Source Code Walkthrough

Time to get our hands dirty with the actual Terraform code that powers Blueprints so we can see what it’s doing to create the form we just used. Let’s head back to the IaC Catalog page by clicking the “Return to Drafts” button on the bottom left-hand side of the screen.

We’re going to use the same “AWS S3 Buckt & KMS Key” test Blueprint and this time click the “Get Source Code” button. Clicking this button will download a Zip file containing the code for this Terraform Blueprint, code that’s ready to publish to AutoCloud and use as a form.

With the code downloaded, go ahead and unzip the file and open the "getting-started-aws" folder using your favorite IDE. Once opened, you should see a bunch of Terraform files that comprise the getting-started-aws Blueprint. You might see all of these .tf files and be tempted to think that this is a Terraform module - it’s not. The code you’re viewing is a Terraform Blueprint, which enforces controls on top of a set of Terraform modules and creates the form we just used. So just keep that in mind as we walk through the files. 

Now, before we publish and use the Blueprint, let’s take a look at some of these files in the Blueprint starting with the providers.tf file:

The purpose of the providers.tf file is to specify how this Blueprint can authenticate with the AutoCloud platform. You’ll see some information about an AutoCloud API endpoint, and a token which was automatically generated and inserted on line 28. This token is the mechanism that is going to allow us to publish the Blueprint to AutoCloud in a couple of minutes. To get you up and running quickly, AutoCloud has automatically generated this particular token for you to use with the quick start. Note that all of your existing tokens can be viewed and managed on the Settings > Terraform Provider page. Now that you understand the purpose of the providers.tf file let’s take a quick peek at the main.tf file.

The main.tf file is where all of the magic happens. It’s where we construct the Blueprint to enforce all of the controls we want to have on how our Terraform modules are used. This file is heavily commented so at the risk of being repetitive, we’re not going to walk through the actual code in the main.tf line by line. In addition to the comments, another tutorial in this series called Writing Terraform Blueprints By Hand dives deep into how to write code like you're seeing in the main.tf so feel free to take a look at that as an additional resource once you're done with this tutorial.

Let’s take a look at how the overall Blueprint is structured so you can understand its construction at a high level. For overall readability, I’m going to collapse all of the code blocks in this file in my VS Code editor so we can examine the code’s structure.

As you can see from the above screenshot, the Blueprint starts out with options for configuring GitHub repositories to make pull requests against when someone goes to use the Blueprint. 

If we jump down to line 51, we can see the code that creates the form configuration that users will be shown when they go to use the Blueprint. Line 117 starts the AWS configuration that we want to apply to all of the different modules within Blueprint.

Lines 136 through lines 386 configure how the KMS and S3 modules are to be used.

Lastly, lines 296 through lines 577 configure how Blueprint comes together, and how we ultimately expose the Blueprint to the user (in this case via a form).

Now that we understand the high-level structure of this Blueprint code, let's make a couple of changes to the code so it's ready for our nonexpert users can use.