with a server to post/retrieve data for everyone to see. People also need to be able to login and register. Right now I am using parse because it gives a lot of the requirements in an easy package but parse is retiring soon and I have no experience with setting up my own server.
I was thinking of making my own 'server' from an old computer but not use parse because it will no longer support push notification. Then of course the app needs to communicate with this server. I started looking online and found a lot of terms but not a real clear explanation on how to proceed. I need it to be able to communicate with iOS and Android. Furthermore I was wondering how to execute a script on the server itself. I want to do something with time, once someone uploads something it needs to disappear after 48 hours, but of course it also needs to do this even if the app isn't active on a smartphone
Can anyone tell me how I need to proceed, what to use and where i can find useful info.
My plan for now is creating my own server with something like MongoDB but then i still need something called a backend and different SDK's to communicate with the apps. Maybe its possible to install parse on my own server and add something so i can still use Push and run a script on the server itself.
All help would be very much App-reciated ;)!
The reason of a backend service or framework is to let developer focus on front end app development. Maybe you can check other options like firebase, meoter, or even leancloud. Don't be hurry jump to the decision to make your own backend.
Parse Server is already supporting Push Notifications. I think should keep using Parse. It will become the best framework for backend and API development in a short time. You can also use services like https://www.back4app.com that helps you in all process of configuration of your server.
Do you mean by create your own server running a personal derver pr you mean create your own back end application?
While Zapier is very powerful at putting glue between various APIs, I stumbled upon the use case of creating Zaps programmatically, which would offer even more flexibility.
I did some investigation and it appears that Zapier, to this date, does not provide a public API for doing so. Is there any workaround for that ?
Not currently. Creating a zap involves a lot of UI steps (6 or 7) - many of which depend on choices made in each previous step, so trying to do all that through a remote script might be difficult and messy. Maybe share some ideas on your specific use-case: why do you need to create a zap programmatically?
Keep in mind you can also create private apps on Zapier so if there is specific functionality you need to use with Zapier you can do that without exposing it to the world.
The year 2017 Zapier introduced their Command Line Interface, which makes possible building your app programatically via JavaScript.
You can take a look at the Example Apps as well as the CLI-docs.