Create the environment and provision a linux EC2 instance
- VPC
- Subnet
- Internet gateway (IGW)
- Route Table
- Route table association
- Security group
- Key pair
- EC2 Instance
Commands
terraform initterraform planterraform applyterraform destroy
Note
Variables are read from variables.tf If not specified in that file, from following places:
- Command line flags
- terraform.tfvars
- Environment variables
- UI input
main.tf
#providers
provider "aws" {
access_key = var.access_key
secret_key = var.secret_key
region = var.region
}
#resources
resource "aws_vpc" "vpc" {
cidr_block = var.cidr_vpc
enable_dns_support = true
enable_dns_hostnames = true
tags = {
"Environment" = var.environment_tag
}
}
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.vpc.id
tags = {
"Environment" = var.environment_tag
}
}
resource "aws_subnet" "subnet_public" {
vpc_id = aws_vpc.vpc.id
cidr_block = var.cidr_subnet
map_public_ip_on_launch = "true"
availability_zone = var.availability_zone
tags = {
"Environment" = var.environment_tag
}
}
resource "aws_route_table" "rtb_public" {
vpc_id = aws_vpc.vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
tags = {
"Environment" = var.environment_tag
}
}
resource "aws_route_table_association" "rta_subnet_public" {
subnet_id = aws_subnet.subnet_public.id
route_table_id = aws_route_table.rtb_public.id
}
resource "aws_security_group" "sg" {
name = "sg"
vpc_id = aws_vpc.vpc.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
"Environment" = var.environment_tag
}
}
resource "aws_key_pair" "ec2key" {
key_name = "publicKey"
public_key = file(var.public_key_path)
}
resource "aws_instance" "testInstance" {
ami = var.instance_ami
instance_type = var.instance_type
subnet_id = aws_subnet.subnet_public.id
vpc_security_group_ids = [aws_security_group.sg.id]
key_name = aws_key_pair.ec2key.key_name
tags = {
"Environment" = var.environment_tag
}
}output.tf
output "vpc_id" {
value = "${aws_vpc.vpc.id}"
}
output "public_subnets" {
value = ["${aws_subnet.subnet_public.id}"]
}
output "public_route_table_ids" {
value = ["${aws_route_table.rtb_public.id}"]
}
output "public_instance_ip" {
value = ["${aws_instance.testInstance.public_ip}"]
}variables.tf
variable "access_key" {
default = "ACCESS_KEY_HERE"
}
variable "secret_key" {
default = "SECRET_KEY_HERE"
}
variable "region" {
default = "eu-west-1"
}
variable "cidr_vpc" {
description = "CIDR block for the VPC"
default = "10.1.0.0/16"
}
variable "cidr_subnet" {
description = "CIDR block for the subnet"
default = "10.1.0.0/24"
}
variable "availability_zone" {
description = "availability zone to create subnet"
default = "eu-west-1a"
}
variable "public_key_path" {
description = "Public key path"
default = "~/.ssh/id_rsa.pub"
}
variable "instance_ami" {
description = "AMI for aws EC2 instance"
default = "ami-08ca3fed11864d6bb"
}
variable "instance_type" {
description = "type for aws EC2 instance"
default = "t2.micro"
}
variable "environment_tag" {
description = "Environment tag"
default = "Production"
}.gitignore
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
# .tfvars files are managed as part of configuration and so should be included in
# version control.
#
# example.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*