DEV Community

Cover image for DevSecOps Project: "Secure Full-Stack Node.js Web Application Deployment with Jenkins, Docker, Kubernetes, and HashiCorp Vault"

DevSecOps Project: "Secure Full-Stack Node.js Web Application Deployment with Jenkins, Docker, Kubernetes, and HashiCorp Vault"

H A R S H H A A on September 14, 2024

Table of Contents Project Overview Prerequisites Phase 1: Infrastructure Setup 1.1 Provision Kubernetes Cluster (EKS) 1.2 Set Up Je...
Collapse
 
bepoadewale profile image
Adewale Ayeni-Bepo

This was what I got when I tried doing no 1.1b:


│ Error: Reference to undeclared resource

│ on eks-cluster.tf line 10, in resource "aws_eks_cluster" "my_cluster":
│ 10: subnet_ids = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]

│ A managed resource "aws_subnet" "subnet1" has not been declared in the root module.


│ Error: Reference to undeclared resource

│ on eks-cluster.tf line 10, in resource "aws_eks_cluster" "my_cluster":
│ 10: subnet_ids = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]

│ A managed resource "aws_subnet" "subnet2" has not been declared in the root module.

Collapse
 
notharshhaa profile image
H A R S H H A A

Thanks for pointing this out! @bepoadewale It looks like the error is related to missing or undeclared subnet resources in the Terraform configuration.

To fix this, you’ll need to declare the subnets in your Terraform code. Here’s an example of how to define the subnets before referencing them in your aws_eks_cluster resource:

resource "aws_subnet" "subnet1" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-west-2a"
}

resource "aws_subnet" "subnet2" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.2.0/24"
  availability_zone = "us-west-2b"
}
Enter fullscreen mode Exit fullscreen mode

Once you declare the subnets like this, you can reference them in your EKS cluster configuration:

resource "aws_eks_cluster" "my_cluster" {
  name     = "my-cluster"
  role_arn = aws_iam_role.eks_cluster_role.arn

  vpc_config {
    subnet_ids = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]
  }
}
Enter fullscreen mode Exit fullscreen mode

This should resolve the error. Let me know if you run into any more issues! 👍

Collapse
 
sai_chowdary profile image
sai chowdary

And can you please add, after deployment how to handling the monitor and vulnerabilities. And Storting the deployment files too.

Collapse
 
notharshhaa profile image
H A R S H H A A

Thanks for the feedback! 😊 @sai_chowdary

Monitoring and handling vulnerabilities post-deployment are crucial parts of maintaining a secure and reliable application. I’ll consider adding a section on integrating tools like Prometheus and Grafana for monitoring, as well as Trivy or Aqua Security for vulnerability scanning.

As for storing the deployment files, I can definitely expand on best practices for organizing and storing them in version control (Git) for better traceability and collaboration. Stay tuned for updates! 👍

Collapse
 
venky_soma profile image
Venkatesh Soma

Good write up! How about integrating SonarQube or Snyk to do the static code analysis for shift left approach? :)

Collapse
 
notharshhaa profile image
H A R S H H A A

Thank you! @venky_soma 😊 I'm glad you liked the write-up!

Integrating SonarQube or Snyk for static code analysis is an excellent idea to enhance security and follow the shift-left approach. These tools can help catch vulnerabilities early in the development cycle. I’ll definitely consider adding a section on how to integrate SonarQube or Snyk into the pipeline for automated security checks. Thanks for the suggestion! 👍

Collapse
 
sherif_san profile image
Sherif sani

How do I become as good as you 😅.
Thanks anyways, I learned a lot reading this

Collapse
 
notharshhaa profile image
H A R S H H A A

Haha, you’re too kind! @sherif_san 😅

Honestly, it’s all about continuous learning and staying curious. Dive into hands-on projects, keep experimenting, and don’t be afraid to make mistakes — that’s where the real learning happens! I'm really glad you found the article helpful, and if you ever have any questions or need guidance, feel free to reach out! 🙌 Keep up the great work! 💪

Collapse
 
sai_chowdary profile image
sai chowdary

Good info, handling devsecops project and educating others a great job.all the best for your future endeavours

Collapse
 
notharshhaa profile image
H A R S H H A A

Thanks a lot mate 😊 @sai_chowdary

Collapse
 
shiful_islam_27265c68c14b profile image
Shiful Islam

Excellent writeup. Thanks for sharing.

Collapse
 
notharshhaa profile image
H A R S H H A A

Thanks 😊👍 @shiful_islam_27265c68c14b

Collapse
 
kazamihazaki profile image
Reiki

nice and clean jenkinsfile

can i looks how you deploy the jenkins and what plugin you installed ?