Getting Started with Terraform on AWS: Infrastructure as Code the Right Way

A practical guide to setting up Terraform and AWS CLI on Ubuntu — from zero

Why you should Start Caring About Infrastructure as Code

Let me paint a picture that might sound familiar.

You're deploying an application. You spin up an EC2 instance manually through the AWS console, configure a security group, set up an S3 bucket, tweak some IAM permissions — and everything works.

Two weeks later, you need to do the exact same thing for a staging environment. You click through the console again, trying to remember every setting you configured the first time. Did you allow port 443? Which AMI did you use? Why is staging behaving differently from production?

Sound familiar? That's exactly the problem Infrastructure as Code (IaC) solves — and it's why I decided to get serious about Terraform.

What Is Infrastructure as Code, Really?

It is exactly what it sounds like — instead of manually clicking through consoles or running one-off commands to provision your infrastructure, you write code that describes what your infrastructure should look like, and it handles the rest(infrastructure provisioning and state management).

But it's more than just automation. IaC fundamentally changes how you think about infrastructure:

• Consistency — your dev, staging, and production environments are built from the same code. No more "but it works on my environment" problems
• Speed and scale — need 10 servers instead of 1? Change a number in your config and apply. Done
• Version control — your infrastructure lives in Git just like your application code. You can see who changed what, when, and why
• Repeatability — destroy everything and rebuild it identically in minutes
• Cloud flexibility — IaC works both on-premises and across public cloud providers, giving you a consistent workflow regardless of where your infrastructure lives.
• Multi-cloud - IaC tool i.e terraform, can be used by all the cloud providers for infrastructure provisioning

The goal is simple: remove manual, error-prone tasks from your infrastructure workflow and replace them with something consistent, professional, and repeatable.

The there are many IaC tools but, in the next 30 days, we're focusing on Terraform on AWS — the starting point because the skills transfer across clouds.

What we are building on Day One (and what you will accomplish today)

✅ Terraform installed on Ubuntu

✅ Shell autocompletion enabled for Terraform

✅ AWS CLI installed and configured

✅ A working connection between Terraform and your AWS account

Let's get into it.

Prerequisites

Before we start, make sure you have:

• An Ubuntu machine (I'm running Ubuntu 22.04 LTS — steps are similar for 20.04)
• An AWS account (free tier works perfectly for learning)
• An IAM user with programmatic access (we'll touch on this)
• Basic comfort with the terminal

Beginner tip: If you're brand new to the terminal, don't worry. Every command I run, I'll explain what it's doing and why.

Step 1: Installing Terraform on Ubuntu

HashiCorp provides an official package repository for Ubuntu, which is the cleanest way to install Terraform. This means you'll also get updates automatically through apt.

1.1 Install Required Dependencies

First, let's make sure we have the tools needed to add a new package repository:

sudo apt-get update && sudo apt-get install -y gnupg software-properties-common

What this does:

• apt-get update — refreshes your local package list
• gnupg — allows us to verify the authenticity of the HashiCorp package
• software-properties-common — gives us tools to manage additional repositories

1.2 Add the HashiCorp GPG Key

We need to verify that the packages we're downloading are genuinely from HashiCorp:

wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null

1.3 Add the Official HashiCorp Repository

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list

What's happening here? $(lsb_release -cs) automatically detects your Ubuntu version (e.g., jammy for 22.04, focal for 20.04) so the right packages are pulled. Neat.

1.4 Install Terraform

sudo apt-get update && sudo apt-get install terraform

1.5 Verify the Installation

terraform -version

You should see output similar to:

If you see that version output — Terraform is installed.

Step 2: Enable Terraform Autocompletion

This is a small step that makes a big difference in your day-to-day workflow. Autocompletion lets you press Tab to complete Terraform commands, subcommands, and flags — massive time saver.

2.1 Install the Autocomplete Package

terraform -install-autocomplete

It does not return any output

2.2 Reload Your Shell

exec $SHELL

Or simply close and reopen your terminal.

Test It

Type terraform in your terminal, then press Tab twice. You should see a list of available commands pop up:

As Terraform projects grow, you'll be working with longer resource names and module paths where tab completion saves you from a lot of typos.

Step 3: Installing the AWS CLI on Ubuntu

Terraform needs to communicate with AWS on your behalf. The AWS CLI handles authentication and provides the credentials Terraform will use. Let's get it installed.

3.1 Download the AWS CLI v2 Installer

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

3.2 Unzip the Installer

sudo apt-get install unzip -y
unzip awscliv2.zip

3.3 Run the Installer

sudo ./aws/install

3.4 Verify the Installation

aws --version

Expected output:

Step 4: Configuring the AWS CLI

Now we need to connect the AWS CLI to your actual AWS account. To do this, you'll need an IAM user with programmatic access.

4.1 Create an IAM User (Quick Overview)

If you haven't already:

1. Log into your AWS Console
2. Navigate to IAM → Users → Create User
3. Give the user a name (e.g., terraform-admin)
4. Under Permissions, attach the AdministratorAccess policy (for learning — tighten this for production)
5. After creating the user, go to Security Credentials → Create Access Key
6. Choose CLI as the use case
7. Download or copy your Access Key ID and Secret Access Key — you won't see the secret again

Security note: Never commit your AWS credentials to Git. Never. I mean it. We'll talk about safer approaches as you progress, but for now — keep those keys safe.

4.2 Configure the AWS CLI

Run the configuration wizard:

aws configure

You'll be prompted for four things:

AWS Access Key ID [None]: YOUR_ACCESS_KEY_ID
AWS Secret Access Key [None]: YOUR_SECRET_ACCESS_KEY
Default region name [None]: us-east-1
Default output format [None]: json

A few notes:

• Replace us-east-1 with your preferred AWS region (e.g., eu-west-1 for Europe, ap-southeast-1 for Asia Pacific)
• Output format json is generally the most useful for scripting and readability or leave it blank.

4.3 — Verify Your AWS Connection

Let's confirm the CLI can actually talk to AWS:

aws sts get-caller-identity

If everything is configured correctly, you'll see something like:

That response means your CLI is authenticated and talking to AWS.
That is all for today, let meet tomorrow even as we dive deeper.

Common Mistakes to Avoid Early On

I'd rather you learn from these now than discover them at 2am:

1. Storing credentials in your Terraform files

Never hardcode your access_key and secret_key directly in your .tf files. Terraform automatically picks up credentials from aws configure — let it do that.

2. Not running terraform init after adding providers

Every time you add a new provider or module, run terraform init again. It's easy to forget and the error messages can be confusing.

3. Skipping terraform plan before terraform apply

Always run terraform plan first. It shows you exactly what Terraform is about to do — think of it as a dry run. This habit will save you from some very expensive surprises.

4. Using AdministratorAccess in production

Fine for learning, not fine for real workloads. As you get more comfortable, practice least-privilege IAM permissions.

---

What's Next?

Now that your environment is set up, you're ready to start writing real Terraform code. In upcoming posts, I'll be covering:

• Writing your first Terraform resource (spinning up an EC2 instance)
• Understanding Terraform state and why it matters
• Variables, outputs, and keeping your code reusable
• Remote state with S3 and DynamoDB for team environments

The foundation is in place. Everything from here is building on top of it.

Wrapping Up

Setting up your Terraform and AWS environment on Ubuntu is genuinely straightforward once you know the steps — and now you do. What used to take me a while to piece together from different docs is now a repeatable process I can set up in under 15 minutes.

That's the whole point of Infrastructure as Code. Once you do something right, you codify it, and you never have to figure it out from scratch again.

If you ran into any issues or have questions about any of the steps, drop them in the comments below. And if this was helpful, share it with someone else who's just getting started on their cloud and DevOps journey — we all start somewhere.

Happy building.

Found this useful? Follow along for more hands-on DevOps and cloud content.