Scribd
Upload
15 views28 pages

terraform practise updates doc

The document provides a step-by-step guide on installing Terraform and creating AWS resources using Terraform scripts. It covers the creation of a custom network, EC2 instances, S3 buckets with versioning, and the use of data sources for existing configurations. Additionally, it discusses importing existing resources into Terraform for management and modifying their properties.

Uploaded by

competitiveexamsdsk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
15 views28 pages

terraform practise updates doc

The document provides a step-by-step guide on installing Terraform and creating AWS resources using Terraform scripts. It covers the creation of a custom network, EC2 instances, S3 buckets with versioning, and the use of data sources for existing configurations. Additionally, it discusses importing existing resources into Terraform for management and modifying their properties.

Uploaded by

competitiveexamsdsk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 28

Aws & devops by veera nareshit

Installation Terraform
DAY1
Install Terraform on your local system

Step 1: Click the link – https://developer.hashicorp.com/terraform/install


Step 2: select window >386 >download

Step3: Extract all from download

Step4: after extract copy the full path

Aws & devops by veera nareshit


Aws & devops by veera nareshit

C:\Users\Asus\Downloads\terraform_1.7.3_windows_386

Step 5: click on Edit environment variables for your account

Step 6: click on path and edit

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Step 7 : click on new > paste the path > ok

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Step 8: open cmd & check version

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Terraform Codes
DAY 2
Aws & devops by veera nareshit
Aws & devops by veera nareshit

#---create custom network and custom ec2 instance-----------


 Custom Network

1st block : provider.tf


provider "aws" {
access_key = "AKIA4HJWDM3GLTF7HTUH"
secret_key = "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"
region = "us-east-1"

2nd block : Main.tf


#create vpc

resource "aws_vpc" "custnw" {

cidr_block = "10.0.0.0/16"

tags = {

Name = "ankit_vpc"

#Create Internet Gateway and attach to VPC

Aws & devops by veera nareshit


Aws & devops by veera nareshit

resource "aws_internet_gateway" "custnw" {

vpc_id = aws_vpc.custnw.id

tags = {

Name = "Ankit Internet Gateway"

#Create subnet & attach to vpc

resource "aws_subnet" "custnw" {

vpc_id = aws_vpc.custnw.id

cidr_block = "10.0.0.0/24"

Aws & devops by veera nareshit


Aws & devops by veera nareshit

tags = {

Name = "Ankit subnet"

#Create RT and attach to vpc

resource "aws_route_table" "custnw" {

vpc_id = aws_vpc.custnw.id

tags = {

Name = "Ankit Rt"

#associate route table with internetgateway

Aws & devops by veera nareshit


Aws & devops by veera nareshit

route {

cidr_block = "0.0.0.0/0"

gateway_id = aws_internet_gateway.custnw.id

#associate route table with subnet

Aws & devops by veera nareshit


Aws & devops by veera nareshit

resource "aws_route_table_association" "custnw" {

route_table_id = aws_route_table.custnw.id

subnet_id = aws_subnet.custnw.id

#cust security group


resource "aws_security_group" "custnw_sg" {

name = "custnw_sg"

description = "Allow TLS inbound traffics"

vpc_id = aws_vpc.custnw.id

ingress {

description = "TLS from VPC"

from_port = 80

to_port = 80

Aws & devops by veera nareshit


Aws & devops by veera nareshit

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

ingress {

description = "TLS from VPC"

from_port = 22

to_port = 22

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

ingress {

description = "TLS from VPC"

from_port = 443

to_port = 443

protocol = "tcp"

cidr_blocks = ["0.0.0.0/0"]

egress {

from_port =0

to_port =0

protocol = "-1"

cidr_blocks = ["0.0.0.0/0"]

 Custom EC2 Instance


#Create custom ec2 instance

Aws & devops by veera nareshit


Aws & devops by veera nareshit

resource "aws_instance" "custnw" {

ami = var.ami

instance_type = var.instance_type

key_name = var.key_name

subnet_id = aws_subnet.custnw.id

associate_public_ip_address = true

tags = {

Name = "CustANKITec2"

3rd block : Variable.tf

Aws & devops by veera nareshit


Aws & devops by veera nareshit

4th block : Terraform.tfvars

DAY 3
 S3 BUCKET CREATION WITH VERSIONING

Aws & devops by veera nareshit


Aws & devops by veera nareshit

2nd block : Main.tf


#Create S3 Bucket

resource "aws_s3_bucket" "devankit" {

bucket = "terrabucketcreate"

#Get version enabled of created s3 bucket

resource "aws_s3_bucket_versioning" "versioning_adhvikanand" {

bucket = aws_s3_bucket.devankit.id

versioning_configuration {

status = "Enabled"

 OUTPUT BLOCK CODES AND SENSATIVE CONCEPT

2nd block : Main.tf

#Create the fresh EC2 instance and print the output of public ip,
public dns and private ip dns
++Don't print output of privateip_by using sensative.
resource "aws_instance" "MrSingh" {

ami = var.ami

instance_type = var.instance_type

key_name = var.key_name

Aws & devops by veera nareshit


Aws & devops by veera nareshit

tags = {

Name = "MrSinghec2"

#to print output, we have written code in output.tf


5th block : Output.tf

DAY 4
 Backend.tf script
#we are creating one S3 Bucket and try to see the whole creation process inside
terraform.tfstate.

Aws & devops by veera nareshit


Aws & devops by veera nareshit

#terraform.tfstate can be vanished or it will not get seen into the local as above by using
configuring backend.tf block. Means after we do terraform apply terraform.tfstate will get
created and it will capture also the running process whatever any creation deletion any

Aws & devops by veera nareshit


Aws & devops by veera nareshit

ongoing process it will able to capture but it will not located into local as above it will get
located into backend.tf

DAY 5
 IMPORT : import resource into terraform
To do any further changes in created ec2 instance we import or clone to our local
system and control the main.tf for further changes for ec2 instance.

First we create a resource block before that we will create a ec2 instance

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Now we will map the ec instance id with our local ec2 resource block
terraform import aws_instance.importec2 i-0e5ffb92c68b388e7

Now we can give all ami instance_type key_name by the refrence of statefile
because state file recorded capture all details of that ec2 while importing to our local

Aws & devops by veera nareshit


Aws & devops by veera nareshit

We can refer the details from statefile and code on our main resource block

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Now suppose I want to make further changes on it I will give another key pair
previous at first before import it was redhat in statefile means first ec2 before import
have redhat key_name

As Now I have taken full control let me modify as per my wants


Let me change key name to “Whitehat(new key_name)” from redhat (old key_name)
and also let me tag a name “beautiful instance” we can rule it because we own it
now by taking control of it through import command.

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Aws & devops by veera nareshit


Aws & devops by veera nareshit

DAY 6

 DATA SOURCE

Here we can use custom network where we already have vpc created and inside vpc
my subnet , my internet g/w RT everything configured and that all vpc configuration
attached to our placed ec2 public instance inside public subnet.

But here we can create any instance at any time and we can call same cust netwoek
configuration where we already have our vpc details and all.

This can be done with help of data source.

So we already have the custom network configured we can copy the whole
configuration and paste to our new folder.

#create vpc
resource "aws_vpc" "custnw" {
cidr_block = "10.0.0.0/16"
tags = {

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Name = "ankit_vpc"
}
}
#create Internet Gateway and attach to VPC
resource "aws_internet_gateway" "custnw" {
vpc_id = aws_vpc.custnw.id
tags = {
Name = "Ankit Internet Gateway"
}
}
#create subnet attach to vpc

resource "aws_subnet" "custnw" {


vpc_id = aws_vpc.custnw.id
cidr_block = "10.0.0.0/24"
tags = {
Name = "Ankit subnet"
}
}

#create RT and attach to vpc


resource "aws_route_table" "custnw" {
vpc_id = aws_vpc.custnw.id
tags = {
Name = "Ankit Rt"
}
#associate route table with internetgateway
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.custnw.id
}
}
#associate route table with subnet
resource "aws_route_table_association" "custnw" {
route_table_id = aws_route_table.custnw.id
subnet_id = aws_subnet.custnw.id
}
#cust security group
resource "aws_security_group" "custnw_sg" {
name = "custnw_sg"
description = "Allow TLS inbound traffics"
vpc_id = aws_vpc.custnw.id

ingress {
description = "TLS from VPC"
from_port = 80
to_port = 80

Aws & devops by veera nareshit


Aws & devops by veera nareshit

protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "TLS from VPC"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
description = "TLS from VPC"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]

}
}

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Now we can create fresh ec2 instance and inside it only we call vpc which we
already taken from old and pasted to our new dir.

Lets create a fresh ec2 instance.

Go to vpc
Subnet ID (from here copying subnet id and pasting inside data source block)

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Like above we passed the value of subnet into fresh ec2 via creating data source.
Same we can pass Security Group as well
Go to vpc
Security Group ID (from here copying SG id and pasting inside data source block)

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Aws & devops by veera nareshit


Aws & devops by veera nareshit

Aws & devops by veera nareshit

You might also like