Intro to Terraform with AWS (basics of using terraform to manage AWS infrastructure)

Basics of using terraform to setup infrastructure with aws. We define our infrastructure as code and then we hand that code over to terraform and terraform is responsible for managing our entire infrastructure.

how we can use terraform to manage an EC2 instance.

main.tf

terraform {
  required_providers {
    aws = {
      # use aws 3.27 version of aws plugin provided by hashicorp
      source  = "hashicorp/aws"
      version = "~> 3.27"
    }
  }

  required_version = ">= 0.14.9"
}

provider "aws" {
  profile = "default"
  region  = "us-west-2"
}
terraform init

Go to the terminal and start terrform.

we can see that it installed the aws plugin into this directory. So every terraform project has its dependencies.

EC2 Resource Block

the resource block creates ec2 instance, security group, etc…

resource "aws_instance" "app_server" {
  ami           = "ami-830c94e3"
  instance_type = "t2.micro"

  tags = {
    Name = "ExampleAppServerInstance"
  }
}

After that, write this command:

terraform apply

Terraform state

I’ll be able to view the details about the current state of my infrastructure 

# show all of the resources 
terraform state list 

terraform state show aws_instance.app_server

Security Group Resource

assign a custom security group to this:

resource "aws_security_group" "app_sg" {
  name        = "app_sg"
  description = "Allow on port 8080"

  ingress {
    from_port        = 8080
    to_port          = 8080
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
}

Attach security group

resource "aws_instance" "app_server" {
  ami           = "ami-830c94e3"
  instance_type = "t2.micro"
  vpc_security_group_ids = [aws_security_group.app_sg.id]
  tags = {
    Name = "ExampleAppServerInstance"
  }
}
terraform fmt
terraform validate
terraform apply
You can see what’s change here
Enter the value “yes” and you will see this message
The EC2 instance security group has been modified.

Terraform destroy

terraform destroy

It undoes the plan. It destroys everything.

Data Block

data block allows us to query data about a resource that is managed not by terraform. I can use a data block to query aws to get the id of the ami. 

data "aws_ami" "app_ami" {
  # any ami that I own that starts with cocktails-app- and the most recent version
  most_recent = true
  name_regex  = "cocktails-app-*"
  owners      = ["self"]

}

Change ami value like this:

resource "aws_instance" "app_server" {
  ami                    = data.aws_ami.app_ami.id
  instance_type          = "t2.micro"
  vpc_security_group_ids = [aws_security_group.app_sg.id]
  tags = {
    Name = "ExampleAppServerInstance"
  }
}
terraform apply

Done!

Leave a Reply

Your email address will not be published. Required fields are marked *