Book Image

Getting Started with Terraform - Second Edition

By : Kirill Shirinkin
1 (1)
Book Image

Getting Started with Terraform - Second Edition

1 (1)
By: Kirill Shirinkin

Overview of this book

Terraform is a tool used to efficiently build, configure, and improve the production infrastructure. It can manage the existing infrastructure as well as create custom in-house solutions. This book shows you when and how to implement infrastructure as a code practices with Terraform. It covers everything necessary to set up the complete management of infrastructure with Terraform, starting with the basics of using providers and resources. It is a comprehensive guide that begins with very small infrastructure templates and takes you all the way to managing complex systems, all using concrete examples that evolve over the course of the book. The book ends with the complete workflow of managing a production infrastructure as code—this is achieved with the help of version control and continuous integration. The readers will also learn how to combine multiple providers in a single template and manage different code bases with many complex modules. It focuses on how to set up continuous integration for the infrastructure code. The readers will be able to use Terraform to build, change, and combine infrastructure safely and efficiently.
Table of Contents (15 chapters)
Title Page
About the Author
About the Reviewer
Customer Feedback

Configuring AWS provider

Before using Terraform to create an instance, we need to configure AWS provider. This is the first piece of code we will write in our template. Templates are written in a special language named HashiCorp Configuration Language (HCL). More details about HCL can be found at You can also write your templates in JSON, but this is recommended only if a template is itself generated or read by a machine.

We can configure credentials in the following ways.

Static credentials

With this method, you just hardcode your access keys right inside your template. It looks as follows:

    provider "aws" {
        access_key = "xxxxxxxxxxxxx"
        secret_key = "xxxxxxxxxxxxx"
        region = "us-east-1"

Though the simplest one, it is also the least flexible and secure. You don't want to give your credentials just like this to everyone in the team. Rather, each team member should use his or her own keys. Consider this method a bad practice and...