What is Terraform?
- HashiCorp Terraform is an infrastructure as code (IaC) tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share.
Please visit my GitHub Repository for S3 articles on various topics being updated on constant basis.
Please visit my GitHub Repository for Terraform articles on various topics being updated on constant basis.
Let’s get started!
Objectives:
1. Sign in to AWS Management Console
2. Create the organizational structure
3. Create Image under S3-files directory, drag and drop Community-Builder.png image (object)
4. Under S3_files directory: Create 4 files - variables.tf, terraform.tfvars, main.tf, outputs.tf
5. Initialize Terraform
6. To generate the action plans
7. Create all the resources declared in main.tf configuration file
8. Validate all resources created
Pre-requisites:
- AWS user account with admin access, not a root account.
- Cloud9 IDE with AWS CLI.
Resources Used:
Steps for implementation to this project:
1. Sign in to AWS Management Console
- Make sure you're in the N. Virginia (us-east-1) region
2. Let’s create the following organizational structure as shown below.
3. Create Image under S3-files directory, drag and drop Community-Builder.png image (object)
- create Image folder
Go to File/Upload Local Files
- Drag and drop Community-Builder.png file
4. Under S3_files directory:
Create 4 files - variables.tf, terraform.tfvars, main.tf, outputs.tf
- 1. variables.tf - to declare all the global variables with a short description and a default value.
variable "access_key" {
description = "Access key to AWS console"
}
variable "secret_key" {
description = "Secret key to AWS console"
}
variable "region" {
description = "AWS region"
}
- 2. terraform.tfvars - Replace the values of access_key and secret_key by copying your AWS Access Key ID and Secret Access Key ID.
region = "us-east-1"
access_key = "<YOUR_ACCESS_KEY>"
secret_key = "<YOUR_SECRET_KEY>"
- 3. main.tf - Creating a S3 bucket and its components
provider "aws" {
region = var.region
access_key = var.access_key
secret_key = var.secret_key
}
##### Creating a Random String #####
resource "random_string" "random" {
length = 6
special = false
upper = false
}
##### Creating an S3 Bucket #####
resource "aws_s3_bucket" "bucket" {
bucket = "revbucket-${random_string.random.result}"
force_destroy = true
}
resource "aws_s3_bucket_public_access_block" "access_pub" {
bucket = aws_s3_bucket.bucket.id
block_public_policy = false
}
# Upload an object
resource "aws_s3_object" "object" {
bucket = aws_s3_bucket.bucket.id
key = "Community-Builder.png"
source = "Image/Community-Builder.png"
etag = md5("Image/Community-Builder.png")
}
# Creating Bucket Policy
resource "aws_s3_bucket_policy" "public_read_access" {
bucket = aws_s3_bucket.bucket.id
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"${aws_s3_bucket.bucket.arn}",
"${aws_s3_bucket.bucket.arn}/${aws_s3_object.object.key}"
]
}
]
}
EOF
}
- 4. output.tf - displays the output as bucket id.
output "s3-bucket-name" {
value = aws_s3_bucket.bucket.id
}
5. Initialize Terraform
- terraform init will check for all the plugin dependencies and download them if required, this will be used for creating a deployment plan.
cd S3-files
terraform init
6. To generate the action plans, run the below command:
terraform plan
7. Create all the resources declared in main.tf configuration file
terraform apply
8. Validate all resources created in the AWS Console
- bucket in the console
- object uploaded
- Select the image and dowload the image
- Go to the Downloads directory on your PC
- Open the image
- this means that the object is publicly accessible
Cleanup
- terraform destroy
What we have done so far
We have successfully created a S3 bucket, uploaded an object(image file), and publicly accessed the fileby downloading and opening it.
Check the resources in AWS Console
Top comments (0)