Skip to content

joelparkerhenderson/demo-terraform-aws

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
doc/policies
doc/policies
 
 
.env.example.auto.tfvars
.env.example.auto.tfvars
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
README.png
README.png
 
 
aws_ami.tf
aws_ami.tf
 
 
aws_db_instance.tf
aws_db_instance.tf
 
 
aws_default_vpc.tf
aws_default_vpc.tf
 
 
aws_iam_account_password_policy.tf
aws_iam_account_password_policy.tf
 
 
aws_iam_policy.tf
aws_iam_policy.tf
 
 
aws_instance.tf
aws_instance.tf
 
 
aws_key_pair.tf
aws_key_pair.tf
 
 
main.tf
main.tf
 
 

Repository files navigation

Demo of Terraform by HashiCorp for AWS

Terraform

Contents:

AWS setup

Get your AWS account

Get an AWS account, if you don't already have one:

Get AWS command line software (optional)

To install AWS CIO on macOS via brew:

$ brew update && brew install awscli

To install AWS CLI via python pip:

$ pip install awscli --upgrade --user

Verify:

$ aws --version
aws-cli/1.15.30 Python/3.6.5 Darwin/17.7.0 botocore/1.10.30

Get your AWS security credentials

Get your AWS security credentials, if you don't already have them.

  • When you sign in the AWS website, the AWS console shows your username in the upper right.

  • Click your username. You see a dropdown menu. Click "Security Credentials".

  • If this is your first time using AWS, or if you are still using old-style credentials, then you may see a dialog box asking you to switch to best practices using AWS IAM; click the IAM button.

Get your AWS user

You can run this demo by using any AWS user you want.

  • For example, you can run this as your own user.

  • We prefer to create a new AWS IAM user that is specific for this demo. We name the user "demo_terraform".

Create an AWS IAM user (optional)

  • Enter the user name "demo_terraform" then check the box "Generate an access key for each user".

  • Click "Show User Security Credentials" and copy the info, which looks like the info below.

Example credentials:

Access Key ID: 6IAIN7RHCYWDYJAHV8LS
Secret Access Key: OJif8/L9UgHqfJzkO3RDqEcypvWkilfkfe8N5YOO

Create an AWS IAM policy (optional)

Authorize the Terraform user, if you need to.

To set up the policy:

Option 1 - choose the Administration policy:

  • This is a good option if you want to get up and running easily, and the AWS system is low value.

  • Click the row "Managed Policies"

  • Click the button "Attach Policies".

Option 2 - choose a custom policy:

  • This is a good option if you need to be cautious with your AWS systems, such as protecting them from accidential deletions of servers.

  • Click the row "Inline Policies"

  • Click the button "Create User Policy".

  • Click the "Select" button.

  • Policy Name: demo_terraform_policy (or anything you want)

  • Policy Document: create the policy you want, such as these examples

  • Click the button "Validate Policy". If it's not valid, then keep working on it; do not apply it.

  • Click the button "Apply Policy".

Terraform setup

Install

Use the Terraform install page.

Configure

Create a Terraform configuration file.

Our demo configuration file is demo.tf

Initialize

Initialize Terraform for the AWS Provider:

$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...

$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "aws" (1.56.0)...
...
Terraform has been successfully initialized!

Build

Use the Terraform build page.

Typical commands:

  • terraform plan shows what will run.

  • terraform apply runs it.

  • terraform show prints the results file.

  • Caveat: when I ran terraform apply then I saw error messages; I needed to choose a different region, AMI, instance type, and IAM security policy.

Plan

Plan example:

$ terraform plan
Refreshing Terraform state in-memory prior to plan...
...
Terraform will perform the following actions:
...
Plan: 1 to add, 0 to change, 0 to destroy.
...

Congratulations

Congratulations, you're up and running!

Troubleshooting

VPC resource not specified

Issue: terraform apply failed due to VPC resource not specified.

  • Error message: aws_instance.example: Error launching source instance: VPCResourceNotSpecified: The specified instance type can only be used in a VPC. A subnet ID or network interface ID is required to carry out the request.

  • See this issue: hashicorp/terraform#4367

  • Workaround is to change to an AMI and instance that do not need a VPC.

Example:

resource "aws_instance" "example" {
  ami = "ami-408c7f28"
  instance_type = "t1.micro"
}

Unauthorized operation

Issue: terraform apply failed due to unauthorized operation.

  • Error message: aws_instance.example: Error launching source instance: UnauthorizedOperation: You are not authorized to perform this operation. Encoded authorization failure message...

  • See this issue: hashicorp/terraform#2834

  • The solution is to use policy; we recommend the policy that is described in the issue above, thanks to https://github.com/artburkart

About

Demo of Terraform by Hasicorp for AWS

sixarm.com

Resources

Readme

Code of conduct

Code of conduct
Activity

Stars

9 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

 
 
 

Languages