Terraform Cookbook - Second Edition

By : Mikael Krief

4.5 (2)

Buy this Book

Terraform Cookbook - Second Edition

4.5 (2)

By: Mikael Krief

Buy this Book

Overview of this book

Imagine effortlessly provisioning complex cloud infrastructure across various cloud platforms, all while ensuring robustness, reusability, and security. Introducing the Terraform Cookbook, Second Edition - your go-to guide for mastering Infrastructure as Code (IaC) effortlessly. This new edition is packed with real-world examples for provisioning robust Cloud infrastructure mainly across Azure but also with a dedicated chapter for AWS and GCP. You will delve into manual and automated testing with Terraform configurations, creating and managing a balanced, efficient, reusable infrastructure with Terraform modules. You will learn how to automate the deployment of Terraform configurations through continuous integration and continuous delivery (CI/CD), unleashing Terraform's full potential. New chapters have been added that describe the use of Terraform for Docker and Kubernetes, and explain how to test Terraform configurations using different tools to check code and security compliance. The book devotes an entire chapter to achieving proficiency in Terraform Cloud, covering troubleshooting strategies for common issues and offering resolutions to frequently encountered errors. Get the insider knowledge to boost productivity with Terraform - the indispensable guide for anyone adopting Infrastructure as Code solutions.

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Setting Up the Terraform Environment

Technical requirements

Overviewing Terraform best practices

Downloading and installing Terraform on Windows manually

Installing Terraform using Chocolatey on Windows

Installing Terraform on Linux using the APT package manager

Installing Terraform using a script on Linux

Executing Terraform in a Docker container

Switching between multiple Terraform versions

Upgrading Terraform providers

Free Chapter

Writing Terraform Configurations

Technical requirements

Configuring Terraform and the provider version to use

Adding alias to a provider to use multiple instances of the same provider

Manipulating variables

Keeping sensitive variables safe

Using local variables for custom functions

Using outputs to expose Terraform provisioned data

Calling Terraform’s built-in functions

Using YAML files in Terraform configuration

Writing conditional expressions

Generating passwords with Terraform

Managing Terraform resource dependencies

Adding custom pre and postconditions

Using checks for infrastructure validation

Scaling Your Infrastructure with Terraform

Technical requirements

Provisioning infrastructure in multiple environments

Provisioning multiple resources with the count meta-argument

Using maps

Looping over a map of objects

Generating multiple blocks with the dynamic block

Filtering maps

Using Terraform with External Data

Technical requirements

Obtaining external data with data sources

Querying external data with Terraform

Manipulating local files with Terraform

Executing local programs with Terraform

Executing shell scripts using the Terraform Shell provider

Managing Terraform State

Using the local Terraform state

Managing resources in Terraform state

Synchronizing Terraform state

Importing existing resources

Using external resources from other Terraform state files

Refactoring resources in configuration

Applying a Basic Terraform Workflow

Technical requirements

Keeping your Terraform configuration clean

Validating the code syntax

Destroying infrastructure resources

Displaying a list of providers used in a configuration

Generating one Terraform lock file with Windows and Linux compatibility

Copying a Terraform module configuration

Using workspaces to manage environments

Exporting the output in JSON

Tainting resources

Generating the dependency graph

Using different Terraform configuration directories

Testing and evaluating a Terraform expression

Debugging the Terraform execution

Sharing Terraform Configuration with Modules

Technical requirements

Creating a Terraform module and using it locally

Provisioning multiple instances of a Terraform module

Using modules from the public registry

Sharing a Terraform module in the public registry using GitHub

Using another file inside a custom module

Using the Terraform module generator

Generating module documentation

Using a private Git repository for sharing a Terraform module

Applying a Terrafile pattern for using modules

Provisioning Azure Infrastructure with Terraform

Technical requirements

Using Terraform in Azure Cloud Shell

Protecting the Azure credential provider

Protecting the state file in the Azure remote backend

Executing ARM templates in Terraform

Executing Azure CLI commands in Terraform

Using Azure Key Vault with Terraform to protect secrets

Provisioning and configuring an Azure VM with Terraform

Building Azure serverless infrastructure with Terraform

Generating a Terraform configuration for existing Azure infrastructure

Enabling optional Azure features

Estimating Azure cost of infrastructure using Infracost

Using the AzApi Terraform provider

Getting Starting to Provisioning AWS and GCP Infrastructure Using Terraform

Technical requirements

Getting started using Terraform for AWS

Using the S3 backend in AWS

Getting started using Terraform for GCP

Using a GCS backend in GCP

Executing Terraform in GCP Cloud Shell

Using Terraform for Docker and Kubernetes Deployment

Technical requirements

Creating a Docker container using Terraform

Deploying Kubernetes resources using Terraform

Deploying a Helm chart in Kubernetes using Terraform

Using a Kubernetes controller as a Terraform reconciliation loop

Running Test and Compliance Security on Terraform Configuration

Technical requirements

Using PowerShell’s Pester framework to perform Terraform testing

Testing the Terraform configuration using Python

Using OPA to check the Terraform configuration

Using tfsec to analyze the compliance of Terraform configuration

Applying Terraform compliance using terraform-compliance

Testing Terraform module code with Terratest

Testing the Terraform configuration using Kitchen-Terraform

Using the new integrated Terraform module integration test

Deep-Diving into Terraform

Technical requirements

Preventing resources from being destroyed

Ignoring manual changes

Using Terraform’s templating feature

Zero-downtime deployment with Terraform

Managing Terraform configuration dependencies using Terragrunt

Using Terragrunt as a wrapper for Terraform

Generating a self-signed SSL certificate using Terraform

Checking the configuration before committing code using Git hooks

Visualizing Terraform resource dependencies with Rover

Using the Terraform CDK for developers

Automating Terraform Execution in a CI/CD Pipeline

Running Terraform in automation mode

Displaying a summary of the execution of terraform plan

Building CI/CD pipelines to apply Terraform configurations in Azure Pipelines

Automating Terraform execution in GitHub Actions

Working with workspaces in CI/CD

Building CI/CD for Terraform modules in Azure Pipelines

Building a workflow for publishing Terraform modules using GitHub Actions

Using Terraform Cloud to Improve Team Collaboration

Technical requirements

Managing workspaces in Terraform Cloud

Using the remote backend in Terraform Cloud

Migrating Terraform State to Terraform Cloud

Using Terraform Cloud as a private module registry

Executing Terraform configuration remotely in Terraform Cloud

Checking the compliance of Terraform configurations using OPA in Terraform Cloud

Using integrated cost estimation for cloud resources

Integrating the Infracost run task during the Terraform Cloud run

Configuring Terraform Cloud with the Terraform TFE provider

Troubleshooting Terraform Errors

Fixing interpolation errors

Fixing cycle errors

Fixing for_each errors

Fixing output errors

Other Books You May Enjoy

Index

Appendix A: Terraform Cheat Sheet

Basic commands

Format Terraform configuration

Terraform providers management

Terraform dependency file

Basic workflow commands

Backend configuration

Validate configuration

Display Terraform graph dependencies

Taint/untaint resources

Terraform Cloud/Enterprise

Appendix B: Terraform Resources

Terraform official resources

Terraform community resources

Terraform news feed

Terraform certifications and certification preparation

Customer Reviews

4.5 (2)

5 star

50%

4 star

50%

3 star

2 star

1 star

Using Azure Key Vault with Terraform to protect secrets

One of the challenges of IaC is the protection of sensitive information that is part of the infrastructure.

Indeed, one of the advantages of IaC is the possibility to version the code in a Git repository and so this code benefits from the Git workflow of versioning and validation of the code. However, with this approach, we tend to write everything in this code, sometimes forgetting that some data that is sensitive, such as passwords or login strings, can be misused if they end up in the wrong hands.

In this recipe, we will study how to protect this sensitive data by storing it in Azure’s secret manager, which is Azure Key Vault, and then using it in the Terraform configuration.

Getting ready

For this recipe, we assume the use of Azure Key Vault. For more information, you can refer to the documentation available at https://docs.microsoft.com/azure/key-vault/.

As a prerequisite for this recipe, we need...

Terraform Cookbook - Second Edition

By : Mikael Krief

Terraform Cookbook - Second Edition

By: Mikael Krief

Overview of this book

Related Content you might be interested in

Current Title:

Terraform Cookbook - Second Edition

HashiCorp Infrastructure Automation Certification Guide

Terraform for Google Cloud Essential Guide

Learning DevOps

Using Azure Key Vault with Terraform to protect secrets

Getting ready