In this tutorial, you’ll learn how to leverage infrastructure as code to deploy resources in AWS using Terraform. With Terraform you can
To get started, you need to install Terraform locally:
If the response includes “command not found” you need to check the installation and path as noted above.
In this tutorial, you will provision an EC2 instance and S3 Bucket via Terraform on accounts created via Control Tower.
To configure Terraform for AWS, we need to add the AWS Provider and provide credentials. Credentials can be added in a variety of ways but for this exercise we will leverage the Environment variables approach.
Warning: Terraform allows for Static credentials to be added to the code and is not recommended as this risk secret leakage. Never hard-code your credentials in your Terraform files
You can retrieve temporary credentials from the SSO Portal and choosing Command line or programmatic access.
Create a local directory where Terraform can be executed. Open a terminal window and type the following commands:
Download zip file from WorkDocs here and extract the files to the directory you created in the previous step. Your directory should now contain the following
Terraform uses a plug-in based architecture to support a variety of providers. The terraform init
command will automatically download and install any provider referenced in the terraform code. In this case we will be using provider AWS.
Execute a terraform init
command and similar output can be expected.
terraform plan
is optional but allows you to see your changes before they occur. This is useful to see how your infrastructure will change prior to executing the change.
You should see something similar when executing terraform plan
although please note the output has been truncated to save space.
To apply the infrastructure changes noted in the plan execute a terraform apply
. Terraform will advise what will be executed and output should be similar to what was returned in the plan. As this will execute the changes returned you will be prompted to with the following (type “yes” and hit enter to execute the change).
Terraform will execute the changes and if successful you should she something similar to the following:
In some circumstances you may want to simply delete the infrastructure created which can be accomplished with a terraform destroy
command. Please note: as this deletes all resources you may want to first login into the account to view the bucket and instance before executing this.
Execute a terraform destroy
and similar to the apply command you will be prompted to confirm the plan it presents. You should see something similar to the following which has been truncated to save space
Congrats you have successfully deployed and deleted infrastructure in AWS using Terraform
The Terraform CLI has a built-help function. If at any point during this guide you are unsure of how to proceed, consider using the terraform -help
flag with any command. For example
main.tf