From Gentoo Wiki
Jump to:navigation Jump to:search


Gentoo uses some Terraform to manage various components that have terraform support; this helps support infra-as-code which we feel is important to manage infrastructure. For infra members, check out git+ssh://

Pushing updates

Currently terraform can control our onprem gitlab and our AWS deployment. Pushing updates requires two credentials:

- An AWS credential to access terraform state (s3, dynamodb).
- A credential for the target system (currently an AWS or gitlab credential.)

We will document how to get both.


infra-as-code/aws/accounts/$ARN/ is our aws control segment.


infra-as-code/gitlab/ is our gitlab control segment.

It stores terraform state on AWS; to use terraform apply you will need AWS creds. export AWS_SECRET_KEY_ID and AWS_SECRET_ACCESS_KEY for your role.