What is Terraform
Have you ever got tired of typing in all those CLI commands into your terminal just for it to throw back an error? Terraform is an offering by HashiCorp that allows you to manage infrastructure as code. That idea is pretty powerful because it enables you to develop your infrastructure like any other code you have. It can be checked into version control, edited in a text editor and managed using one command. It automates the provisioning of hardware.
Terraform has numerous plugins, terraform speak for code that calls cloud APIs for you, such as AWS, Azure, and GCP and even for Dominos!
Downloading and Installing Terraform
Terraform can be downloaded from the official Terraform website, and then added to your
PATH. Mac OS users can install Terraform using Homebrew or by downloading the file. This is applicable to Mac OS and Linux users.
- Make sure unzip is installed
chmod +x terraform
mv terraform ~/bin/
AWS encourages you to not use your root account and instead create an IAM user:
Create a user by going to IAM – you can search for it in the management console.
We want programmatic access so leave that option ticked and AWS Management Console access unchecked.
Name it whatever, the actual name doesn’t matter.
AWS’s security teams recommend ‘the principle of least privilege’, you should give your user just enough access to do its job but not anymore. Because we are creating an EC2 instance we just need EC2 permissions. Go to ‘Attach a Policy’ and select ‘Amazon EC2 Full Access’.
Add three tags (or consult your organizations tagging policy) such as Name, User and Description.
aws configure and input the output of IAM user creation:
Creating an EC2 instance
The cost of this step is free for free-tier users and around $0.01 for normal users.
First you need to tell Terraform what plugin you are using, in this case, it’s AWS.
This is called a block. You told Terraform you’re using AWS, the profile you want to use and the default region if it isn’t present in
Now let’s create the EC2 instance. To save on cost we are going to create a basic T2 instance. Terraform has the concepts of blocks, and we are going to create a resource block. A block has the resource type and the local name of the block, it’s like
int i = 1 in C. The type is
int and the
i is the name that refers to that
A VPC if you don’t know is Amazon’s cloud networking product. It enables you to define your own internal network inside AWS – Think VLANs. Here we are giving Terraform the ID of the security groups we are going to create later on. Terraform figures out the real ID when it creates the resources.
The next resource is the security group mentioned above. It simply allows SSH to connect to the instance. The
-1 in the egress specifies we do not care about the protocol.
Better security practice would be to lock down the access to certain IPs, like your company’s subnet. AWS accepts CIDR notation like 126.96.36.199/24.
You can also upload your SSH public key to access the instance with the