I can’t say this often enough, I love to automate manual repetitive tasks. An automated process save time and reduces mistakes. For that reason, I want to share a new example with you. Moreover, I use the Microsoft Power Platform together with AWS cloud in perfect harmony. So here is the story: some days ago, I stumbled upon a terraforming process for new AWS Accounts.
The initial idea was, to prepare reusable and preconfigured building blocks. In other words, my developers created a lot of templates based on Terraform scripts. But there was still a manual part of this process. Yes, this manual task was assembling and configuring of such cloud blocks into a new IaC (infrastructure as code) repository for the new account. Furthermore, this was done by our end user team:
This means in detail, I started to setup my new AWS Account as an end user. Moreover, I collect the building blocks such as AWS S3 Bucket (similar to an Azure Storage Account) from my template storage. Afterwards, I copied these files into my new GitHub repository. Furthermore, I changed the configuration files of each IaC script package in my target repository. For this, I must understand the templates and its configuration files. This is OK for me, but not for our end users.
In addition, the entire setup process usually takes up to 5 days per AWS Account. To explain, our end users communicated a lot with our developers to understand the template setup and get started with the infrastructure. A very tedious and error-prone task with a lot of frustration on both sides.
I tell you, there is a better way! After all, what my end users need is an automated repository setup. In detail the end users need some magic to assemble and setup their IaC repositories. Yes, let me show you, how I automate this process!
Setup GitHub Repository as AWS Lambda
Well, you might automate such a process in a Power Automate Flow or Logic App. But to be honest, I need some Pro-Developer skills to automate the full process. In other words, I need a service that contains 2 essential functionalities to difficult for a Power Automate Flow.
The main requirements for my service are:
- Provide a list of available artifacts (IaC templates) including the needed configuration.
- Setup a GitHub repository by
- Clone my GitHub IaC repository.
- Download the artifacts into my IaC repository.
- Create configuration files in my IaC repository.
Furthermore, my IT want to host my service in its AWS Account. To reduce the footprint, I also want to design my service cost efficient. This means I create my service as a Serverless API. In conclusion, I choose an AWS Lambda (similar to an Azure Function) function to host my service. Here is my high-level architecture:
As you also see, I use an AWS DynamoDB to store information about my IaC component. These are per example the location in my respective S3 Bucket (for my IaC Artifacts) and the configuration template as JSON. Furthermore, I store a central PAT as secret in an AWS Secrets Manager. Finally, I expose my service with an AWS API Gateway.
Great, my API is now in please. Its time to reach out to my users with a simple user interface. I use for this a canvas app in Dataverse for Teams. This offers me the flexibility of Dataverse in combination with a good license model. Furthermore, my user teams use Microsoft Teams as communication platform.
You see also, I add an API Management Gateway to my architecture. This is because, I want to import the API from my API Management Gateway as custom connector in my Dataverse environment. In addition, I use also the Information stored in Dataverse.
Here is a preview my current canvas app prototype. The app allows my users to select their GitHub repositories, which are associated to the respective AWS Account. Furthermore, my user can select, configure, and add these prepared setup information to a list. Afterwards a whole configuration will be stored in Dataverse.
Finally, the completed end-user setup is used to setup the IaC repository in GitHub. This means, my canvas app will send the configuration by using a custom connector. Moreover, I use my API Management Gateway from my custom connector to forward the request directly to my AWS stack. Here, is my API Endpoint of my Serverless Lambda function. As result, my Lambda uses the prepared configuration (JSON) to execute my repository setup, assemble and configure the IaC artifact.
Running the setup of my repository is done in the background. Behind the scenes, my API clones the specified GitHub repository, copies all the artifacts from S3 into the local repository, configures the services, commit all changes, and push this back to the remote repository. This is common and repetitive developer process with Git.
Done and less than 1 minute! Ok, that execution was really fast! I navigate into my GitHub repository to check the result. As you can see, my infrastructure components are there. Furthermore, my configuration is applied to my IaC scripts:
Now I can create a Pull Request and review the changes. Wow, this was really an automated repository setup!
Let’s wrap this up. First, I explained in my example, why I an automated repository setup for my end users is useful. This process was manual with all the down sides for my end users. Per example, the setup of a new IaC repository took up to 5 days and was extremely error prone.
Secondly, I showed you my technical solution for this manual process. In other words, I created an API that automated our infrastructure as code repository setup for new AWS Accounts. Furthermore, I did this with a small solution based on cost efficient AWS Serverless technology. I used an AWS Lambda function.
Afterwards, I explained how I use the Microsoft Power Platform to provide a simple user interface for my automated process. I created a canvas app. This was in my opinion a perfect solution, because I did this in Dataverse for Teams. In addition, I used a custom connector and an API Management Gateway to call my API in my AWS stack.
Overall, my automated repository setup worked very well. What can I say, business applications meet APIs. Microsoft Power Platform and AWS Cloud create value for my end users: Together and in perfect harmony!