DEV Community

Linux_guy
Linux_guy

Posted on • Edited on

Terraform Beginners Blog

To install Terraform

for more updated info refer to the official website link.
Documentation

# download and install yum utils
sudo yum install -y yum-utils

# add the respective repository
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo

# install the terraform
sudo yum -y install terraform
Enter fullscreen mode Exit fullscreen mode

How to create a resource in Terraform

Example 1 : to create a local file in Terraform

  • to create a resource in HCL( Hashicorp Configuration Language ) we use the following code block.
resource "local_file" "pet" {
    filename = "/root/pets.txt"
    content = "We love pets!"
}

# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "local_file" : Resource type
# "pet" : Resource Name
# filename : file path where file has to be created
# content : content which needs to be written in that file
Enter fullscreen mode Exit fullscreen mode

Example 2 : to create an EC2 instance on AWS cloud

  • to create ec2 instance using Terraform we can use below code.
resource "aws_instance" "webserver" {
    ami = "ami-id"
    instance_type = "t2.micro"
}

# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "aws_instance" : Resource type
# "webserver" : Resource Name
# ami : image id which will be used while creating the ec2 resource
# instance_type : type of instance which needs to be provisioned
Enter fullscreen mode Exit fullscreen mode

Example 3 : to create S3 bucket on AWS cloud

  • to create s3 bucket using terraform on AWS Cloud we can use below code.
resource "aws_s3_bucket" "data" {
    bucket = "webserver-bucket-org-2207"
    acl = "private"
}

# description of the code block
--------------------------------
# resource_argument : Description
---------------------------------
# resource : block type
# "aws_s3_bucket" : Resource type
# "data" : Resource Name
# bucket : bucket name which will be assigned after resource has been created
# acl : type of access to private to given S3 bucket
Enter fullscreen mode Exit fullscreen mode

Provider Versioning

  • During Terraform init, if version arguemnt is not specified, the most recent provider will be downloaded during init process.
  • For production use, we should constrain the acceptable version via configuration, to ensure that new version with breaking changes wont get automatically installed.
  • to specify specific version we use >=1.0 | <=1.0 | ~>2.0
  • by mentioning version terraform creates a lock file. which keeps the version mentioned in lock file.
  • to define version in code we use
terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "~> 3.0"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}
Enter fullscreen mode Exit fullscreen mode
  • dependency lock file allows us to lock to a specific version of the provider
  • If a particular provider already has a selection recorded in the lock file, Terraform will always re-select that version for installation, even if a newer version has become available
  • we can override this behaviour by adding the -upgrade option when we run terraform init.

Terraform Refresh

  • terraform refresh command will check the latest state of your infrastructure and update the state file accordingly.
  • we don't run this commande explicity
  • this will be triggered automatically when we run terraform plan or terraform apply
  • this command is deprecated in newer versions of terraform

Authentication Configuration

  • from security point of view, we should not keep credentials in a terraform file.
  • we want our code to run successfully without hardcoding the secrets in the provider block.
  • how to add config files
provider "aws" {
  shared_config_files = ["/Users/tf_user/.aws/conf"]
  shared_credentials_files = ["/Users/tf_user/.aws/creds"]
  profile = "customprofile"
}

resource "aws_eip" "lb" {
  domain = "vpc"
}
Enter fullscreen mode Exit fullscreen mode
  • if shared files config lines are not added to provider block, by default, terraform will locate files $HOME/.aws/config and $HOME/.aws/credentials on Linux and macOS.
  • best way to store aws credentials is to use aws cli.

Top comments (0)