I’ve always found it amazing that an entire cloud environment can be built and destroyed with just lines of code. Lately I’ve been pushing myself to learn something new alongside my AWS development and I thought Terraform would be a good fit, so here goes!
What the heck is Terraform
For people that are unsure what exactly Terraform is and what it does. My understanding is that its a tool that comes under the category of IaC (Infrastructure as Code) allowing users to essentially write a whole cloud environment without all the clicks and wizards. You can write out a file using either JSON, YAML or HCL (HashiCorp Language) and then process the contents of that file through Terraform to create the environment for you.
It has many benefits but what I found extremely useful was to be able to build test environments which can be easily changed or destroyed quickly which can save you some money by not having resources running. Also its useful as a documentation tool, instead of manually building an environment and then spending hours and hours writing out what you’ve created or visa versa spending hours and hours and then building the environment manually. If your using Terraform the code is already written and can be read to see what the environment consists of.
Before we get to the good stuff, be aware this is my first project and I’m still learning!
So this blog post will be going through my first Terraform configuration…….
So I wanted to start off with something fairly easy and straight forward but also something which I can build upon. I decided to create a new VPC (Virtual Private Cloud) and associate a subnet to the VPC.
Lets get access
Before I could start writing the code I had to create a user account which I could use to authenticate. Instead of creating a user account with a standard username and password, I created a user that has programmatic access via the management console.
On the management console head into IAM (Identity and Access Management)
Select the users node on the left hand side and select to add a new user
Enter a username and ensure to select ‘Access Key – Programmatic Access’. This will allow us to use the credentials in our build files
Complete the rest of the wizard with the defaults until the user is created and you see a window similar to the one below. Keep these credentials safe and DO NOT make them viewable anyway public
Take a note of the Access Key and Secret Key as the Secret Key can only be viewed once otherwise your have to create a new key
All of the Terraform files can be found on the their website, float over and download the files for your operating system. The link below takes you there:
Once downloaded, extract and move them into a new directory if you haven’t already. As I’m using Windows I have the Terraform.exe in a new folder on C:. With the folder being called my project name ‘VPC’
Lets get designing
So now you have a folder with just the terraform files inside. Its time to open up a code editor, i use either Sublime Text or Visual Studio Code but use what your preference is. Create a new file within your project folder called ‘main.tf’ if your using Visual Studio it should pick up your using Terraform and download any code language from the internet.
Before we can start populate our code for our environment we need to add some code to authenticate to our cloud platform.
***PLEASE NOTE: As this is a demo and its my first project, I’m hardcoding my access and secret keys into my code file. This is NOT SECURE AND SHOULD NOT BE DONE IN PRODUCTION.***
There is a total of 5 lines of code required to get authenticated, the below screenshot shows the basic configuration. You can change your provider to Azure or Digital Ocean if your using a different platform and, of course, enter your specific keys created earlier. You can also change the region depending on where you want to create your environment
Now lets get creative. We can start adding in what we would like to create. As previously mentioned i was looking at creating basic with a VPC so lets add the code in required to build a new VPC
The language flows so when looking at other elements within AWS, its fairly similar. The example above it fairly straight forward with what’s its going to build. The only element i would mention is that the Name tag had to have a capital N for the VPC to be named otherwise it didn’t have a name just a normal tag.
Lets also create a new subnet within the VPC
Looks pretty similar as before right?
So before we move to building, lets recap. You should have a single file called ‘Main.tf’ located in your project folder with the Terraform files. The Main.tf file should have 3 parts, the authentication part, the new VPC and the new Subnet.
Time to Build!
Terraform works like a workflow. There’s 3 main stages of the workflow, these are:
- Init – will download any required files to complete the operation
- Plan – will output what is going to happen in the environment (Build/Change/Destroy)
- Apply – will make those changes in the environment
To build your environment we need to work our way through the workflow starting at init. Lets launch a command shell, i’m using the shell within Visual Studio.
Now that we’ve downloaded all the required files, lets see what Plan outputs
and finally as we’re happy we’ll go for it!
Lets see what’s happened. Checking in our management console under VPC, we can see its been built with the correct name and CIDR address:
And checking our subnets we can see we’ve got our subnet with the correct name and CIDR address aswell:
That a wrap….for now
So the project was a success, all be it a small and very basic success. Just a final note you can use:
to delete all of the resources created which is extremely useful if your only planning on using a free tier/plan.