This repository offers a step-by-step guide on leveraging Terraform's Input Variables and Datasources for AWS EC2 deployments. Explore defining variables such as region, instance type, and key pair, as well as associating security groups and retrieving the latest AMI ID. Follow along with the provided examples to create an EC2 instance and access deployed applications. Learn to validate, plan, apply changes, and clean up resources effortlessly. Perfect for beginners and those aiming to enhance their Terraform skills in managing infrastructure as code on AWS EC2.
- Create a
terraform-keyin AWS EC2 Key pairs which we will reference in our EC2 Instance
- Terraform Input Variables
- Terraform Datasources
- Terraform Output Values
- Learn about Terraform
Input Variablebasics
- AWS Region
- Instance Type
- Key Name
- Define
Security Groupsand Associate them as aList itemto AWS EC2 Instance
- vpc-ssh
- vpc-web
- Learn about Terraform
Output Values
- Public IP
- Public DNS
- Get latest EC2 AMI ID Using
Terraform Datasourcesconcept - We are also going to use existing EC2 Key pair
terraform-key - Use all the above to create an EC2 Instance in default VPC
# AWS Region
variable "aws_region" {
description = "Region in which AWS Resources to be created"
type = string
default = "us-east-1"
}
# AWS EC2 Instance Type
variable "instance_type" {
description = "EC2 Instance Type"
type = string
default = "t3.micro"
}
# AWS EC2 Instance Key Pair
variable "instance_keypair" {
description = "AWS EC2 Key pair that need to be associated with EC2 Instance"
type = string
default = "terraform-key"
}- Reference the variables in respective
.tffies
# c1-versions.tf
region = var.aws_region
# c5-ec2instance.tf
instance_type = var.instance_type
key_name = var.instance_keypair # Create Security Group - SSH Traffic
resource "aws_security_group" "vpc-ssh" {
name = "vpc-ssh"
description = "Dev VPC SSH"
ingress {
description = "Allow Port 22"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
description = "Allow all ip and ports outboun"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
# Create Security Group - Web Traffic
resource "aws_security_group" "vpc-web" {
name = "vpc-web"
description = "Dev VPC web"
ingress {
description = "Allow Port 80"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow Port 443"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
description = "Allow all ip and ports outbound"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}- Reference the security groups in
c5-ec2instance.tffile as a list item
# List Item
vpc_security_group_ids = [aws_security_group.vpc-ssh.id, aws_security_group.vpc-web.id] # Get latest AMI ID for Amazon Linux2 OS
# Get Latest AWS AMI ID for Amazon2 Linux
data "aws_ami" "amzlinux2" {
most_recent = true
owners = [ "amazon" ]
filter {
name = "name"
values = [ "amzn2-ami-hvm-*-gp2" ]
}
filter {
name = "root-device-type"
values = [ "ebs" ]
}
filter {
name = "virtualization-type"
values = [ "hvm" ]
}
filter {
name = "architecture"
values = [ "x86_64" ]
}
}- Reference the datasource in
c5-ec2instance.tffile
# Reference Datasource to get the latest AMI ID
ami = data.aws_ami.amzlinux2.id # EC2 Instance
resource "aws_instance" "myec2vm" {
ami = data.aws_ami.amzlinux2.id
instance_type = var.instance_type
user_data = file("${path.module}/app1-install.sh")
key_name = var.instance_keypair
vpc_security_group_ids = [aws_security_group.vpc-ssh.id, aws_security_group.vpc-web.id]
tags = {
"Name" = "EC2 Demo 2"
}
}# Terraform Output Values
output "instance_publicip" {
description = "EC2 Instance Public IP"
value = aws_instance.myec2vm.public_ip
}
output "instance_publicdns" {
description = "EC2 Instance Public DNS"
value = aws_instance.myec2vm.public_dns
}# Terraform Initialize
terraform init
Observation:
1) Initialized Local Backend
2) Downloaded the provider plugins (initialized plugins)
3) Review the folder structure ".terraform folder"
# Terraform Validate
terraform validate
Observation:
1) If any changes to files, those will come as printed in stdout (those file names will be printed in CLI)
# Terraform Plan
terraform plan
Observation:
1) Verify the latest AMI ID picked and displayed in plan
2) Verify the number of resources that going to get created
3) Verify the variable replacements worked as expected
# Terraform Apply
terraform apply
[or]
terraform apply -auto-approve
Observations:
1) Create resources on cloud
2) Created terraform.tfstate file when you run the terraform apply command
3) Verify the EC2 Instance AMI ID which got created# Access index.html
http://<PUBLIC-IP>/index.html
http://<PUBLIC-IP>/app1/index.html
# Access metadata.html
http://<PUBLIC-IP>/app1/metadata.html# Terraform Destroy
terraform plan -destroy # You can view destroy plan using this command
terraform destroy
# Clean-Up Files
rm -rf .terraform*
rm -rf terraform.tfstate*