Example: Localstack

This example will walk you through using localstack with Telophase to create AWS Accounts and OUs (see: organization.yml), and Stacks to them.

Getting Started with Localstack + Telophase

  1. Install Dependencies
./setup.sh
  1. Start up Localstack in the background. Ensure your pro license is set. Learn more here
localstack start -d
  1. Localstack Setup Create your root organization in Localstack
awslocal organizations create-organization --feature-set ALL
  1. Setup an AWS_REGION if not set
export AWS_REGION=us-east-1
  1. Deploy Infra in the Accounts

Telophase will:

  1. Create the accounts and OUs listed in organization.yml
  2. A CDK stack will create an S3 bucket for a terraform state will be create in each account. Additionally, a Terraform stack will create a CI deploy role in each account in the Production OU.
LOCALSTACK=true telophasecli deploy --tui
  1. Inspect the accounts using awslocal

Learn how Localstack handles multi-account auth here

# View the organizations you have created
awslocal organizations list-accounts

# Each account will have its own tfstate bucket 
AWS_ACCESS_KEY_ID=$AN_ORG_FROM_ABOVE awslocal s3 ls

# New roles will be created in each account
AWS_ACCESS_KEY_ID=$AN_ORG_FROM_ABOVE awslocal iam list-roles

Common Errors

Cannot create preexisting table / Cannot do operations on a non-existent table

These are triggered by a concurrency bug in localstack. You can resolve it by pre-creating the tf-test-state table and running Telophase again:

aws dynamodb create-table --table-name tf-test-state \
--attribute-definitions AttributeName=id,AttributeType=S \
--key-schema AttributeName=id,KeyType=HASH \
--provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 \
--endpoint-url http://localhost:4566

LOCALSTACK=true telophasecli deploy