Terraform’s official website says that:
“Terraform is an open-source infrastructure as a code software tool that provides a consistent CLI workflow to manage hundreds of cloud services.”
The first question you might have is, “What exactly is infrastructure as code?”
Well, whenever you use a cloud provider service to set up the infrastructure for your project, you typically create all the required resources through the web UI or the CLI for that particular service. Infrastructure as code is the process of defining all your infrastructure in a machine-readable format, that is, as code.
Terraform is a tool that takes the infrastructure you defined as code, and brings it to life!
To simplify it, let’s say you want to create an S3 bucket in AWS. So, you would write this instruction as code (which we will go over later), and Terraform would execute this code, which means that it will create that bucket for you.
Pretty cool, right?
Now, you might wonder why you would want to use Terraform, and this entire infrastructure, as an approach instead of what you have been doing. Well, there are a couple of advantages, as we discuss below.
When you manually create your infrastructure, there are a lot of screens and wizards you have to go through to configure it, which means here are many settings you need to take care of. When there is so much to configure, it is quite easy to set something incorrectly by accident.
With Terraform, you write all this as code, which means it will all be in one place for you to see. So, the chances that you will make a mistake are reduced.
When you do things the traditional way, it is quite difficult to create multiple identical environments. These environments may be completely similar or they might have slight variations. Now, if you do this the traditional way, that means you have to go through all the configuration screens again and remember what slight changes you want to make.
But with Terraform, it’s as simple as the Ctrl + C and Ctrl + V of your code, which defines your infrastructure. This also makes it easier to make all the slight changes you want in each environment! However, it is more convenient to keep these environments identical to each other in the long run.
With Terraform, you’ll have your entire infrastructure written out in front of you as code. This makes it very easy to get an idea of which components are present and make changes as you see fit.
These are some key reasons why you might want to use Terraform over the traditional method of creating infrastructure.
There are solutions like AWS CloudFormation available that will do the same for you. Still, it is better to use Terraform instead of some cloud provider-specific solution as it’s useful to learn a tool that will come in handy regardless of the cloud provider you’re working with.
Now that we have an idea of what Terraform does, let’s see it in action. I will keep it simple for this one and show you how to create an S3 bucket in AWS with Terraform. But remember, you can create your entire infrastructure regardless of the cloud provider with Terraform.
First, sign-in to AWS and create a programmatic user that Terraform can use to talk to AWS. Make sure to give this user enough access to create the S3 bucket. Once you’ve created this user, make sure to take a note of the Access key ID and the Secret access key.
Once you’re done with this, go
terraform -version
to make sure you’ve installed it correctly.
Now we need to set up the environment variables to give Terraform access to our AWS account. To do this, simply run the following commands in your terminal.
export AWS_ACCESS_KEY_ID=YOURACTUALKEYID
export AWS_SECRET_ACCESS_KEY=YOURACTUALACCESSKEY
And that’s it! Terraform now has access to talk to your AWS account. Do note that these two variables only exist for the lifetime of the current terminal window; that is, if you close the window, you’ll have to type the above commands again.
Now, let’s write our infrastructure as code!
If you’re using VSCode, you might wanna grab these extensions: HashiCorp Terraform and Terraform Autocomplete.
Create a main.tf file and open it with your favorite code editor. Note that it is not necessary to call this file main.tf, but it is considered a best practice. Go ahead and copy the following contents in the file and I’ll explain what we’ve done.
provider "aws" {
region = "eu-west-1"
}
resource "aws_s3_bucket" "my_bucket" {
bucket = "my-first-bucket"
}
The first thing we did was specify our provider, AWS in our case. Terraform has a large number of providers that give Terraform access to provider-specific resources. When we chose the provider, we also specify the region we want to use for this project in AWS.
The next thing we did was set up our S3 bucket. For this, we defined a resource.
A resource is simply something that maps to an item in the real world. For example, maps to something in our cloud provider.
In the first set of quotes, we specified the resource we wanted to use, an AWS S3 bucket. In the second set of quotes, we gave this bucket an identifier. An identifier is only for use inside Terraform projects and has nothing to do with what will be created in AWS by Terraform.
After this, we provided the configuration for this resource. Resources may have any number of parameters for you to configure. This configuration will be used to set the resource up as you want it in AWS. In this example, we just set the bucket name.
Now, go back to your command line where you set up your AWS keys. You should see these keys when you run something like:
printenv | grep AWS
From this terminal, navigate to the folder that has the main.tf file and run:
terraform init
This will configure Terraform to run with your project and will initialize a state file. Next, run:
terraform apply
This will take your main.tf file and apply that to AWS. When you run that command, you will see the plan that Terraform creates before actually making changes to AWS. This is so that you can see everything that Terraform will create in your cloud provider. After it shows you the plan, Terraform will ask for your permission to apply the plan. Type “yes” to continue, and you should see a success message.
Now, go to your Amazon S3 console and you’ll see your bucket created by Terraform. Amazing, right?
You know what’s even cooler?
Run terraform apply again, and nothing will happen. This is because you asked Terraform to ensure that there is one particular S3 bucket, and if that is already created, it will do nothing. I had to mention this so that you didn’t think that running terraform apply again will create a new bucket.
Delete the bucket from the AWS console and then run terraform apply again. You will see the plan screen again where Terraform asks you to confirm the creation of the S3 bucket. Say “yes” and you’ll see your bucket again in the AWS console.
There is one final command I want to show you before we end this article. Run:
terraform destroy
You will now see another plan, which shows all the things Terraform will delete in order to destroy everything that was created by the main.tf file. Enter “yes,” go to your console, and the bucket should be gone!
Free Resources