Create your first Terraform AWS EC2 Instance

This tutorial will instruct you to make an instance where from inside, you will be able to create another instance using your AWS IAM user account that is created.

Requirement

• AWS Account(root user email)

Create an IAM User

It is good practice to create an IAM user with least required permissions from your root user login since this will reduce damage if your IAM account is compromised. To get started, login to your AWS with root user login credentials.

Following the prompts will direct you to the AWS Management Console.

Select services and search for “IAM”

Now click on Users on the left navigation bar.

Add a user

Any username will be fine. Click Programmatic access(required) to use for this tutorial.

“AWS Management Console access” allows access back into AWS website to see instance has been created. For this tutorial it will be enabled for this IAM user otherwise, it may not be needed.

Proceed to next step and Select “Create Group”. Label Group name and select “AmazonEC2FullAccess” so that this IAM user can create and destroy ec2 instances.

After that, you may proceed to the end of this creation process. Everything else may be left as default.

Once it has been created this page will show up. Download .csv for later usage or take note of details as IT WILL NOT BE SHOWN AGAIN.

Logout and sign back in using this IAM credentials.

Terraform Stuff!

Once logged in, direct yourself to EC2 Dashboard. This can be done as shown below.

Once there select instances on the right navigation bar.

Select “Launch Instance” selecting Amazon Linux AMI(Free Tier). Take note of the AMI code since we will need it later to create the same instance!

Assuming it will be a free-tier(No cost), select “Review and Launch”. This will automatically select default free features for this instance.

Note download your pem key and put in a secure location on your desktop. You may need to change the access rights to it where only you are able to use it. You will need to come back to this folder later on.

Once complete, go back to your instance and you should see your instance with “Instance state” set to running with green circle.

Give this instance the name Terraform and should identical to this.

This is where we will conduct all our terraform stuff inside.

SSH Into This Instance

Locate and make the folder you placed your pem key earlier as your current directory.

Run the following

ssh -i <name of pem key> ec2-user@<Public DNS>

ec2-user — This is the default username to login with. Anything else and it will not accept

Public DNS — This can be found by selecting your instance and looking in your description tab

Once you have SSH in. Update it as recommended.

Using Terraform

To use Terraform, need to install its executable. Also move this downloaded executable to bin file to be able to executed anywhere on system.

NOTE: wget command should be altered if you are using another type of instance/OS. To find compatible OS of terraform, click here and copy the URL link and replace the URL below.

$ mkdir download
$ cd download
$ wget <https://releases.hashicorp.com/terraform/0.12.26/terraform_0.12.26_linux_amd64.zip>
$ unzip terraform_0.8.5_linux_386.zip
$ mv terraform /usr/local/bin/

Terraform requires AWS account credentials, you will need access the .csv file downloaded before. Storing your AWS IAM credentials in

ENV variables Path
This can be done by doing the following

$ export AWS_ACCESS_KEY_ID=(your access key id) $ export AWS_SECRET_ACCESS_KEY=(your secret access key)

Confirm by printing your all ENV variables. Locating the above variables.

$ env

In file Path

Once that is done, confirm terraform works by printing out the version.

$ terraform -version

Go back to home by

$ cd $HOME

Make a directory where you will have your terraform files.

$ mkdir terraformfiles
$ cd terraformfiles

Create your first terraform file. To find a copy of the following file look here on github.

$ vim main.tf

Insert the following into main.tf.

provider "aws" {
     region = "ap-southeast-2"
}
resource "aws_instance" "example" {
     ami           = "ami-03686c686b463366b"
     instance_type = "t2.micro"
     tags = {
          Name = "terraform-example"
     }
}

AMI — OS type (referring back to when you created the terraform instance)

instance type — default configuration

Tags — Here just named the instance name

Based on Ruby code format.

Provider is needed to tell terraform who you will provide your services.

Resource follows the following format

resource "<PROVIDER>_<TYPE>" "<NAME>" {
  [CONFIG ...]
}

Execute the following commands

$ terraform init

This is used to initialise the working directory with a terraform config file. Also getting the right plugin and relating information from providers lsited above.

$ terraform plan

Essentially terraform way to create an execution plan and perform a refresh if the “.tf” file is altered.

$ terraform apply

Apply the changes required to reach the desired state in the configuration file. You should now see it in progress. Enter yes to confirm your execution.

Go back to AWS instance section on the website to see your instance running named “terraform-example”.

To Destroy the instance from CLI. Execute the below.

$ terraform destroy

Refresh website to see it shutting down/terminated.

There you have it! You have made your first infrastructure as code execution.

References

[1] Terraform: Up & Running, 2nd Edition by Yevgeniy Brikman

[2] Installing Terraform on AWS EC2 Instance