Resource to IaC File Mapping

In today's cloud setups, companies use Infrastructure as Code (IaC) to maintain their infrastructure, with IaC serving as the primary reference point for the configurations of various cloud resources. However, systems like Sedai that apply optimized resource configurations can lead to differences between Sedai-managed configurations and those laid out in IaC scripts. Sedai's IaC integration addresses this issue by keeping both sets of configurations in sync.

Integration Workflow

The IaC integration within Sedai operates under the assumption that IaC configurations are managed and version-controlled within a Git repository, with support for Git-hosting platforms such as Bitbucket, Github, and GitLab.

Currently, when Sedai initiates a change, it triggers a pull request (or a merge request) to the designated IaC repository. This pull request contains Sedai’s updated configuration, and this workflow ensures any modifications made by Sedai undergo a review process within the version control system. You have the opportunity to inspect changes before they are merged into the IaC repository, and you also have the choice to auto-merge pull requests when you feel confident and comfortable with Sedai's changes.

In a future iteration of this feature, Sedai will introduce the option to issue an IaC pull request when it operates in Recommend Mode. In this workflow, Sedai will provide recommendations for configuration changes but will offload the execution of these recommendations to the IaC and its associated CI/CD pipeline. This approach ensures Sedai operates solely as an identifying and recommending tool without actually executing configuration changes.

Sedai offers three distinct modes for mapping resources to IaC configuration files, providing flexibility and adaptability to diverse infrastructure management needs:

1. Sedai-Managed Mode: Sedai takes complete control of configuration file management. It creates a new file for each resource and generates a standardized configuration file containing all necessary details. For example, in Terraform environments, this entails creating a Terraform values file.

2. Tag-Managed Mode: Resources are tagged with metadata indicating the full path of their corresponding IaC configuration file, along with the update variable name. Sedai utilizes these tags to effectively manage configurations.

3. IaC-Managed Mode: Sedai attempts to automatically identify the mapping between resources and IaC files, as well as the corresponding variables within those files. By analyzing the infrastructure and its associated IaC configurations, Sedai streamlines the mapping process for enhanced management efficiency.

In each of these modes, Sedai employs a confidence threshold to determine the accuracy of mappings. Low-confidence mappings are presented for verification to ensure transparency and allow you to confirm or adjust mappings as needed. This verification step enhances the reliability and accuracy of configuration management within Sedai and is used to enhance Sedai’s ability to autonomously map other resources to IaC files.