Yesterday I earned my Terraform Associate certification from Hashicorp. I’ve enjoyed learning terraform and hopefully I can use this certification to show potential employers my competency. The following is a quick project I did to practice and showcase my skills.
If you don’t know what Terraform is, the official docs are a great place to start.
Prerequisites
This project uses the local terraform backend. To run this project locally you will need to have the AWS and Terraform CLI’s installed. Maybe I’ll add a script to automate that installation at some point. There are several options for authentication to AWS, I chose to use the CLI’s default environment variables.
Main Configuration
First I created my main.tf file and specified the required providers (AWS in this case), along with the source and the version. I used the publicly available VPC and EC2 registry modules for this project so writing the configuration was a breeze. Just call the module and specify AZ’s, subnets, IGW, security groups, etc.
The data block below fetches the security group from AWS so it can be used as an input variable in the EC2 module.
Once the configuration is written, terraform has as couple cool commands you can use to format and check the syntax on your code.
First, Terraform validate goes through all the files in your working directory checking them for syntax errors, and reports any findings in the console. After that you can use Terraform fmt to reformat your code to they stylistic conventions recommended by Hashicorp. Optionally, you can use the fmt -diff flag to have terraform show you the changes it makes in the console.
These commands can be used in either order, but it’s considered best practice to use validate first so code can be debugged easily before formatting changes are made.
Deployment
For this project I used a CLI driven deployment. The first step in any deployment is to run terraform init. This “initializes” the workspace and downloads dependencies, provider plugins, and makes all other necessary preparations.
Once initialized you can run terraform plan, creating a visualized plan of resources to create, change, or destroy. With the optional plan -out=<output-file> flag you can send the output of the plan to a file which can be applied at a later date. Note: the plan step is optional, it is possible skip directly to terraform apply.
The next step is running terraform apply. This command triggers the creation of all the resources in the current configuration. We can either run the pure apply command or we can specify our plan from earlier using terraform apply “tf_plan”, as shown below. If the apply is executed successfully, the resources will be created.
If you for any reason wish to delete your provisioned resources, you may do so using the terraform destroy command. Destroy will terminate all the resources listed in the state file unless a single resource is specified with a -target flag. The destroy command is shown below.
Conclusion
This project demonstrates the practical application of Terraform to define, provision, and manage cloud infrastructure using infrastructure as code principles. This was a great way to continue growing my skills while demonstrating a competent knowledge of Terraform usage.