Skip to main content

Creating resources in the Modernisation Platform

Overview

Once your environment and networking have been created, now the fun begins and you can start building!

On environment creation, base Terraform resources are created for you in the modernisation-platform-environments repository in the environments folder.

These resources are preconfigured with a backend, providers etc, all that you need to start adding in infrastructure such as EC2s or RDS databases.

Creating new resources

  • Clone the Modernisation Platform environments repository: git clone git@github.com:ministryofjustice/modernisation-platform-environments.git
  • Create a new Terraform files or resources in your application folder under terraform/environments/
  • We recommend following standard Terraform best practices, such as creating a main.tf, or logically named Terraform files, such as database.tf or s3.tf
  • Environment specific variables can be passed in through an application_variables.json, defined as a local and referenced accordingly
  • Data lookups are provided for common things you may need from the platform such as subnets or DNS zones here

GitHub Permissions

  • For any files created in your application folder, your GitHub team will have permissions to create and merge pull requests.
  • Your GitHub team will be assigned as a codeowner for your application folder, so someone in your team will be required to review any pull requests before they can be merged.

Restrictions

  • The following files you will not be able to amend without an approving review from the Modernisation Platform team.

    • providers.tf
    • backend.tf
    • subnet_share.tf
    • networking.auto.tfvars.json
    • platform_*.tf
  • The ability to create some resources will be restricted and will require assistance from the Modernisation Platform team.

Next Steps

Once you have defined your infrastructure as code you can deploy your infrastructure to the Modernisation Platform.

Non Standard infrastructure

In order to maintain security some actions are not allowed in the environments repository and do not have the relevant permissions, for example creating IAM users, or VPCs.

However there are times when an application may reasonably want to create these resources, for example create a user for use with SES.

If you need to create any infrastructure which is not allowed in the environments repository, it can be created here - Modernisation Platform environments folders, in the relevant application folder. The Modernisation Platform team will need to approve any PRs adding code to this repository.

This page was last reviewed on 21 June 2024. It needs to be reviewed again on 21 December 2024 by the page owner #modernisation-platform .
This page was set to be reviewed before 21 December 2024 by the page owner #modernisation-platform. This might mean the content is out of date.