Terraform with AWS
I am currently a B.Tech student pursuing Computer Science with a specialization in Data Science at I.T.S Engineering College. I am always excited to learn and explore new things to increase my knowledge. I have good knowledge of programming languages such as C, Python, Java, and web development.
Prerequisites for Using Terraform with AWS
AWS Account → Sign up at AWS Console.
IAM User with Permissions → Create an IAM user with
AdministratorAccessor required permissions.AWS CLI Installed → Install from AWS CLI Official Site and configure using:
aws configureTerraform Installed → Download from Terraform’s official site.
Basic Knowledge of AWS Services → EC2, S3, IAM, VPC, etc.
Understanding Infrastructure as Code (IaC) → Terraform works declaratively.
Text Editor (VS Code Recommended) → Install VS Code with the Terraform extension for better syntax support.
Networking Basics (Optional) → Useful for configuring VPC, subnets, and security groups.
AWS CLI installed
Step 1: Download AWS CLI
Windows: Download and install from AWS CLI Windows Installer.
macOS: Install using Homebrew:
brew install awscliLinux: Install using the package manager:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install
Step 2: Verify Installation
Run:
aws --version
Example output:
aws-cli/2.x.x Python/3.x.x Linux/Windows/macOS
Step 3: Configure AWS CLI
Use:
aws configure
Enter:
AWS Access Key ID
AWS Secret Access Key
Default region (e.g.,
us-east-1)Output format (
json,table, ortext)
AWS IAM user
Step 1: Sign in to AWS Console
Go to AWS IAM Console.
Click Users → Add Users.
Step 2: Configure User Details
Enter User Name (e.g.,
terraform-user).Select Access Key - Programmatic Access (needed for Terraform & AWS CLI).
Step 3: Set Permissions
Choose Attach policies directly.
Select AdministratorAccess (or create a custom policy with required permissions).
Step 4: Create and Download Credentials
Click Create User.
Download the Access Key ID and Secret Access Key (store them securely).
Step 5: Configure AWS CLI for Terraform
Run:
aws configure
Enter:
AWS Access Key ID
AWS Secret Access Key
Default region (e.g.,
us-east-1)Output format (
json,table, ortext)
Task-01
Provision an AWS EC2 instance using Terraform
Hint:
resource "aws_instance" "aws_ec2_test" {
count = 4
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
tags = {
Name = "TerraformTestServerInstance"
}
}
Prerequisites
AWS CLI installed and configured (
aws configure).Terraform installed (Download Terraform).
IAM user with necessary permissions (EC2, VPC, etc.).
Step 1: Create a Terraform Configuration File (main.tf)
provider "aws" {
region = "us-east-1"
}
resource "aws_instance" "aws_ec2_test" {
count = 4
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
tags = {
Name = "TerraformTestServerInstance-${count.index + 1}"
}
}
Step 2: Initialize Terraform
Run:
terraform init
This downloads the AWS provider plugin.
Step 3: Plan and Apply Terraform Configuration
Preview changes:
terraform planApply the configuration:
terraform apply -auto-approveThis provisions 4 EC2 instances.
Step 4: Verify in the AWS Console
Go to EC2 Dashboard and check if the instances are running.
Step 5: Destroy the Instances (Optional)
If you want to delete the instances, run:
terraform destroy -auto-approve
Working with Terraform Resources
Understanding Terraform Resources
A resource in Terraform represents a specific cloud infrastructure component, such as an EC2 instance, S3 bucket, VPC, or database. Resources are defined in .tf files and managed declaratively by Terraform.
1. Structure of a Terraform Resource
resource "aws_instance" "example" {
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
tags = {
Name = "ExampleInstance"
}
}
Breakdown:
resource→ Declares a resource block."aws_instance"→ Specifies the AWS EC2 instance resource type."example"→ A unique name for referencing this resource.ami→ Amazon Machine Image (AMI) ID for the instance.instance_type→ Defines the EC2 instance type.tags→ Assigns metadata to the resource.
2. Common Terraform Resource Attributes
Terraform resources have several attributes that define their configuration. Some common ones include:
| Attribute | Description |
ami | The AMI ID is used to launch an instance. |
instance_type | Defines the type of EC2 instance (e.g., t2.micro). |
count | Specifies the number of instances to create. |
tags | Key-value pairs to label resources. |
cidr_block | Defines IP range (used in networking resources). |
3. Using Multiple Resources
Terraform can manage multiple resources in a single configuration.
Example:
resource "aws_s3_bucket" "my_bucket" {
bucket = "my-terraform-bucket"
acl = "private"
}
resource "aws_instance" "web" {
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
tags = {
Name = "WebServer"
}
}
Here, both an EC2 instance and an S3 bucket are created.
4. Resource Dependencies
Terraform automatically manages dependencies, but you can explicitly define them using depends_on.
Example:
resource "aws_instance" "app_server" {
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
depends_on = [aws_s3_bucket.my_bucket]
}
This ensures the EC2 instance is created after the S3 bucket.
5. Modifying Resources
To update a resource, change its configuration and run:
terraform apply
Terraform will determine the changes needed and apply them.
6. Destroying Resources
To remove resources, run:
terraform destroy
This deletes all managed infrastructure.
Task 2: Create a security group
You need to create a security group to allow traffic to the EC2 instance. Follow these steps:
In your main.tf file, add the following code to create a security group:
resource "aws_security_group" "web_server" {
name_prefix = "web-server-sg"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
Terraform init to initialize the Terraform project.
Run terraform apply to create the security group.
Step 1: Update main.tf with Security Group Configuration
Add the following code to your main.tf file:
provider "aws" {
region = "us-east-1"
}
resource "aws_security_group" "web_server" {
name_prefix = "web-server-sg"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] # Allows HTTP traffic from anywhere
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] # Allows all outbound traffic
}
tags = {
Name = "WebServerSecurityGroup"
}
}
Step 2: Initialize Terraform
Run the following command to download the required provider plugins:
terraform init
Step 3: Apply the Terraform Configuration
Run:
terraform apply -auto-approve
This will create the security group and display the generated resource details.
Step 4: Verify Security Group in AWS Console
Go to AWS Console → EC2 Dashboard → Security Groups.
Look for a security group with the name web-server-sg.
Ensure it has an inbound rule for HTTP (Port 80) and an outbound rule for all traffic.
Optional: Attach Security Group to an EC2 Instance
If you have an EC2 instance, update it to use this security group:
resource "aws_instance" "web_server" {
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
security_groups = [aws_security_group.web_server.name]
tags = {
Name = "TerraformWebServer"
}
}
Step 5: Destroy the Security Group (Optional)
If you need to remove the security group, run:
terraform destroy -auto-approve
This completes Task 2! Now, your EC2 instances can receive HTTP traffic on port 80.
Task 3: Create an EC2 instance
Now, you can create an EC2 instance with Terraform. Follow these steps:
In your main.tf file, add the following code to create an EC2 instance:
resource "aws_instance" "web_server" {
ami = "ami-0557a15b87f6559cf"
instance_type = "t2.micro"
key_name = "my-key-pair"
security_groups = [
aws_security_group.web_server.name
]
user_data = <<-EOF
#!/bin/bash
echo "<html><body><h1>Welcome to my website!</h1></body></html>" > index.html
nohup python -m SimpleHTTPServer 80 &
EOF
}
Note: Replace the ami and key_name values with your own. You can find a list of available AMIs in the AWS documentation.
Run terraform apply to create the EC2 instance.
Step 1: Update main.tf to Include EC2 Instance Configuration
Modify your main.tf file to include the EC2 instance:
provider "aws" {
region = "us-east-1"
}
# Security Group for EC2 Instance
resource "aws_security_group" "web_server" {
name_prefix = "web-server-sg"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] # Allows HTTP traffic from anywhere
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] # Allows all outbound traffic
}
tags = {
Name = "WebServerSecurityGroup"
}
}
# EC2 Instance
resource "aws_instance" "web_server" {
ami = "ami-0557a15b87f6559cf" # Replace with your AMI ID
instance_type = "t2.micro"
key_name = "my-key-pair" # Replace with your key pair name
security_groups = [
aws_security_group.web_server.name
]
user_data = <<-EOF
#!/bin/bash
echo "<html><body><h1>Welcome to my website!</h1></body></html>" > index.html
nohup python -m SimpleHTTPServer 80 &
EOF
tags = {
Name = "TerraformWebServer"
}
}
Step 2: Initialize Terraform
Run:
terraform init
Step 3: Apply the Terraform Configuration
Execute:
terraform apply -auto-approve
Terraform will create:
1. A security group allowing HTTP traffic
2. An EC2 instance with a simple Python HTTP server
Step 4: Verify in the AWS Console
Go to EC2 Dashboard → Instances.
Check if the TerraformWebServer instance is running.
Copy the Public IP and open it in a browser:
http://<your-ec2-public-ip>You should see "Welcome to my website!" displayed.
Step 5: Destroy the EC2 Instance (Optional)
If you want to delete the resources, run:
terraform destroy -auto-approve
This completes Task 3! Your EC2 instance is now hosting a basic web page using Terraform.
Task 4: Access your website
Now that your EC2 instance is up and running, you can access the website you just hosted on it.
Now that your EC2 instance is running with a basic web server, follow these steps to access your website:
Step 1: Get the Public IP of Your EC2 Instance
Run the following Terraform command to fetch the public IP:
terraform output
OR, use this command if output variables are not defined:
aws ec2 describe-instances \
--query "Reservations[*].Instances[*].PublicIpAddress" \
--output text
Alternatively, you can find it in the AWS Console:
Go to EC2 Dashboard → Instances.
Locate your TerraformWebServer instance.
Copy the Public IPv4 Address.
Step 2: Open the Website in Your Browser
Paste the Public IPv4 Address into your browser’s address bar:
http://<your-ec2-public-ip>
Example:
http://3.93.45.123
If everything is set up correctly, you should see:
"Welcome to my website!"
Step 3: Troubleshooting (If the Website Is Not Loading)
If the page does not load:
Check EC2 Instance Status → Make sure the instance is running.
Verify Security Group Rules → Ensure inbound rule allows HTTP (port 80).
Check the User Data Script Execution
SSH into your instance:
ssh -i my-key-pair.pem ec2-user@<your-ec2-public-ip>Verify that the web server is running:
ps aux | grep pythonRestart it if necessary:
nohup python -m SimpleHTTPServer 80 &
Step 4: (Optional) Destroy the Resources
If you want to delete everything:
terraform destroy -auto-approve
This completes Task 4! Your EC2 instance is now hosting a simple website, and you can access it from any browser.