๐ฏ Lab Goal
You will:
- Create an EC2 instance
- Install NGINX using remote-exec
- Save EC2 IP locally using local-exec
- Upload a file using file provisioner
- Verify everything in browser
๐งฑ STEP 1 โ Prerequisites (VERY IMPORTANT)
โ You must have:
- AWS account
- Terraform installed
-
Key pair created in AWS:
- Name:
terraform-key - Download:
terraform-key.pem
- Name:
โ Place file in your project:
provisioner-lab/
main.tf
terraform-key.pem
index.html
๐งฑ STEP 2 โ Fix Key Permissions (Mac/Linux)
chmod 400 terraform-key.pem
โ If you skip โ SSH WILL FAIL
๐งฑ STEP 3 โ Create index.html (file provisioner test)
๐ index.html
<h1>Welcome from Terraform Provisioner Lab</h1>
๐งฑ STEP 4 โ Security Group (AWS Console)
Allow:
| Type | Port | Source |
|---|---|---|
| SSH | 22 | 0.0.0.0/0 |
| HTTP | 80 | 0.0.0.0/0 |
Copy Security Group ID:
sg-xxxxxxxx
๐งฑ STEP 5 โ Full Terraform Code
๐ main.tf
provider "aws" {
region = "us-east-1"
}
resource "aws_instance" "web" {
ami = "ami-0c02fb55956c7d316" # Amazon Linux 2
instance_type = "t2.micro"
key_name = "terraform-key"
vpc_security_group_ids = ["sg-xxxxxxxx"] # replace
# โ
FILE PROVISIONER (upload HTML)
provisioner "file" {
source = "index.html"
destination = "/home/ec2-user/index.html"
connection {
type = "ssh"
user = "ec2-user"
private_key = file("terraform-key.pem")
host = self.public_ip
}
}
# โ
REMOTE-EXEC (install nginx + deploy page)
provisioner "remote-exec" {
inline = [
"sudo yum install nginx -y",
"sudo systemctl start nginx",
"sudo systemctl enable nginx",
"sudo mv /home/ec2-user/index.html /usr/share/nginx/html/index.html"
]
connection {
type = "ssh"
user = "ec2-user"
private_key = file("terraform-key.pem")
host = self.public_ip
}
}
# โ
LOCAL-EXEC (save IP locally)
provisioner "local-exec" {
command = "echo ${self.public_ip} > public_ip.txt"
}
tags = {
Name = "provisioner-lab"
}
}
๐งช STEP 6 โ Run Terraform
terraform init
terraform apply -auto-approve
โ๏ธ WHAT HAPPENS INTERNALLY
- EC2 instance created
- Terraform connects via SSH
- File provisioner uploads HTML
- Remote-exec installs nginx
- HTML moved to nginx folder
- local-exec saves IP to file
๐ STEP 7 โ VERIFY
โ Check local file
cat public_ip.txt
Example:
3.145.23.10
โ Open browser
http://<EC2_PUBLIC_IP>
๐ You should see:
Welcome from Terraform Provisioner Lab
๐งช STEP 8 โ TEST & BREAK (IMPORTANT FOR INTERVIEW)
โ Test 1: Wrong key
Change:
private_key = file("wrong.pem")
๐ Result:
- SSH fails
- Provisioning fails
โ Test 2: Remove port 22
๐ Result:
- Terraform hangs (waiting SSH)
โ Test 3: Remove sudo
๐ Result:
- Permission denied
- NGINX not installed
๐ STEP 9 โ DESTROY
terraform destroy -auto-approve
๐ง WHAT YOU LEARNED
Provisioners:
- file โ copy file
- remote-exec โ configure server
- local-exec โ run locally
Execution order:
- Create EC2
- file provisioner
- remote-exec
- local-exec
Key concepts:
self.public_ip- SSH connection block
- Key permissions
- Provisioner dependency on resource
๐ฏ REAL DEVOPS TIP (IMPORTANT)
๐ In production, replace this with:
-
user_data(bootstrap) - Ansible (config)
- Packer (pre-built AMI)
Top comments (0)