In the tutorial, I will walk you through how to setup a terraform development environment on AWS EC2 ubuntu OS.
For some scenarios, we have to use a specific OS for development or deployment. For example, your local PC is Mac OS or Windows, but you need to deploy Terraform resources in a Linux machine. The easiest way is to setup the development environment on a virtual machine such as EC2 instances as you need. The tutorial only focuses on the setup details of the environment, so that you can deploy Terraform resources to the Cloud (for example, AWS). We won't dive into Terraform advanced concepts or how to launch an EC2 instance on AWS, etc.
Preprequisties
- An AWS EC2 instance (with Ubuntu OS) launched.
- Your EC2 instance security group is allowed for inbound traffic from the network.
- (Optional) Install VSCode on your local machine. We are going to leverage VSCode Remote-SSH plugin to connect to and run our Terraform demo project on EC2 for testing purposes. You will perform the following steps:
Step 1. SSH Login EC2
SSH into your EC2 instance from terminal using below command. Double check the security group allows inbound traffic for SSH on port 22 if you meet a timeout error.
ssh -i "the_key.pem" ubuntu@xxx.xxx.xxx.xxx
Step 2. Install Terraform
The Hashicorp officially provides a detailed tutorial and terraform installer packages for installing Terraform according to different OS versions.
In the demo, I selected Linux -> Ubuntu/Debian.
If you are restricted by a firewall or your company locks down your VMs and they have to connect to the Internet through proxy. You should configure the proxy first.
In the last step, instead of installing the latest version, we install a specific version 1.4.2 by running sudo apt-get install terraform=1.4.2. Then verify the installation by running terraform --version.
If you have a network performance issue, the installation may fail. HashiCorp provide several way to install Terraform. One of them is to download the Terraform binary package from https://releases.hashicorp.com/terraform. Access the required version and locate the download for your platform. You will find a lot of options based on OS and computer hardware.
# Download binary file from official release website
wget https://releases.hashicorp.com/terraform/1.4.2/terraform_1.4.2_linux_amd64.zip
# Download and verify the checksum of the file
# Download the SHA256SUMS file
wget https://releases.hashicorp.com/terraform/1.4.2/terraform_1.4.2_SHA256SUMS
cat terraform_1.4.2_SHA256SUMS
# Verify the checksum of the downloaded .zip file
sha256sum terraform_1.4.2_linux_amd64.zip
The checksum should match the one listed in the SHA256SUMS file. If so, move to the next step. If not, do not use the file and instead delete it. You would need to investigate further as to why the checksums don't match.
# Rename the zipped file to terraform.zip.
mv terraform_1.4.2_linux_amd64.zip terraform.zip
# Unzip the file
unzip terraform.zip
# Move the unzipped file to the binaries directory
mv terraform /usr/bin
# Validate the installation
terraform version
The path to the binaries directory in your version of Linux might be different. For example: /usr/local/bin. Make sure to add it to your list of paths ($PATH)
That's it! You now have a working installation of Terraform.
Step 3. Install AWS CLI & GIT
Install AWSCLI on our EC2 instance following the official document, and GIT command in order to download source code from Github using below command.
sudo apt-get install git
Step 4. (Optional) Enable VSCode Remote-SSH
In the step, I'm going to use VSCode to create a Terraform project for demo purpose. If you are not quite familiar with VSCode and just want to setup a Terraform environment, you can skip this step, and download the demo project from Github in the next step.
Follow the official tutorial to install the extension and configure the VSCode. Here is the SSH configuration file I configured.
# Read more about SSH config files: https://linux.die.net/man/5/ssh_config
Host workpc
HostName xxx.xxx.xxx.xxx
User ubuntu
IdentityFile=path_to_pem_file
After done, repeat the previous step to connect to host, and choose workpc that we just configured. Or you can follow the tutorial https://code.visualstudio.com/docs/remote/ssh-tutorial#_connect-using-ssh.
If you are restricted by a firewall or your company locks down your VMs and they cannot connect to the Internet, the Remote - SSH extension won't be able to connect to your VM because VS Code needs to download a component called the VS Code Server to the remote machine.
However, you can now solve this issue with a new user setting in the Remote - SSH extension. If you enable the setting remote.SSH.allowLocalServerDownload, the extension will install the VS Code Server on the client first and then copy it over to the server via SCP.
Step 5. Create a Terraform project
Download the source code from https://github.com/camillehe1992/setup-terraform-env-on-ec2.
cd into the root directory, there is a simple main.tf file. This is a complete configuration that you can deploy with Terraform. In the configuration, we are going to deploy an EC2 instance with the given AMI ID in region cn-north-1. The AMI ID used in this configuration is specific to the region.
Find the detailed description for each block of this configuration from https://developer.hashicorp.com/terraform/tutorials/aws-get-started/aws-build.
If you skip the previous step, you can edit the source code from terminal using nano or vim.
Step 6. Configure AWS Credentials
In order to deploy AWS resources to the cloud using Terraform, we need to setup credentials in the EC2 instance. The most direct way is to configure the credentials using AWSCLI. However, I recommend to use IAM role to grant permission for deployment. You can choose as you want.
Option 1. Use Instance Profile of the IAM Role
You need to create an IAM role with suitable permissions. For example, if you want to deploy a lambda function in AWS, you have to add policy lambda: CreateFunction. This is just an example, the real scenario is more complex and you should better define your IAM role following principles of least privilege.
To simplify, you can create an IAM role with EC2 as the trusted entity, then add permission AdministratorAccess on it. But please keep in mind, this is not a good practice and not recommended in a real project.
Attach the newly created IAM role to your instance.
Relogin the instance. Run aws sts get-caller-identity to check that the role is attached to instance successfully.
Option 2. Configure Credentials using AWS CLI
You should create an IAM user with suitable permissions to deploy AWS resources. Then create an AKSK (access key and secret key for it). Finally follow https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html to setup credentials using aws configure command.
Step 7. Build Terraform Infrastructure
Run below command to deploy the EC2 instance defined in main.tf to the AWS environment.
# Initializing the backend...
terraform init
# Create infrastructure
terraform apply
You have now created infrastructure using Terraform! Visit the EC2 console and find your new EC2 instance.
Summary
In this tutorial, you have learned how to install Terraform and AWS CLI on the EC2 instance and configure AWS credentials so that you can deploy terraform resources to AWS environment. With VSCode Remote setup, you can use VSCode IDE to connect to EC2, and write code just like in the local machine.
I'm always looking forward to any comments and suggestions. Thank you.
Top comments (0)