Installation using Terraform
  • 06 Nov 2024
  • 2 Minutes to read
  • PDF

Installation using Terraform

  • PDF

Article summary

Traceable allows you to configure and install runners in AWS ECS (Elastic Container Service) using Terraform. This allows you to leverage Terraform’s infrastructure-as-code capabilities to automate the deployment and management of runners in ECS environments. By using Terraform scripts, you can configure and provision runners to execute API security testing across your AWS infrastructure, ensuring seamless integration into cloud-native applications. This simplifies managing runners in distributed environments, making it scalable and efficient.

Before you begin

Make a note of the following before proceeding with the runner installation:

  • Terraform — Ensure that Terraform is already installed.

  • AWS account — Ensure you have an active AWS account.

  • IAM permissions — Ensure you have the necessary IAM permissions to create and manage ECS services and tasks. The necessary permissions include:

    • ecs:*

  • AWS cluster — Ensure you have an existing cluster where you wish to deploy the runner.

  • VPC, Subnets, and Security Groups — Ensure you have existing VPC, subnets, and security groups configured in your AWS account. You can use them to deploy the ECS service.

  • Terraform files — Ensure you have access to Terraform tarball (traceable-runner-tf.tar.gz)

    Note

    You can download the file from Traceable’s download site.


Install Runner through Shell

Complete the following steps to install the Traceable runner using your shell:

  1. Configure AWS CLI — Enter the following command to configure AWS CLI in your shell:

    aws configure
  2. Verify the AWS Region — Enter the following command and verify that the AWS region is set to the one where you wish to install the Traceable runner:

    aws configure get region
  3. Untar the Terraform File — Enter the following command to untar the Terraform archive (traceable-runner-tf.tar.gz) that you downloaded earlier:

    tar -xvzf traceable-runner-tf.tar.gz
  4. Change the Directory — Enter the following command to change the directory:

    cd traceable-runner-tf
  5. Configure the Variables — Navigate to the terraform.tfvars file and configure the following variables. The following table describes the variables:

    Variable

    Description

    Default Value

    aws_region

    The AWS region of the Traceable runner

    -

    cluster_name

    The cluster name where Traceable should create the service

    -

    cpu

    The number of vCPU for the runner

    2

    memory

    The memory (in GB) for the runner

    4

    task_role_arn

    The relevant task ARN

    -

    execution_role_arn

    The relevant execution role ARN

    -

    task_subnet_ids

    The relevant subnet IDs

    -

    task_security_group_ids

    The relevant security group IDs

    -

    cli_image

    The Traceable CLI image to be used as a runner

    traceableai/traceable-cli:latest

    traceable_server

    The Traceable server URL to interact with the platform

    api.traceable.ai

    traceable_api_token

    The Traceable platform API token. Navigate to Your AccountMy PreferencesAPI TokensGenerate API Token to generate a token.

    -

    runner_name

    The runner name

    -

    runner_log_group

    Log group for storing runner logs. These logs are visible post-stack creation.

    -

  6. Initialize Terraform — Enter the following command for initialization:

    terraform init
  7. Review Setup — Enter the following command to review the setup:

    terraform plan
  8. Apply the Configuration — Enter the following command to apply the configurations:

    terraform apply

Post-configuration, verify the created resources by checking the ECS service, task definition, and runner logs.

traceable_ast_runner_cf_created


Was this article helpful?