Bootstrap FreeKB - Amazon Web Services (AWS) - Getting Started with Terraform
Amazon Web Services (AWS) - Getting Started with Terraform
Updated:   |  Amazon Web Services (AWS) articles

This assumes you have installed Terraform, as described at https://learn.hashicorp.com/tutorials/terraform/install-cli?in=terraform/aws-get-started.

Let's say you have the following files in the /usr/local/terraform/aws directory on your Terraform server. 

├── caller_identity.tf
├── resources.tf
├── provider.tf
├── required_providers.tf

 

required_providers.tf will almost always have this.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
    }
  }
}

 

Let's say /home/john.doe/.aws/config contains a profile, something like this.

[profile johndoe]
region = us-east-1
output = json

 

And /home/john.doe/.aws/credentials contains johndoe access key and secret key.

[johndoe]
aws_secret_access_key = yK53a123456TYaxPabcdefK2gdO0Pq1123456qmq
aws_access_key_id = AKI12345676GL5ABCDEF

 

In this scenario, providers.tf could then have something like this.

provider "aws" {
  alias   = "johndoe"
  profile = "johndoe"
  region  = "us-east-1"
}

 

Or you can point to alternative config and credentials files.

provider "aws" {
  shared_config_files      = ["/usr/local/aws/config"]
  shared_credentials_files = ["/usr/local/aws/credentials"]
  profile                  = "default"
}

 

Or provider.tf could have the following.

provider "aws" {
  access_key = var.access_key
  secret_key = var.secret_key
  region     = var.region
}

 

And variables.tf might have something like this.

variable "access_key" {
  description = "access key"
  type = string 
  sensitive = true
  default = "ABCDEFG123456789"
}
variable "secret_key" {
  description = "secret key"
  type = string 
  sensitive = true
  default = "ABCDEFG123456789ABCDEFG123456789"
}
variable "region" {
  description = "AWS region"
  type = string
  sensitive = false
  default = "us-east-1"
}

 

And caller_identity.tf could have the following, just to validate that the connection to AWS is being made with the correct profile.

data "aws_caller_identity" "caller-identity" {}

output "caller_identity" {
  value = data.aws_caller_identity.caller-identity
}

 

Then use terraform init to initialize the AWS provider.

terraform init

 

And then the terraform plan command can be used can something like this should be returned.

caller_identity = {
  "account_id" = "123456789012"
  "arn" = "arn:aws:iam::123456789012:user/johndoe"
  "id" = "123456789012"
  "user_id" = "AIABDEFG76GL123456RP"
}

 

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 3744bd in the box below so that we can be sure you are a human.