To install Terraform
for more updated info refer to the official website link.
Documentation
# download and install yum utils
sudo yum install -y yum-utils
# add the respective repository
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
# install the terraform
sudo yum -y install terraform
How to create a resource in Terraform
Example 1 : to create a local file in Terraform
- to create a resource in HCL( Hashicorp Configuration Language ) we use the following code block.
resource "local_file" "pet" {
filename = "/root/pets.txt"
content = "We love pets!"
}
# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "local_file" : Resource type
# "pet" : Resource Name
# filename : file path where file has to be created
# content : content which needs to be written in that file
Example 2 : to create an EC2 instance on AWS cloud
- to create ec2 instance using Terraform we can use below code.
resource "aws_instance" "webserver" {
ami = "ami-id"
instance_type = "t2.micro"
}
# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "aws_instance" : Resource type
# "webserver" : Resource Name
# ami : image id which will be used while creating the ec2 resource
# instance_type : type of instance which needs to be provisioned
Example 3 : to create S3 bucket on AWS cloud
- to create s3 bucket using terraform on AWS Cloud we can use below code.
resource "aws_s3_bucket" "data" {
bucket = "webserver-bucket-org-2207"
acl = "private"
}
# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "aws_s3_bucket" : Resource type
# "data" : Resource Name
# bucket : bucket name which will be assigned after resource has been created
# acl : type of access to private to given S3 bucket
Provider Versioning
- During Terraform init, if version arguemnt is not specified, the most recent provider will be downloaded during init process.
- For production use, we should constrain the acceptable version via configuration, to ensure that new version with breaking changes wont get automatically installed.
- to specify specific version we use
>=1.0|<=1.0|~>2.0 - by mentioning version terraform creates a lock file. which keeps the version mentioned in lock file.
- to define version in code we use
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
region = "us-east-1"
}
- dependency lock file allows us to lock to a specific version of the provider
- If a particular provider already has a selection recorded in the lock file, Terraform will always re-select that version for installation, even if a newer version has become available
- we can override this behaviour by adding the
-upgradeoption when we run terraform init.
Terraform Refresh
- terraform refresh command will check the latest state of your infrastructure and update the state file accordingly.
- we don't run this commande explicity
- this will be triggered automatically when we run
terraform planorterraform apply - this command is deprecated in newer versions of terraform
Authentication Configuration
- from security point of view, we should not keep credentials in a terraform file.
- we want our code to run successfully without hardcoding the secrets in the provider block.
- how to add config files
provider "aws" {
shared_config_files = ["/Users/tf_user/.aws/conf"]
shared_credentials_files = ["/Users/tf_user/.aws/creds"]
profile = "customprofile"
}
resource "aws_eip" "lb" {
domain = "vpc"
}
- if shared files config lines are not added to provider block, by default, terraform will locate files $HOME/.aws/config and $HOME/.aws/credentials on Linux and macOS.
- best way to store aws credentials is to use
aws cli.
Top comments (0)