FAQ¶

This document provides answers to frequently asked questions during development.

Q. Where do I set the initial values for the development environment database?

A. Initialization scripts are provided under /backend/db/init. These scripts are executed when starting the local environment database. If you need to set initial values beforehand, please edit these scripts.

Q. How do I run Terraform when MFA is enabled?

A. Please configure the following in ~/.aws/config:

[profile myprofile]
output=json
region=ap-northeast-1
role_arn=arn:aws:iam::01234567890:role/<IAM-role-name>
mfa_serial=arn:aws:iam::12345678901:mfa/<IAM-user-name>

[profile myprofile-tf]
credential_process = aws configure export-credentials --profile myprofile

Use myprofile-tf in each Terraform configuration file. Set it as follows:

# terraform/infrastructure/oqtopus-dev/oqtopus-dev.tfbackend
bucket         = "xxxxxxxxxxxxxx"
key            = "xxxxxxxxxxxxxx"
encrypt        = true
profile        = "myprofile-tf"
region         = "ap-northeast-1"
use_lockfile   = true

# terraform/infrastructure/oqtopus-dev/terraform.tfvars
product = "oqtopus"
org     = "example"
env     = "dev"
region  = "ap-northeast-1"
db_user_name = "xxxxxxxxxxxxx"
profile = "myprofile-tf"

After running terraform init -backend-config=oqtopus-dev.tfbackend -reconfigure under terraform/infrastructure/oqtopus-dev, you can execute terraform plan to run Terraform with MFA authentication.

See details in here: Terraform AWS Provider Issue #2420