One Command. Three Clouds. Zero Secrets in Code.
Imagine deploying a complete, production-ready application across AWS, Azure, and your on-premises vCenter — all with a single command. No hardcoded passwords. No manual configuration. No human errors. Just pure, automated infrastructure magic.
That's exactly what Bob helped us build with Project Atlas — a multi-cloud automation platform that orchestrates HashiCorp Vault, Terraform, and Ansible into a seamless deployment pipeline that works across three different cloud providers simultaneously.
# That's it. Seriously. One command:
atlas deploy
# Bob orchestrates:
# ✓ Vault authentication
# ✓ Terraform provisions 3 VMs (AWS + Azure + vCenter)
# ✓ Ansible configures everything
# ✓ Application deployed and running
# ✓ All in 5-10 minutes
Bob didn't just write code — Bob designed an entire automation symphony where each tool plays its perfect role:
The Problem: How do you deploy to three clouds without storing AWS keys, Azure credentials, and vCenter passwords in your code?
Bob's Solution: Designed a Vault-first architecture where every single credential is retrieved dynamically at runtime. No secrets in Git. No secrets in environment variables. Just secure, audited access through Vault.
# Bob configured Terraform to pull secrets from Vault
data "vault_generic_secret" "aws_creds" {
path = "aec-credentials/aws/aec-admin"
}
# Now Terraform uses these credentials without ever seeing them!
provider "aws" {
access_key = data.vault_generic_secret.aws_creds.data["access_key"]
secret_key = data.vault_generic_secret.aws_creds.data["secret_key"]
}
The Problem: Each cloud provider has different APIs, different resource types, different everything.
Bob's Solution: Created unified Terraform modules that abstract away cloud differences while maintaining cloud-specific optimizations. One configuration file deploys to all three platforms with consistent networking, security groups, and user provisioning.
# Bob's elegant solution: Same user, three clouds
locals {
common_user = "fwelder"
ssh_key = data.vault_generic_secret.ssh_keys.data["public_key"]
}
# AWS EC2 instance
resource "aws_instance" "atlas" {
# ... AWS-specific config
user_data = local.cloud_init_config
}
# Azure VM
resource "azurerm_virtual_machine" "atlas" {
# ... Azure-specific config
custom_data = local.cloud_init_config
}
# vCenter VM
resource "vsphere_virtual_machine" "atlas" {
# ... vCenter-specific config
# Same user, same SSH key, everywhere!
}
The Problem: Infrastructure is deployed, but it's just empty VMs. How do you configure them consistently?
Bob's Solution: Built an Ansible framework that automatically generates inventory from Terraform outputs, then deploys applications with zero manual intervention. Bob created reusable roles for everything from simple web servers to complex microservices architectures.
# Bob made Terraform generate Ansible inventory automatically
resource "local_file" "ansible_inventory" {
content = templatefile("${path.module}/inventory.tpl", {
aws_ip = aws_instance.atlas.public_ip
azure_ip = azurerm_public_ip.atlas.ip_address
vcenter_ip = vsphere_virtual_machine.atlas.default_ip_address
})
filename = "../ansible/inventory/hosts.yml"
}
# Now Ansible knows exactly where everything is!
# No manual inventory management ever again
The Problem: Even with automation, you still need to run multiple commands in the right order.
Bob's Solution: Created intelligent wrapper scripts that handle the entire workflow — authentication, deployment, configuration, verification, and cleanup — with built-in error handling and recovery.
# Bob's wrapper script handles everything
./manage-atlas.sh deploy
# Behind the scenes, Bob orchestrates:
# 1. Check Vault authentication
# 2. Run terraform plan (preview changes)
# 3. Run terraform apply (deploy infrastructure)
# 4. Generate Ansible inventory
# 5. Run Ansible playbooks (configure systems)
# 6. Display connection information
# 7. All with proper error handling!
Bob didn't just build one demo — Bob designed a complete progression from simple to sophisticated:
10-15 minutes
Three identical static websites across AWS, Azure, and vCenter. Perfect for showing the pattern without complexity.
✓ Great for beginners
20-30 minutes
Real e-commerce application with web tier (AWS), API tier (Azure), and database tier (vCenter) — all talking to each other across clouds!
✓ Production-realistic
30-45 minutes
Cloud-native architecture with 5+ containerized microservices, API gateway, service mesh, and message queues. The future of cloud apps.
✓ Cloud-native ready
25-35 minutes
Traditional VMs + Red Hat OpenShift on IBM Fusion HCI. Shows the migration path from legacy to cloud-native.
✓ IBM partnership showcase
┌─────────────────────────────────────────────────────────────┐
│ HashiCorp Vault (Kubernetes) │
│ • Centralized Secret Management │
│ • Dynamic Credential Generation │
│ • Audit Logging │
└────────────┬────────────────────────┬───────────────────────┘
│ │
↓ ↓
┌──────────────────────────┐ ┌──────────────────────────────┐
│ Terraform │ │ Ansible │
│ • Infrastructure as Code│ │ • Configuration Management │
│ • Multi-cloud provider │ │ • Application Deployment │
│ • State management │ │ • Orchestration │
└────────────┬─────────────┘ └────────────┬─────────────────┘
│ │
↓ ↓
┌─────────────────────────────────────────────────────────────┐
│ Multi-Cloud Infrastructure │
├──────────────────┬──────────────────┬──────────────────────┤
│ AWS (Public) │ Azure (Public) │ vCenter (Private) │
│ • EC2 Instances │ • Virtual │ • vSphere VMs │
│ • VPC/Subnets │ Machines │ • On-premises │
│ • Security │ • VNet/Subnets │ • Data sovereignty │
│ Groups │ • NSGs │ • Legacy systems │
└──────────────────┴──────────────────┴──────────────────────┘
Showcase enterprise multi-cloud automation capabilities to prospects and customers
Teach teams Infrastructure as Code patterns and best practices
Validate multi-cloud strategies before production deployment
Production-ready patterns for Vault + Terraform + Ansible integration
Bob created extensive documentation for every aspect of the project:
# The complete workflow Bob automated:
# 1. Authenticate to Vault
$ vlog
✓ Authenticated to Vault
# 2. Deploy infrastructure across three clouds
$ atlas apply
✓ AWS EC2 instance created
✓ Azure VM created
✓ vCenter VM created
✓ Ansible inventory generated
# 3. Configure all systems
$ atlas configure
✓ Common roles applied
✓ Security hardening complete
✓ Applications deployed
✓ All systems configured
# 4. Access your infrastructure
$ terraform output
aws_ip = "54.123.45.67"
azure_ip = "20.98.76.54"
vcenter_ip = "10.10.10.100"
# 5. Clean up when done
$ atlas nuke
✓ All resources destroyed
Project Atlas isn't just a demo — it's a production-ready framework that demonstrates how modern enterprises should approach multi-cloud infrastructure. Bob didn't just automate deployment; Bob created a complete methodology for secure, consistent, and repeatable infrastructure management across any cloud platform.
The Bottom Line: What used to take hours of manual work, multiple teams, and countless opportunities for error now happens in 5-10 minutes with a single command — and it works the same way every single time.