Basic/Important commands
terraform init - Initializes the working directory (downloads providers, plugins)
terraform plan - Shows a preview of what Terraform will do
terraform apply - Applies the changes required to reach the desired state
terraform destroy - Destroys the infrastructure defined in your configuration
terraform validate - Validates the Terraform configuration files
terraform fmt - Formats the code according to style standards
terraform output - Shows the output values from your state
terraform workspace list - Lists all existing workspaces.
terraform workspace new <name> - Creates a new workspace.
terraform workspace select <name> - Switches to a different workspace.
terraform state list - Lists all resources in the current state file.
terraform state show <resource> - Shows attributes of a specific resource.
terraform state rm <resource> - Removes a resource from the state.
terraform taint <resource> - Marks a resource for recreation during the next apply.
terraform untaint <resource> - Removes the taint from a resource.
terraform import <resource> <id> - Imports existing infrastructure into Terraform state.
Installation
Install Terraform on Windows https://www.terraform.io
Download terraform software
Extract downloaded zip file
Add terraform path to system environment variables
terraform --version
terraform --help
Set the path for terraform as a EC2-USER
PATH=${PATH}:/home/ec2-user/terraform
source ~/.bash_profile or
echo $"export PATH=\PATH:$(pwd)" >> ~/.bash_profile
source ~/.bash_profile or
sudo mv terraform /usr/local/bin
Terraform script to create a new windows machine in AWS
vi filename.tf
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "windows"{
ami="os ami code from aws"
instance_type="t2.mmicro"
keyname="created keypairname"
}
terraform init //to initialize terraform. Only once we can execute this,
terraform validate //validate the code that we written
terraform fmt //arrange proper spaces and structures in the code
terraform plan // Get ready/Plan the changes that's going to run
terraform apply //now the instance can created in AWS
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "windows"{
ami="os ami code from aws"
tags = {
Name = "server.windowscomputer"
}
instance_type="t2.mmicro"
keyname="created keypairname"
}
Here we just updated server name, then we needs to execute the same commands except the "terraform init" to perform the changes that we updated.
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "windows"{
ami="os ami code from aws"
tags = {
Name = "server.windowscomputer"
}
instance_type="t2.mmicro"
key_name="created keypairname"
}
resource "aws_security_group" "allow_rdp"{
name="allow_rdp"
description="allow remote desktop"
ingres{
from_port = 3389 #Default RDP port
to_port = 3389
protocol="TCP"
cidir_blocks={"0.0.0.0/0"}
}
#Here we updated security group also
Create Multiple AWS instances
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "linux"{
ami="os ami code from aws"
tags = {
Name = "server.linuxcomputer"
}
instance_type="t2.mmicro"
count=5
key_name="created keypairname"
}
We can also modify the instance type and execute "terraform apply" to update instance plan
Create a instance, key and assign the key to that instance
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "linux"{
ami="os ami code from aws"
tags = {
Name = "server.linuxcomputer"
}
instance_type="t2.mmicro"
count=5
key_name="created keypairname"
security_groups = {"${aws_security_group.allow_ssh.name}"}
//It will read the value of security group that we are going to create using the below
}
resource "aws_security_group" "allow_ssh"{
tags = {
Name = "allow SSH"
}
name="allow_ssh"
description="allow SSH access"
ingres{
from_port = 22 #Default SSH port
to_port = 22
protocol="TCP"
cidir_blocks={"0.0.0.0/0"}
}
Create a instance with Apache webserver
vi webserverinstall.sh
yum update -y
yum install httpd* -y
systemctl start httpd
systemctl enable httpd
echo "This is my first website" >> /var/www/html/index.html
vi awsinstancewithweb.tf
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_instance" "linux"{
ami="os ami code from aws"
tags = {
Name = "server.linuxcomputer"
}
instance_type="t2.mmicro"
count=5
key_name="created keypairname"
security_groups = {"${aws_security_group.allow_ssh.name}"}
//It will read the value of security group that we are going to create using the below
user_date=file("script.sh") //Executing this script install webserver
}
resource "aws_security_group" "allow_ssh_httpd"{
tags = {
Name = "allow_SSH_httpd"
}
name="allow_ssh_httpd"
description="allow SSH and HTTPDaccess"
vps_id="paste the vpc id from AWS"
ingres{
description="allow SSH"
from_port = 22 #Default SSH port
to_port = 22
protocol="TCP"
cidir_blocks={"0.0.0.0/0"}
ipv6_cidir_blocks={"::/0"}
}
ingres{
description="allow HTTPD"
from_port = 80 #Default apache port
to_port = 80
protocol="TCP"
cidir_blocks={"0.0.0.0/0"}
ipv6_cidir_blocks={"::/0"}
}
egress{
from_port = 0
to_port = 0
protocol="-1" //This means all traffic
cidir_blocks={"0.0.0.0/0"}
ipv6_cidir_blocks={"::/0"}
}
Create Amazon S3
provider="aws"{
profile="terraform_user"
access_key="key from AWSportal"
secret_key="keyfrom AWSportal"
region="us-est-2"
}
resource "aws_s3_bucket" "bucket"{
bucket="my Test bucket"
tags = {
Name = "MuBucket"
Environment="Test"
}
}
Remove an instance
terraform destroy
--auto-aprove tag will execute the command without asking aproval
Example codes
https://registry.terraform.io/modules/terraform-aws-modules/ec2-instance/aws/latest