Managing Terraform Configuration Files and Deployment in AWS.

Image for post
Image for post

Hello World!

Today I will show you how to securely deploy multiple files with Terraform.

The first thing you need to do is to make sure your machine is setup with your AWS login information. You can do so by running “AWS Configure” in your terminal. Enter your Access Key ID and your Secret Access Key.

Image for post
Image for post

I also selected us-east-1 because its the closest to me and my default output format is JSON.

You are now set to access your AWS account with Terraform and you can now start writing the necessary code to deploy your application. I personally like to use the Terraform registry documentation, there is no reason for me to write my code from scratch.

The first thing I do is organizing my files in order to have a smooth deployment.

First we are deploying an EC2 instance, I’ve also selected an AMI that is particular to my region (us-east-1).

Here I select the instance type. I’m selecting “t2.micro” which falls under the AWS free tier.

Image for post
Image for post

I run “Terraform init” to initialize the deployment then “Terraform plan”.

I receive the message below confirming that the change that will take place.

Image for post
Image for post

Next I run “Terraform apply”.

Next block focuses on an elastic IP address, in case you were wondering what is an elastic IP address. An elastic IP address is an address that you allocate in your EC2 or VPC (Virtual Private Cloud) then attach it to an instance.

Please note that the Elastic IP address is associated with your account and not your instance. They are called elastic because you can easily switch them, comparing to static IP address who do not change.

In this case my elastic IP address is named “ElasticEIP”. Please note that you are free to pick any name that you’d like.

Image for post
Image for post

The next block focuses on a security group and allowing TLS. Click here if you will like to learn more about TLS. In a nutshell TLS provides security for communication over the internet.

Last block is the ingress block which is in control of the incoming traffic connecting to the EC2 instance. Without an ingress block nobody will be able to connect to the instance. The port that was selected here is port 443 which is mainly used by web servers providing HTTPS.

Image for post
Image for post

Next I’m going to create a user and attach a policy to his profile.

What I’m doing here is creating a user called BobFromMarketing, I’m also attaching a policy to him called S3 policy. The easiest and most effective way to assign the policy to my user is creating a policy directly on the console then add it here.

Image for post
Image for post

Now that I’m all setup with all my files; It’s now time to deploy those files in AWS.

Now in the terminal I’m going to run “Terraform init”

Image for post
Image for post

Now that Terraform has successfully initialized, its time to to run “Terraform plan”

Everything is working fine, now it’s time to apply the changes.

I now run “Terraform apply”

In order to move forward I have to confirm the changes by writing “Yes”.

Image for post
Image for post
Image for post
Image for post

Now if we go to our AWS console, we have an EC2 Instance with a security group, an elastic IP and a new user call BobFromMarketing with a S3 policy attached.

Image for post
Image for post

It’s now time to destroy our instance in order to save some money.

All we have to do is enter “Terraform Destroy” in the terminal.

Image for post
Image for post

Works like magic! That’s the power of Terraform.

Written by

AWS Certified Cloud Practitioner | UMBC Alum

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store