Terraform Notes

Introduction to Terraform
Terraform is an open-source Infrastructure as Code (IaC) tool created by HashiCorp. It allows
you to define, provision, and manage infrastructure across various cloud providers using a
declarative configuration language (HCL - HashiCorp Configuration Language).

ub
Key Benefits:
Declarative Language: You describe what infrastructure you need, and Terraform builds it for
you.

H
Multi-Cloud Compatibility: Supports providers like AWS, Azure, Google Cloud, and others.
State Management: Keeps track of resources to handle infrastructure changes.
Execution Plans: Provides a preview of changes before applying them.
Terraform Core Concepts

ry
1. Providers
Providers are plugins used to interact with APIs of cloud platforms like AWS, Azure, or GCP.

provider "aws" {
region = "us-east-1"
te
Each provider has its own set of resources and data sources.
as
}
2. Resources
Resources are the main components in your infrastructure, like virtual machines, storage,
M

databases, etc.
resource "aws_instance" "example" {
ami = "ami-123456"
instance_type = "t2.micro"
ps

}
3. Variables
Variables are placeholders for values to make configurations reusable and parameterized.
O

variable "instance_type" {
default = "t2.micro"
}
ev

4. Outputs
Outputs are used to display information after a configuration is applied, such as IP addresses or
URLs.
D

output "instance_ip" {
value = aws_instance.example.public_ip
}
5. State
Terraform uses a state file to keep track of infrastructure resources, enabling incremental
updates.
Basic Terraform Workflow:
03496740587
Write Configuration: Create .tf files containing your desired infrastructure in HCL syntax.
Initialize: Run terraform init to initialize the project and download provider plugins.
Plan: Run terraform plan to see what changes Terraform will make to your infrastructure.
Apply: Run terraform apply to execute the plan and provision resources.
Destroy: Run terraform destroy to tear down all infrastructure defined in the configuration.
Terraform Commands
1. terraform init
Initializes the working directory with plugins, modules, and backend setup.

ub
terraform init
2. terraform plan
Shows a preview of what actions Terraform will take when apply is run.
terraform plan

H
3. terraform apply
Applies the changes required to reach the desired state of the configuration.
terraform apply

ry
4. terraform destroy
Destroys all resources managed by Terraform in the current configuration.
terraform destroy
5. terraform fmt
te
Formats configuration files for readability and best practices.
terraform fmt
as
6. terraform validate
Validates the syntax and configuration of the files without deploying anything.
terraform validate
M

Writing a Basic Terraform Configuration

Define the Provider – Specify which cloud provider you’ll be using.
Create Resources – Define the infrastructure components you want.
ps

Use Variables – Parameterize the configuration for flexibility.

Output Values – Define output values to get useful information.
Example: Deploying an EC2 Instance on AWS
# 1. Define Provider
O

provider "aws" {
region = "us-east-1"
ev

resource "aws_instance" "example" {

D

ami = "ami-123456"
instance_type = “t2.micro”
tags = {
Name = "ExampleInstance"
}
}
:wq

03496740587
> terraform init
> terraform plan
> terraform apply

If you want to delete the resources:

> terraform state list
> terraform destroy -target=”target-id”

ub
Defining Variables
Variables can be specified in multiple ways:

> vim main.tf

H
# 1. Define Provider
provider "aws" {
region = "us-east-1"

ry
}

resource "aws_instance" "example" {

ami = "ami-123456"
instance_type = var.instance_type
tags = {
te
as
Name = "ExampleInstance"
}
}
M

variable "instance_type" {
default = "t2.micro"
ps

type = string
description = "Type of EC2 instance to deploy"
}
O

:wq
> terraform apply
ev

Terraform Var Files:

> vim main.tf
D

# 1. Define Provider
provider "aws" {
region = "us-east-1"
}

resource "aws_instance" "example" {

count = var.instance_count

03496740587
 ami = "ami-123456"
instance_type = var.instance_type
tags = {
Name = "ExampleInstance"
}
}
:wq
> vim variable.tf

ub
variable “instance_count” {
description = “*”
type= number
default=3

H
variable “instance_type” {
description = “*”

ry
type= string
default=”t2.micro”
:wq
> terraform init
> terraform plan
> terraform apply –auto-approve
te
as
Second Method:
M

vim main.tf
# 1. Define Provider
provider "aws" {
ps

region = "us-east-1"
}

resource "aws_instance" "example" {

O

count = var.instance_count
ami = "ami-123456"
ev

instance_type = var.instance_type
tags = {
Name = "ExampleInstance"
D

}
}
:wq
Vim variable.tf
variable “instance_count” {
}

03496740587
variable “instance_type” {
}
:wq

vim dev.tfvars
instance_count = 1
instance_type = “t2.micro”

ub
:wq

> vim test.tfvars

instance_count = 2

H
instance_type = “t2.medium”

:wq

ry
> terraform apply –auto-approve -var-file=”dev.tfvars”
> terraform apply –auto-approve -var-file=”test.tfvars”

te
> terraform destroy –auto-approve -var-file=”dev.tfvars”
as
Terraform CLI:

> vim main.tf

M

# 1. Define Provider
provider "aws" {
region = "us-east-1"
ps

resource "aws_instance" "example" {

O

ami = "ami-123456"
instance_type = var.instance_type
tags = {
ev

Name = "ExampleInstance"
}
}
D

variable “instance_type” {
}

:wq

> terraform apply –auto-approve

03496740587
Enter Value: t2.micro
OR
terraform apply –auto-approve -var=”instance_type=t2.micro”

Terraform output:
It is used to print information of resource instance.
# 1. Define Provider
provider "aws" {

ub
region = "us-east-1"
}

H
resource "aws_instance" "example" {
ami = "ami-123456"
instance_type = “t2.micro”

ry
tags = {
Name = "ExampleInstance"
}
}

output “dmh” { te
as
value = [aws_instance.dmh.public_ip,
aws_instance.dmh.private_ip,aws_instance.dmh.public_dns,aws_instance.dmh.private_dns]
}
M

:wq
ps

Terraform Import:
It is used to import and track the resources which are created manually.
> First create an instance manually.
O

> copy instance id.

> vim main.tf
ev

# 1. Define Provider
provider "aws" {
region = "us-east-1"
D

resource "aws_instance" "example" {

}
:wq
> terraform import aws_instance.example <past instance id here>

03496740587
Terraform s3 bucket:

# 1. Define Provider
provider "aws" {
region = "us-east-1"
}

resource "aws_s3_bucket" "example" {

ub
Bucket = “anyuniquebucketname”
}
:wq

H
> terraform apply

ry
Terraform ebs volume:
# 1. Define Provider
provider "aws" {

}
region = "us-east-1"
te
as
resource "aws_ebs_volume" "example" {
Size = 20
availability_zone = “us-east-1a”
M

}
:wq
> terraform apply
ps

Terraform iam user:

O

# 1. Define Provider
provider "aws" {
ev

region = "us-east-1"
}

resource "aws_iam_user" "example" {

D

name = “dmh”
}
:wq
> terraform apply

Terraform Lifecycle:

03496740587
It is used to keep our resources secure without destroying them.
# 1. Define Provider
provider "aws" {
region = "us-east-1"
}

resource "aws_instance" "example" {

ami = "ami-123456"

ub
instance_type = “t2.micro”
tags = {
Name = "ExampleInstance"
}

H
lifecycle {
Prevent_destroy = true
}

ry
}
:wq
> terraform apply

Terraform commit: te
as
If we put commot , it will not work for that action.
# 1. Define Provider
provider "aws" {
region = "us-east-1"
M

resource "aws_instance" "example" {

ps

ami = "ami-123456"
instance_type = “t2.micro”
tags = {
Name = "ExampleInstance"
O

}
}
ev

/*resource "aws_instance" "example1" {

ami = "ami-123456"
D

instance_type = “t2.medium”
tags = {
Name = "ExampleInstance1"
}
}*/
:wq
> terraform apply

03496740587
Terraform FMT:
It is used to provide indentation for terraform.
> terraform fmt

Terraform Local Resources:

It is used to create local resources with the help of terraform file.

ub
> vim main.tf
# 1. Define Provider
provider "aws" {

H
region = "us-east-1"
}

ry
resource "local_file" "example" {
filename = "abc.txt"
content= “hello world!”
}
:wq
> terraform init
te
as
> terraform apply
M
ps
O
ev

Terraform Workspaces:
What are Workspaces?
D

Workspaces are a way to maintain multiple, isolated state files for a single Terraform
configuration.
They allow you to manage different environments (like dev, staging, and production) within a
single configuration setup.
By default, every Terraform configuration has a single workspace named default.
Why Use Workspaces?

03496740587
Workspaces are useful for managing different environments without creating separate
directories or configurations.
They keep the state for each environment separate, which is helpful when deploying similar
infrastructure with slight differences (like instance sizes or numbers).
Common Commands for Workspaces
Create a New Workspace

ub
terraform workspace new <workspace_name>
Example:
terraform workspace new dev
Switch Between Workspaces

H
terraform workspace select <workspace_name>
Example:

ry
terraform workspace select prod
List All Workspaces
terraform workspace list
Show the Current Workspace
terraform workspace show
te
as
Delete a Workspace

You can delete a workspace, but only if it is not in use.

M

terraform workspace delete <workspace_name>

Terraform Taint
ps

What is Terraform Taint?

Taint is a command that marks a specific resource for recreation.
By marking a resource as tainted, you tell Terraform to destroy and recreate that resource
O

during the next apply operation.

Useful for cases where a resource is malfunctioning or you want to force an update without
ev

changing the configuration file.

Why Use Terraform Taint?
When you have a resource that’s problematic, such as a misconfigured or corrupted resource,
and you want to replace it without making configuration changes.
D

Useful for testing to see if recreating a resource would solve issues.

Commands for Taint and Untaint
Mark a Resource as Tainted

terraform taint <resource_type.resource_name>

Example:

03496740587
terraform taint aws_instance.example
Remove the Taint on a Resource

If you want to remove the taint marking before applying, you can use untaint.

terraform untaint <resource_type.resource_name>

Example:

ub
terraform untaint aws_instance.example
Apply Changes to Recreate the Tainted Resource

After marking a resource as tainted, run:

H
terraform apply

Terraform alias and providers:

ry
It is used to create different resources in different regions with the help of same file.
# 1. Define Provider
provider "aws" {

}
region = "us-east-1"
te
as
resource "aws_instance" "example" {
ami = "ami-123456"
instance_type = “t2.micro”
M

tags = {
Name = "ExampleInstance"
}
ps

# 1. Define Provider
provider "aws" {
O

region = "ap-southeast-1"
alias = “tokyo”
ev

resource "aws_instance" "example" {

Provider = aws.tokyo
D

instance_type = “t2.medium”
tags = {
Name = "ExampleInstance1"
}
}
:wq
> terraform apply
03496740587
Example configuration for S3 remote state:
Google: terraform s3 backened
Backend type: s3 | terraform
Copy the “”example configuration”
Create new bucket on aws and uses the same name of the bucket in the terraform file.
> vim main.tf
provider “aws” {

ub
region = “us-east-1”
}

H
terraform {
backend "s3" {
bucket = "my-terraform-state"

ry
key = "prod/terraform.tfstate"
region = "us-east-1"
}
}
resource "aws_instance" "example" {
ami = "ami-123456"
te
as
instance_type = “t2.micro”
tags = {
Name = "ExampleInstance"
M

}
}
:wq
> terraform apply
ps

Note: If you delete the state file, you can get it from s3 bucket.
O
ev

Terraform Dynamics:
It is used to reduce the length of code and used for reusability of code in loop.
> vim main.tf
D

provider “aws” {
}

Locals {
Ingress_rules = [{
Port = 443
description = “ingress rul for port 443”

03496740587
},
{
Port 8080
Description = “ingrss rule for port 8080”
}]
}

ub
H
ry
te
as
M
ps
O
ev
D

03496740587