Terraform is an IaC (Infrastructure as Code) tool that allows us to automate infrastructure tasks such as provisioning and managing cloud resources. It supports various cloud environments such as AWS, Google Cloud, Azure.
Key takeaways:
Terraform is an open-source IaC tool to define and manage cloud infrastructure efficiently.
It provides centralized configuration reduces setup mistakes.
It easily replicates and modifies environments with code.
It provides a clear overview of infrastructure through code.
It supports multiple cloud providers beyond AWS.
This Answer will be about what Terraform does, why you might need it, and a quick demo where we will use Terraform with AWS. Let’s begin!
Terraform’s official website says:
Terraform is an open-source infrastructure code software tool that provides a consistent CLI workflow to manage hundreds of cloud services.
The first question you might have is, “What exactly is infrastructure as code?”
Well, whenever you use a cloud provider service to set up the infrastructure for your project, you typically create all the required resources using the web UI or the CLI for that particular service. Infrastructure as code is the process of defining all your infrastructure in a machine-readable format as code!
Terraform is simply a tool that takes the infrastructure you have defined as code, and brings it to life.
To simplify, let’s say you want to create an S3 bucket in AWS. You would write this instruction as code (which we will learn later), and then Terraform will execute the code, meaning it will create that bucket for you.
Pretty cool, right?
Now, you might be wondering why you would want to use Terraform, or this whole infrastructure, as a code approach over what you have been doing traditionally. You can read about the advantages below:
When creating your infrastructure manually, there are many screens and wizards you have to go through to configure it, and many settings that you need to take care of. When there is so much to configure, it is quite easy to set something incorrectly by accident.
With Terraform, you write all of it as code, which means it will all be in one place for you to see. Therefore, the chance of you making a mistake while setting all this up is lower.
While doing things the traditional way, it is quite difficult to create multiple, identical environments. These environments could be completely similar or have slight variations. If you’re doing this the traditional way, that means going through all those configuration screens again and remembering what slight changes you wanted to make.
But, with Terraform, it’s as simple as a Ctrl + C and Ctrl + V of your code that defines your infrastructure. This makes it easy to make all the slight changes you want in each environment, while keeping the environments identical to each other in the long run.
When using Terraform, you’ll have your entire infrastructure written out in front of you as code. This makes it easier to understand which components are present and make any changes you see fit.
These are some of the key reasons you might want to use Terraform over the traditional method of creating infrastructure.
Solutions like AWS CloudFormation can do the same thing for you. However, Terraform is useful because it is not a cloud provider-specific solution and, therefore, comes in handy regardless of your cloud provider.
Now that you have an idea of what Terraform does, let’s see it in action. We will keep it simple for this one and learn how to create an S3 bucket in AWS using Terraform. But, remember, you can create your entire infrastructure regardless of the cloud provider with Terraform.
Sign in to AWS and create a programmatic user that Terraform can use to talk to AWS. Make sure to give this user enough access to create the S3 bucket.
Once you finish creating this user, make sure to generate its access key ID and the secret access key.
Once you’re done with this,
terraform -version
Now, we need to set up the environment variables to give Terraform access to our AWS account. To do this, simply run the following commands in your terminal:
export AWS_ACCESS_KEY_ID=YOURACTUALKEYIDexport AWS_SECRET_ACCESS_KEY=YOURACTUALACCESSKEY
And that’s it! Terraform now has access to talk to your AWS account.
Note: These two variables only exist for the lifetime of the current terminal window; that is, if you close the window, you’ll have to type the above commands again.
Now, let’s get to writing our infrastructure as code!
If you’re using VS Code, you might want to install these extensions: HashiCorp Terraform and Terraform Autocomplete.
Create a main.tf file and open it with your favorite code editor.
Note: It is not necessary to call this file
main.tf, but it is considered a best practice.
Copy the following contents in the file.
provider "aws" {region = "<provide an AWS region here>"}resource "aws_s3_bucket" "my_bucket" {bucket = "<provide a unique bucket name here>"}
The first thing we did was specify our provider (AWS in our case). Terraform has a large number of providers that give Terraform access to provider-specific resources. When we chose the provider, we also specify the region we want to use for this project in AWS.
The next thing we did was set up our S3 bucket. For this, we defined a resource.
A resource is simply something that maps to an item in the real world. In our case, it maps to something in our cloud provider.
In the first set of quotes, we specified the resource we want to use, an AWS S3 bucket. In the second set of quotes, we gave this bucket an identifier. An identifier should only be used inside Terraform projects, and has nothing to do with what will get created in AWS by Terraform.
After this, we provided the configuration for this resource. Resources may have any number of parameters for you to configure. This configuration will be used to set the resource up just like you want in AWS. In this example, we just set the bucket name.
Now, go back to your command line where you set up your AWS keys. You should see these keys when you run something like:
printenv | grep AWS
From this terminal, navigate to the folder that has the main.tf file and run:
terraform init
This will configure Terraform to run with your project, and will initialize a state file. Next, run:
terraform apply
This will take your main.tf file and apply that to AWS. When you run that command, you will see a plan that Terraform creates first before actually making changes to AWS. This is so you can see what Terraform will be creating in your Cloud provider.
After showing you the plan, Terraform will ask for your permission to apply the plan. Type yes to continue and you should see a success message.
Now, go to your Amazon S3 console, and you’ll see your bucket created by Terraform.
Run terraform apply again and nothing will happen. This is because you asked Terraform to ensure that there is one particular S3 bucket, and if that is already created, it will do nothing. Therefore, running terraform apply again will not create a new bucket.
Delete the bucket from the AWS console, then run terraform apply again, and you’ll see a screen again where Terraform is asking you to confirm the creation of the S3 bucket. Say yes and you’ll see your bucket again in the AWS console.
There is one more important command we should go over. Run the following:
terraform destroy
You will now see another plan that will show all the things Terraform will delete in order to destroy everything that was created by the main.tf file. Enter yes and go to your console—you should see the bucket gone!
You can execute the commands given above in the following terminal to provision an S3 bucket using Terraform. To create a main.tf file use the command nano main.tf and save it by pressing "Ctrl+X," "Y," and then "Enter." Also, make sure to provide an AWS region and unique bucket name in this file.
To get hands on experience working with AWS Terraform, check out our lab Provisioning AWS Resources Using Terraform where we provide step-by-step instructions on how to provision resources using AWS Terraform.
Haven’t found what you were looking for? Contact Us
Free Resources