Demo of Terraform by Hasicorp for AWS
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Demo of Terraform by HashiCorp for AWS



AWS setup

Get your AWS account

Get an AWS account, if you don't already have one:

Get AWS command line software (optional)

To install AWS CIO on macOS via brew:

$ brew update && brew install awscli

To install AWS CLI via python pip:

$ pip install awscli --upgrade --user


$ aws --version
aws-cli/1.15.30 Python/3.6.5 Darwin/17.7.0 botocore/1.10.30

Get your AWS security credentials

Get your AWS security credentials, if you don't already have them.

  • When you sign in the AWS website, the AWS console shows your username in the upper right.

  • Click your username. You see a dropdown menu. Click "Security Credentials".

  • If this is your first time using AWS, or if you are still using old-style credentials, then you may see a dialog box asking you to switch to best practices using AWS IAM; click the IAM button.

Get your AWS user

You can run this demo by using any AWS user you want.

  • For example, you can run this as your own user.

  • We prefer to create a new AWS IAM user that is specific for this demo. We name the user "demo_terraform".

Create an AWS IAM user (optional)

  • Enter the user name "demo_terraform" then check the box "Generate an access key for each user".

  • Click "Show User Security Credentials" and copy the info, which looks like the info below.

Example credentials:

Secret Access Key: OJif8/L9UgHqfJzkO3RDqEcypvWkilfkfe8N5YOO

Create an AWS IAM policy (optional)

Authorize the Terraform user, if you need to.

To set up the policy:

Option 1 - choose the Administration policy:

  • This is a good option if you want to get up and running easily, and the AWS system is low value.

  • Click the row "Managed Policies"

  • Click the button "Attach Policies".

Option 2 - choose a custom policy:

  • This is a good option if you need to be cautious with your AWS systems, such as protecting them from accidential deletions of servers.

  • Click the row "Inline Policies"

  • Click the button "Create User Policy".

  • Click the "Select" button.

  • Policy Name: demo_terraform_policy (or anything you want)

  • Policy Document: create the policy you want, such as these examples

  • Click the button "Validate Policy". If it's not valid, then keep working on it; do not apply it.

  • Click the button "Apply Policy".

Terraform setup


Use the Terraform install page.


Create a Terraform configuration file.

Our demo configuration file is


Initialize Terraform for the AWS Provider:

$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on

$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on
- Downloading plugin for provider "aws" (1.56.0)...
Terraform has been successfully initialized!


Use the Terraform build page.

Typical commands:

  • terraform plan shows what will run.

  • terraform apply runs it.

  • terraform show prints the results file.

  • Caveat: when I ran terraform apply then I saw error messages; I needed to choose a different region, AMI, instance type, and IAM security policy.


Plan example:

$ terraform plan
Refreshing Terraform state in-memory prior to plan...
Terraform will perform the following actions:
Plan: 1 to add, 0 to change, 0 to destroy.


Congratulations, you're up and running!


VPC resource not specified

Issue: terraform apply failed due to VPC resource not specified.

  • Error message: aws_instance.example: Error launching source instance: VPCResourceNotSpecified: The specified instance type can only be used in a VPC. A subnet ID or network interface ID is required to carry out the request.

  • See this issue:

  • Workaround is to change to an AMI and instance that do not need a VPC.


resource "aws_instance" "example" {
  ami = "ami-408c7f28"
  instance_type = "t1.micro"

Unauthorized operation

Issue: terraform apply failed due to unauthorized operation.