Manage AWS Infrastracture as Code with Terraform

This post is part of “IaC” series 😇 to teach you how to use Terraform to spin up infrastructure on AWS.

1 – Why Terraform ?

Terraform is a IaC tool written in Go, it gives you the ability to describe a complex infrastructre using a high level language (HashiCorp Configuration Language  – HCL). This feature allows you to treat your infrastrcture as you would any other code. In addition to that, Terraform provision infrastructure across multiple IaaS providers like: AWS, Azure, GCP, VMware 

2 – Install Terraform

To install Terraform, find the appropriate package for your system and download it:

After installing Terraform, verify the installation worked by executing ‘terraform version‘:

3 – Create AWS IAM User

Terraform uses AWS REST API to manage AWS resources, so we need to setup a new user account in order to use it

Note: We can use our root user which has access permission to everything, but for security perspective, its recommended to use only a limited permissions user account.

So after signin in your AWS Management Console, go to “Identity and Access Management – IAM” section:

Then, click on “Add user” :

Assign a username for the new account and select “Programmatic access“:

Add “AmazonEC2FullAccess” to user permissions list:

Next, click on “Review” then “Create User“:

Copy to clipboard the Access Key ID and Secret Access Key, then set them as envrionment variables by running the commands below

4 – Deploy an EC2 instance

Terraform templates are written in a declarative language called HCL with the extension “.tf“. So create a file called “main.tf” with the following content:

The above template tells Terraform that we will use AWS as a provider and the region on which our resources will be deployed on. It also tells that we will create an EC2 of type t2.micro that uses Amazon Linux AMI as an OS.  You can configure other parameters (The aws_instance resource documentation lists all the parameters it supports)

Note: The ami of the main images can be retrieved from the AWS console after being logged in. Simulate installing an instance by clicking “Lauch Instance” and browse through the main images. The image number starting with “ami” is displayed there:

Before we create the infrastrcture, we need to install the AWS plugin for Terraform by typing ‘terraform init‘ :

To see what Terraform will do before actually doing it. Its recommended to run ‘terraform plan‘ always to check your changes before unleashing them onto the world:

To apply the changes, issue the following command:

If we jump to the AWS Console, we indeed can see that “test-vm” instance has been created:

It works 😍 ! but still there’s a small problem 😐😣 , we cannot connect via SSH to the instance because we didn’t assign a key pair to it.

To add one, we will modify the template file “main.tf” : :

Run the plan command again:

As you can see above, the key_name will be applied to the new instance, allowing us to SSH into the server

Now if we goes back to AWS dashboard, we notice that a new instance has been launched and the correct key is assigned:

The key pair we created can be listed in the “Key Pairs” menu:

Now, we can connect to the server via SSH using the instance public DNS name 😎

5 – Cleanup the instance

To destroy the instance, we type ‘terraform destroy‘ then we confirm by typing “yes”:

6 – Taking this further

So that was a quick demo, on how to create a simple server on AWS, on my upcoming tutorials, I will show you guys how to setup a complex infrastructure on AWS with a VPC, bunch of EC2 instances, ELB, Virtual Gateway and Security Groups & Network ACL configurations. So stay tuned 😉

Comments

comments