Unified Infrastructure-as-Code (IaC) Framework for AWS, Azure, and GCP.
In modern enterprise environments, "Multi-Cloud" is a requirement for high availability and disaster recovery. However, managing fragmented consoles leads to configuration drift and security gaps.
I developed this framework to demonstrate Unified Infrastructure Orchestration. Using Terraform, this project provisions a standardized compute and networking environment across AWS, Azure, and Google Cloud Platform simultaneously. This serves as a "Single Source of Truth," ensuring that security groups, firewall rules, and VM configurations remain consistent regardless of the underlying provider.
- Cloud-Agnostic Deployment: Single-command provisioning across heterogeneous cloud environments.
- Unified Security Posture: Standardized ingress/egress rules (ICMP/SSH) mapped across AWS Security Groups, Azure NSGs, and GCP Firewall Rules.
- Automated Metadata Injection: Dynamic SSH key injection and secondary metadata handling for rapid access post-deployment.
- State-Driven Lifecycle: Full lifecycle management (Plan, Deploy, Destroy) to ensure zero resource leakage and cost control.
- IaC Tool: Terraform (
brew install terraform) - Cloud CLIs: AWS CLI, Azure CLI, Google Cloud SDK
- Environment: Linux (Ubuntu/Debian/Amazon Linux)
- Required Credentials:
- AWS: IAM Access Keys
- Azure: Service Principal (Client ID, Tenant ID, Secret)
- GCP: Service Account JSON key file
Multi-Cloud-IaC/
├── main.tf # Multi-provider resource definitions
├── providers.tf # Cloud authentication & backend config
├── variables.tf # Parameterized configurations
├── outputs.tf # Aggregated public endpoint data
├── terraform.tfvars # (Git-Ignored) Secret keys and regions
└── .gitignore # Excludes state files and sensitive keys
To allow Terraform to communicate with your cloud accounts, you must retrieve the following:
- AWS: Navigate to IAM > Users and create an access key.
- Azure: Create a Service Principal:
az ad sp create-for-rbac --name terraform-user --role Contributor --scopes /subscriptions/<id> - GCP: Create a Service Account in IAM & Admin and download the JSON key.
Create a terraform.tfvars file to hold your specific environment keys:
# AWS
aws_region = "us-east-2"
# Azure
azure_ssh_public_key = "~/.ssh/id_rsa.pub"
# GCP
gcp_project_id = "your-project-id"
gcp_credentials_file = "/path/to/your/gcp-key.json"terraform init # Initialize providers
terraform validate # Check for syntax errors
terraform plan # Review infrastructure changes
terraform apply # Deploy to all three cloudsOnce applied, the framework returns a unified access report with the public IPs:
aws_vm_public_ip = "3.12.xxx.xxx"
azure_vm_public_ip = "20.124.xxx.xxx"
gcp_vm_public_ip = "34.135.xxx.xxx"
AWS:
ssh -i ~/.ssh/id_rsa ec2-user@<AWS_IP>
Azure:
ssh -i ~/.ssh/id_rsa azureuser@<Azure_IP>
GCP:
ssh -i ~/.ssh/id_rsa demo@<GCP_IP>
To avoid unnecessary cloud costs, destroy all resources when finished:
terraform destroy