This project has been created to bootstrap your PHP project (Symfony, Laravel, Api Platform, or whatever ...) with Terraform.
Install dependencies and run the start command to have a full PHP stack running locally 🥳. Local configuration is described via the Docker provider in the terraform/docker directory.
After that, just run deploy-[provider] command to build your stack on your favorite provider. AWS-Lambda is for now the only available provider.
This project compile stuff from JoliCode Docker Starter, layers and Terraform learning resources.
😎 Pssst: Use this project as a Github template
Install the following dependencies:
Replace variables in Makefle
export TF_VAR_project_name=terraform
export TF_VAR_project_domain=terraform.test
export TF_VAR_php_version=8.1
You can additionally add context or custom variables in your terraform/docker/variables.tfvars
env = { # Environnement variables
APP_NAME = "tf-starter"
APP_DEBUG = true
APP_ENV = "prod"
Replace variables in terraform/docker/variables.tfvars
project_name = "terraform" # Your project name, used as a prefix of images and containers
project_domain = "terraform.test" # The local domain
php_version = "8.1" # The PHP version to use
env = { # Environnement variables
APP_NAME = "tf-starter"
APP_DEBUG = true
APP_ENV = "prod"
Configure your local host in the /etc/hosts file:
# Use the same domain as "project_domain" in the previous block
echo " terraform.test www.terraform.test" >> /etc/hosts
You optionally can install your favorite framework with installers:
make install-symfony
Start the local stack:
make start
Go to your project_domain
, you should now see your website content.
To configure deployment, you now have to read the appropriate section:
AWS Lambda provider use layers on top of AWS Lambda.
Replace or add variables in terraform/aws/variables.tfvars
if needed:
env = {
DEFAULT_REGION = "eu-west-3"
APP_NAME = "tf-starter"
APP_DEBUG = true
APP_ENV = "prod"
Deploy your application:
make lambda-deploy
This will output something like :
Apply complete! Resources: x added, x changed, x destroyed.
base_url = "https://**********"
function_name = "terraform"
lambda_bucket_name = "terraform-dev"
Go to the provided base_url, you should now see an :
Hello world!
: Project name used as function name.
: layer arn for your PHP version. The layer have to be in the same region
as your lambda. You will find a complete list here:
: The entrypoint of your script. Default is public/index.php
: AWS region. Default is eu-west-3
: AWS profile. Default is default
: Environment variables as an object. Ex: {FOO = "BAR"}
To go further ... (and you will)
Use installers to initialize the application
folder with your favorite framework.
⚠ It will clear the "application" folder content, and backup the old one with .old exentension.
make install-symfony
Continue the magic with the maker bundle. Example:
make builder
cd application
bin/console make:controller
make install-apip
make install-laravel
Add the following code to terraform/docker/
// Elasticsearch --------------------------------
resource "docker_image" "elasticsearch" {
name = "elasticsearch:7.16.2"
resource "docker_container" "elasticsearch" {
name = "${var.project_name}_elasticsearch"
image = docker_image.elasticsearch.latest
network_mode = "tf-starter_network"
env = ["discovery.type=single-node"]
volumes {
volume_name = "elasticsearch-data"
container_path = "/usr/share/elasticsearch/data"
labels {
label = "traefik.enable"
value = "true"
labels {
label = "traefik.http.routers.${var.project_name}-elasticsearch.rule"
value = "Host(`elasticsearch.${var.project_domain}`)"
labels {
label = "traefik.http.routers.${var.project_name}-elasticsearch.tls"
value = "true"
resource "docker_image" "kibana" {
name = "kibana:7.16.2"
resource "docker_container" "kibana" {
name = "${var.project_name}_kibana"
image = docker_image.kibana.latest
depends_on = [docker_container.elasticsearch]
network_mode = "tf-starter_network"
labels {
label = "traefik.enable"
value = "true"
labels {
label = "traefik.http.routers.${var.project_name}-kibana.rule"
value = "Host(`kibana.${var.project_domain}`)"
labels {
label = "traefik.http.routers.${var.project_name}-kibana.tls"
value = "true"
Add the following code to terraform/docker/
output "Elasticsearch" {
description = "Elasticsearch informations"
output "Kibana" {
description = "Elasticsearch informations"
Add the following code to terraform/aws-lambda/
resource "aws_elasticsearch_domain" "es" {
domain_name = local.elk_domain
elasticsearch_version = "7.7"
cluster_config {
instance_count = 3
instance_type = "r5.large.elasticsearch"
zone_awareness_enabled = true
zone_awareness_config {
availability_zone_count = 3
vpc_options {
subnet_ids = [,,
security_group_ids = [
ebs_options {
ebs_enabled = true
volume_size = 10
access_policies = <<CONFIG
"Version": "2012-10-17",
"Statement": [
"Action": "es:*",
"Principal": "*",
"Effect": "Allow",
"Resource": "arn:aws:es:${}:${data.aws_caller_identity.current.account_id}:domain/${local.elk_domain}/*"
snapshot_options {
automated_snapshot_start_hour = 23
tags = {
Domain = local.elk_domain
Add the following code to terraform/aws-lambda/
output "elk_endpoint" {
value =
output "elk_kibana_endpoint" {
value =
Add the following code to terraform/docker/
// Redis --------------------------------
resource "docker_image" "redis" {
name = "redis:6.2"
resource "docker_container" "redis" {
name = "${var.project_name}_redis"
image = docker_image.redis.latest
network_mode = "tf-starter_network"
volumes {
volume_name = "redis-data"
container_path = "/data"
resource "docker_image" "redis-insight" {
name = "redislabs/redisinsight"
resource "docker_container" "redis-insight" {
name = "${var.project_name}_redis_insight"
image = docker_image.redis-insight.latest
depends_on = [docker_container.redis]
network_mode = "tf-starter_network"
volumes {
volume_name = "redis-insight-data"
container_path = "/db"
labels {
label = "traefik.enable"
value = "true"
labels {
label = "traefik.http.routers.${var.project_name}-redis.rule"
value = "Host(`redis.${var.project_domain}`)"
labels {
label = "traefik.http.routers.${var.project_name}-redis.tls"
value = "true"
Add the following code to terraform/docker/
output "Redis" {
description = "Redis informations"
Add the following layer (match layer-version and region with
# ex: arn:aws:lambda:eu-west-3:403367587399:layer:redis-php-81:4
Add the following code to terraform/docker/
// RabbitMQ --------------------------------
resource "docker_image" "rabbitmq" {
name = "rabbitmq:3.9-management-alpine"
resource "docker_container" "rabbitmq" {
name = "${var.project_name}_redis_insight"
image = docker_image.rabbitmq.latest
network_mode = "tf-starter_network"
volumes {
volume_name = "rabbitmq-data"
container_path = "/var/lib/rabbitmq"
labels {
label = "traefik.enable"
value = "true"
labels {
label = "traefik.http.routers.${var.project_name}-rabbitmq.rule"
value = "Host(`rabbitmq.${var.project_domain}`)"
labels {
label = "traefik.http.routers.${var.project_name}-rabbitmq.tls"
value = "true"
labels {
label = ""
value = "15672"
Add the following code to terraform/docker/
output "Rabbitmq" {
description = "Rabbitmq informations"
Add the following layer (match layer-version and region with
# ex: arn:aws:lambda:eu-west-3:403367587399:layer:amqp-php-80:4
There are a lot a way to deal with multiple environments like preprod or prod. If your stack are basically similar between environments, you could create one workspace for each.
# Create a preprod workspace
terraform workspace new preprod
# Create a prod workspace
terraform workspace new prod
# List workspaces
terraform workspace list
After that, create in your provider working directory an environment
folder with
2 tfvars files, named as your workspaces.
(ex: aws-lambda/environment/preprod.tfvars.
Edit your Makefile commands for chosen provider and replace -var-file=variables.tfvars
-var-file=environment/$$(terraform workspace show).tfvars
Now you juste have to adapt your .tfvars files by environment, and navigate between your workspaces with:
# To use "prod" environment
terraform workspace select prod
Your commands will now automatically use the variable configuration who match the current workspace 🙌🏻.
After initialization, you can (should) safely remove useless providers, installer commands, replace the readme, etc.
Usefull stuff used in this repo (thanks to them):
- Docker starter:
- TF learning respources:
- Makefile tips: