Gestionar Tareas de Infrastructure as Code (IaC) | GitScrum

Rastrea desarrollo IaC con review, testing y despliegue adecuados. GitScrum gestiona trabajo Terraform, Pulumi y CloudFormation de forma segura.

4 min de lectura

How to manage Infrastructure as Code (IaC) tasks?

Manage IaC tasks by treating infrastructure changes like code: version controlled, code reviewed, tested in staging, and deployed with rollback plans. Create tasks with clear change scope, require plan review before apply, document in NoteVault, and use labels to identify infrastructure-affecting work.

IaC labels

Label	Purpose
infra	Infrastructure task
iac:terraform	Terraform change
iac:pulumi	Pulumi change
iac:cloudformation	CloudFormation change
risk:high	High-risk change
risk:low	Low-risk change
needs-plan-review	Plan output needs review
deployed:staging	Tested in staging

IaC board columns

Column	Purpose
Backlog	Planned infra work
Development	Writing IaC code
Plan Review	terraform plan reviewed
Staging	Deployed to staging
Production	Deployed to production
Verified	Monitoring confirmed

IaC task template

## Infra: [Change Description]

### Resources Affected
- [ ] AWS RDS instance (resize)
- [ ] Security group rules (update)
- [ ] IAM roles (no change)

### Blast Radius
- Database: 5 second failover
- Application: Brief connection reset
- Users: Minimal impact during off-hours

### Terraform Plan

Resources to change

~ aws_db_instance.main instance_class: "db.t3.medium" -> "db.t3.large"

Plan: 0 to add, 1 to change, 0 to destroy


### Deployment Steps
1. [ ] Run plan, verify output
2. [ ] Deploy to staging
3. [ ] Verify staging healthy
4. [ ] Schedule production window
5. [ ] Deploy to production
6. [ ] Verify production healthy
7. [ ] Update documentation

### Rollback Plan
1. Run `terraform apply -target=aws_db_instance.main`
2. Revert instance_class to "db.t3.medium"
3. Apply and verify

### Monitoring
- [ ] Database connections normal
- [ ] Application latency normal
- [ ] No error rate increase

IaC workflow:

Create task - Document change scope

Write code - Terraform/Pulumi changes

Run plan - Generate change preview

Code review - Review IaC + plan output

Deploy staging - Test in non-prod

Verify staging - Confirm working

Schedule production - Maintenance window if needed

Deploy production - Apply changes

Monitor - Watch for issues

Document - Update NoteVault

Risk assessment matrix

Change Type	Risk	Approach
New resource	Low	Standard deploy
Resource modification	Medium	Plan review required
Resource deletion	High	Maintenance window
Network changes	High	Maintenance window
IAM changes	Medium	Security review
Database changes	High	Backup first

NoteVault infrastructure documentation

# Infrastructure Documentation

## Architecture
[Diagram or description]

## Environments
| Environment | Account | Region |
|-------------|---------|--------|
| Development | dev-123 | us-east-1 |
| Staging | stg-456 | us-east-1 |
| Production | prd-789 | us-east-1, eu-west-1 |

## Terraform Workspaces
| Workspace | Environment | State |
|-----------|-------------|-------|
| dev | Development | S3 |
| stg | Staging | S3 |
| prd | Production | S3 |

## Change Log
### 2025-01-27 - RDS Resize
- Changed db.t3.medium → db.t3.large
- Reason: CPU constraints
- Impact: 5s failover during change