AWS — Difference between Secrets Manager and Parameter Store (Systems Manager)
Terraform is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage many cloud services. Terraform codifies cloud APIs into declarative configuration files.
In this example, we will show you how to build multiple interdependent recourses using Terraform on AWS.
1. Install Terraform
Once you have successfully installed Terraform, continue to the next section.
2. Next Step-AWS Account
- Create a new user for terraform in the IAM Section of your AWS account .
- Select Programmatic access and enter your user details.
Add user called terraform and give it Administrator Access
3. Click next and select the Administrator Access.
4. Once the user is created you will get an Access key ID and Secret access key. Store these in a safe location as you will need these later. Download the csv file.
3. Third step install AWS CLI:
Once you install aws-cli you will see like this if you run the following command.
I have installed cli and terraform in my windows laptop and created folder terraform which has as the unzipped files from the terraform downloads.
4. Build and Destroy your resources using Terraform
- Move to your terraform working directory . In the command line run aws configure provide the aws access key id and secret access key along with the region. I wanted to make my resources in Oregon so I choose us-west -2 .
- The key and secret is what you downloaded earlier as a csv file.
3. Create a provider file since we are using AWS we will specify the provider as AWS. When working with terraform we should always save the file as .tf extension ( eg provider.tf ). Save the file in the same terraform directory.
4. Now we will run the “terraform init” command where we created our provider.tf file to download and initialize the appropriate provider plugins. In this case, we are downloading the AWS provider plugin we specified in our provider.tf file.
We have AWS account and created an IAM user, let’s spin up our resources using Terraform.
5. Create new file called resourses.tf . We will now create VPC, 2 public, 2 private subnets, internet gateway , route table and ec2 instance using terraform.
6. First we will define our resource VPC with name and cidr block. Next we will define two public subnets. We have to reference the VPC name in the vpc_id . The cidr blocks for the subnets should be defined here. If we choose to launch public subnet then the map_public_ip_on_launch parameter should be enabled to true . If we do not specify this any instance launched in this subnet will not have a public ip.
7. If you want to create private subnets we have to reference the vpc_id . Note that map_public_ip_on_launch parameter is not required in the private subnet.
8. We will now create internet gateway and attach it to VPC. We can add a route in public route table with target as internet gateway. The public subnets should also be associated with the public route table so that they have access to the internet.
9. We will then use the resource identifier “aws_instance” to state that we are trying to bring up an EC2 instance followed by the name identifier “my_instance”.
10. We provide the AMI type on AWS. An AMI is an identifier is specific to AWS region and type . You can find the specific AMI you wish to deploy per region here. We will also provide the “instance_type”. In this example, we will use a t2.micro instance type as it is supported by the AWS Free Tier package.
In the user data section we can specify the commands and the software’s which we wish to install . We are deploying simple apache web server here .
11. The next step is terraform plan which will tell us what resources are created along with any errors in your file.
12.Finally terraform apply is used to create all the resources. We successfully created 10 resources using terraform script.
13. We can see the default Apache page .
The ec2 instance terraform created
The development VPC is created
The attached internet gateway to VPC
2 public and 2 Private subnets are created
Route table associated with public subnets
14. Finally terraform destroy is used to destroy all the ten resources.