How to do write Terraform code?
How to Write Code in Terraform
- Define Resources: Terraform uses the concept of resources to manage infrastructure components. Each resource block specifies the resource type and its configuration.
- Specify Arguments: Within each resource block, you define arguments (settings) that configure the resource.
Example Steps
- Resource Block Structure:
- resource1: Represents the first resource.
- arg1, arg2, arg3: These are the arguments for configuring the resource.
- resource2: Represents the second resource.
- arg1, arg2, arg3: These are the arguments for configuring the resource.
- resource3: Represents the third resource.
- arg1, arg2, arg3: These are the arguments for configuring the resource.
- resource1: Represents the first resource.
All the services in AWS and Azure are know as Resources.
Please find images below for Aws portal:
For Azure portal
Example Code
Let’s go through an example where we create an AWS EC2 instance and an S3 bucket.
1. Define the Provider
The provider is necessary to interact with the cloud service. For AWS, as shown in pervious blog. Please find link – https://www.cloudopsnow.in/how-to-install-providers-part-3/
2. Define Resources
Now, let’s define an EC2 instance and an S3 bucket.
If you go to terraform Provider websites and follow below path
Terraform Provider – https://registry.terraform.io/namespaces/hashicorp
Terraform provider –> AWS provider –> Documentation –> Go to respective resources
For EC2 instance below are the list of resources
if go to aws instance (which know as resources) and if go to extreme down will find many arguments as shown below:
For EC2 instance:
resource "aws_instance" "web" {
ami = "ami-04b70fa74e45c3917"
instance_type = "t3.micro"
tags = {
Name = "HelloWorld"
}
}
For S3 bucket
resource "aws_s3_bucket" "example" {
bucket = "my-af-test-bucket09887df"
tags = {
Name = "My bucket"
Environment = "Dev"
}
}
For ami id please follow below images
To create free AWS account for 12 months please follow the link – https://www.cloudopsnow.in/how-to-create-aws-free-tier-account-for-12-months/
Next follow below steps:
Plan the Infrastructure: Run terraform plan
to see the changes Terraform will make to your infrastructure.
terraform plan
Apply the Changes: Run terraform apply
to apply the changes and create the resources.
terraform apply
Check the State: Terraform keeps track of the state of your infrastructure in a terraform.tfstate
file. This file helps Terraform know what exists and what needs to be created, updated, or deleted.
State file generate once resource created – Don’t touch or configure the resource file manaually
Destroy the Infrastructure (Optional): If you want to remove all the resources created by Terraform, run:
terraform destroy
Summary
- Write the configuration files (
filename.tf
). - Initialize with
terraform init
. - Plan the changes with
terraform plan
. - Apply the changes with
terraform apply
. - (Optional) Destroy the infrastructure with
terraform destroy
.
Practical Examples
Run dry run using command ‘terraform plan‘
First Error
First error while running code, below error came because of ami details should be in double code
Second Error
Below error because
Terraform is trying to connect to the AWS metadata service to obtain credentials, but it’s unable to do so, likely because you’re not running this on an EC2 instance with a role attached.
Steps to Resolve
Provider Configuration in Terraform: Make sure your Terraform provider block is correctly configured to use the credentials.
Authentication and Configuration
Configuration for the AWS Provider can be derived from several sources, which are applied in the following order:
- Parameters in the provider configuration
- Environment variables
- Shared credentials files
- Shared configuration files
- Container credentials
- Instance profile credentials and Region
Add below code in provider.tf files
provider "aws" {
region = "us-west-2"
access_key = "my-access-key"
secret_key = "my-secret-key"
}
region = “us-west-2” (provide region where you creating resource)
access_key = “my-access-key”
secret_key = “my-secret-key”
Generate access_key and secret_key from aws portal
Go to aws portal –>IAM management console –> IAM Dashboard –> Manage access Key –>Go to access key
create access key
Generate access key
Add and save the ‘provider.tf‘ file
Run ‘terraform plan’ again
As we can see in 2 plan.
Lets also validate the code using ‘Terraform validate’
Now run ‘terraform apply‘ command to create the resource
Go to AWS portal and we cans see EC2 instance created
Use “terraform show” to check log / statefiles
Use “terraform destory” to remove above created resource :
Go and check the AWS portal