- Create an AWS EC2 instance with HashiCorp Terraform provider - Fri, Jul 29 2022
- Introduction to Docker Bind Mounts and Volumes - Mon, Oct 8 2018
- Managing Windows file shares with PowerShell - Mon, Aug 13 2018
Requirements
To follow this tutorial, you must fulfill the following requirements:
- The Terraform CLI (1.2.0+) is installed.
- The AWS CLI is installed.
- An AWS account and associated credentials exist that allow you to create resources.
More resource types are available on the documentation page for the AWS Terraform Provider.
You can install the AWS CLI and the Terraform CLI on any on-prem computer running Linux, macOS, or Windows.
Terraform configuration files
Terraform runs against the folder of your choice containing configuration files with the .tf extension. In this tutorial, we will store the configuration files in a folder called ec2_instance.
We will need two configuration files: versions.tf and main.tf. The versions.tf file specifies the information for the Terraform AWS provider, and main.tf specifies the EC2 resource.
Authenticating with AWS
Terraform needs to authenticate with AWS with the permissions needed to deploy EC2 instances. To do this, the AWS provider needs an access key. There are two different ways to provide an access key. In this tutorial, we will cover the following:
- Parameters in the AWS provider configuration
- Shared credentials files
The first method for authenticating with AWS is through parameters in the AWS provider configuration. The AWS provider accepts parameters for region, access_key, and secret_key. For access_key, provide the Access key ID, and for secret_key, provide the secret access key that was generated for the user that will perform the deployment.
The region determines the location of the AWS data center.
Once an access key and secret key have been generated, they can be specified in a provider block as follows:
provider "aws" {
region = "<REGION>"
access_key = "<access-key-id>"
secret_key = "<secret-key>"
}
To avoid putting secret keys into code, the AWS provider can also use shared credential files. A shared credential file can be set up using the AWS CLI. Run the command aws configure to quickly set up a shared credential. When prompted, enter values for AWS Access Key ID, AWS Secret Access Key, and Default region name.
Run aws configure to create a shared credential file for authenticating with AWS
Once the shared credential is set up, the AWS provider automatically pulls its credentials and region information without the need to put them in a provider block.
Configuring Terraform and required providers
Create versions.tf and paste the following terraform block to specify AWS as a required provider.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
}
}
}
If authentication is being done through parameters in the AWS provider configuration, add the following block to the bottom of versions.tf, replacing the access_key and secret_key accordingly. If a shared credential is used, this step is not needed.
provider "aws" {
region = "us-east-1"
access_key = "<access-key-id>"
secret_key = "<secret-key>"
}
Configure the EC2 instance
Once the AWS provider details have been configured, save and close versions.tf. Copy and paste the following resource block into main.tf.
resource "aws_instance" "webserver" {
ami = "<AMI-ID>"
instance_type = "<INSTANCE-TYPE>"
tags = {
Name = "<NAME>"
}
}
The AWS Terraform provider uses the aws_instance resource to configure EC2 instances. It requires three pieces of information.
First, you must specify an Amazon Machine Image (AMI) ID. An AMI is an OS image maintained by AWS. Alternatively, you can create your own AMI from an existing EC2 instance in the AWS Console or via the AWS CLI.
To find an AMI ID, navigate to EC2 in the AWS Console and then look under the Images section.
Finding Amazon Machine Images AMI in the AWS Console
You can find more information about Linux AMIs and Windows AMIs in the AWS documentation. For this demo, we will use the currently available AMI for Amazon Linux 2 (ami-0cff7528ff583bf9a).
Next, the resource requires an instance type. The instance type specifies the CPU, memory, storage, and networking capacities. The type t2.micro produces a free instance with 1 vCPU and 1 GB of memory. For more options, check out Amazon EC2 Instance Types.
Finally, the EC2 instance needs a name. To specify the name of an EC2 instance, create a tag called Name (case sensitive), and for the value, enter the name you would like to use to refer to this instance. This will be the value displayed in the "Name" column under Instances in the EC2 Management Console.
When you're finished, the aws_instance resource in main.tf should look similar to this:
resource "aws_instance" "webserver" {
ami = "ami-0cff7528ff583bf9a"
instance_type = "t2.micro"
tags = {
Name = "web-01"
}
}
Initialize the Terraform directory
Once the .tf files have been saved, it is now time to initialize the configuration with Terraform using the command terraform init from the ec2_instance directory. Initializing the directory containing the Terraform files downloads and installs the AWS provider, which deploys resources later on.
Initialize Terraform to download and install the AWS provider
Run a Terraform plan
After the root folder has been successfully initialized, the next step is to run a plan. A Terraform plan allows you to preview the changes that Terraform intends to make to the infrastructure. Run the command terraform plan from the ec2_instance directory.
Use the terraform plan command to see proposed changes to infrastructure
After the plan finishes, Terraform should be reporting that there is 1 resource to add and 0 to change or destroy.
Apply the configuration
If the plan is executed without errors, it is now time to apply this configuration with the command terraform apply. The apply command creates an execution plan just like the plan command, except this time, Terraform prompts and asks whether to proceed with deploying the resources. Only a value of yes is accepted to approve an apply.
Confirm the terraform apply command to deploy the EC2 instance
After you enter "yes" and hit Enter, Terraform deploys the EC2 instance to AWS.
Results of the terraform apply command for provisioning the EC2 instance
Verify the deployment
Open the Amazon EC2 Console and click Instances. The Instances list should now include the new webserver EC2 instance that was just deployed using Terraform.
Subscribe to 4sysops newsletter!
Verify that the EC2 instance was created by browsing to the EC2 Management Console
