Skip to main content
Version: Next

Google Cloud - Terraform & Atlantis

Terraform is our infrastructure as code layer and we manage our Terraform workflows with atlantis automation.

Making Changes In Terraform

Quite often, when using Terraform we apply the changes directly by using the CLI. We suggest you change your IaC practice to a more GitOps oriented way by applying Terraform changes using Atlantis.

The second GitOps principles, versioned and immutable, stipulate that the desired state be stored in a way that enforces immutability, versioning and retains a complete versions’ history, mention that we should keep track of changes to our Terraform files. You can easily achieve this by adding your file to Git, and using pull requests or merges for adding modified files directly inside the gitops repository. In addition to versioning, it enhances collaboration, visibility, and by keeping a complete history of the changes, make it easier to rollback if problems arise. Using Atlantis also provide you with a lock mechanism which prevents possible conflicts with colleagues working on the same projects. All in all, it's a small change to our habits that bring a lot of benefits.

Automatic Plans With Atlantis

Any change request that includes a .tf file will prompt atlantis to wake up and run your Terraform plan. Atlantis will post the plan's result to your change request as a comment within a minute or so.

Review and approve the change request.

You can always run a new Terraform plan by commenting directly in your pull request with the words atlantis plan.

Apply and Merge

Add the comment atlantis apply in the approved change request. This will prompt Atlantis to wake up and run your terraform apply.

The apply results will be added to your change request comments by Atlantis.

If the apply is successful, your code will automatically be merged with main, your change request will be closed, and the state lock will be removed in Atlantis.

Managing Terraform State

The following table shows how state is stored based on your installation selection:

State BackedAWSLocalCivoAzure
AWS S3 BucketX
Civo object storeX
Azure container storageX
MinIO (locally)X

Tips

What is the general flow of changes using Atlantis for IaC?

  • Create a Commit and Change Request: The change described by Terraform instructions will be created in a PR at a folder which Atlantis is listening for it. Once the Change Request is created on GitHub/GitLab, Atlantis will plan it and show possible impacts of it.
  • Approve the change: Once you are ready, someone with access will provide atlantis apply on the change request, triggering the process of executing the plan created.
  • Change is applied by Atlantis: Atlantis will execute the Terraform plan, and Terraform will update shared statestore with new current state changes, change request will be merged to main, reflecting the new desired state.
The term "Change Request" is a "Pull Request" on GitHub and "Merge Request" on GitLab.

What can I use Atlantis & Terraform for?

For example, you can use your gitops repository to help track the creation of repositories:

With Terraform using the S3 based state store, you can add any Terraform file to the gitops repository on which Atlantis is listening for and Atlantis will try to plan and when approved to apply such plan for you.

Beyond repositories and users, Atlantis allow you to have your IaC demands to be tracked by your main branch registry. Easing up the usage of Terraform based workflows to update the infrastructure you are operating.