Terraform project sets up a basic AWS infrastructure, deploys an EC2 instance with IAM role, security group, an encrypted EBS volume, and metadata stored securely in an S3 bucket with state locking using DynamoDB.
- Created IAM Role EC2_SSM_Role for the SSM Agent.
- Selected an Amazon Linux AMI that has the SSM Agent preinstalled.
- Configure logging for Session Manager using CloudWatch
Documentation - https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/connect-to-an-amazon-ec2-instance-by-using-session-manager.html
main.tf
resource "aws_s3_bucket" "terraform_state" {
bucket = "your-unique-s3-bucket-name"
versioning {
enabled = true
}
}
resource "aws_dynamodb_table" "terraform_lock" {
name = "terraform_lock"
billing_mode = "PAY_PER_REQUEST"
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
terraform {
backend "s3" {
bucket = aws_s3_bucket.terraform_state.bucket
key = "terraform.tfstate"
encrypt = true
dynamodb_table = aws_dynamodb_table.terraform_lock.name
}
}
Before you begin, ensure you have the following installed:
- Terraform
- AWS CLI configured with necessary access credentials
Clone the repository:
git clone https://github.com/aditi55/Terraform.git
terraform init
terraform validate
terraform plan
terraform apply
Enter yes when prompted.
To destroy the infrastructure and release AWS resources:
terraform destroy
Enter yes when prompted.