Slide 1

Slide 1 text

Code all the Things: Terraform x AWS

Slide 2

Slide 2 text

Jacquie Grindrod (She/Her) Developer Advocate at HashiCorp

Slide 3

Slide 3 text

Kerim Satirli (He/Him) Developer Advocate at HashiCorp

Slide 4

Slide 4 text

Agenda Infrastructure as Code what even is it? First Steps putting the pieces together Next Steps expanding your knowledge

Slide 5

Slide 5 text

Infrastructure as Code

Slide 6

Slide 6 text

Infrastructure as Code ▪ executable documentation ▪ enables collaboration ▪ safe and predictable

Slide 7

Slide 7 text

HashiCorp Configuration Language

Slide 8

Slide 8 text

HashiCorp Configuration Language CODE EDITOR service "http" "web_proxy" { listen_addr = "127.0.0.1:8080" process "server" { command = ["proxy-app", "server"] } } variable "port" { description = "Port for web_proxy" default = 8080 }

Slide 9

Slide 9 text

HashiCorp Configuration Language CODE EDITOR service "http" "web_proxy" { listen_addr = "127.0.0.1:${var.port}" process "server" { command = ["proxy-app", "server"] } } variable "port" { description = "Port for web_proxy" default = 8080 }

Slide 10

Slide 10 text

Introducing Terraform

Slide 11

Slide 11 text

Terraform 125+ Official Providers AWS, Linode, GitHub, etc. 175+ Community Providers Auth0, Domino’s Pizza etc.

Slide 12

Slide 12 text

First Steps

Slide 13

Slide 13 text

AWS Provider CODE EDITOR provider "aws" { version = "~> 2.65" region = "us-east-1" access_key = "AKIAIOSFODNN7EXAMPLE" secret_access_key = "wJalrXUtnFEMI/K7MDEN" }

Slide 14

Slide 14 text

AWS Provider CODE EDITOR provider "aws" { version = "~> 2.65" region = "us-east-1" access_key = var.aws_access_key secret_access_key = var.aws_secret_access_key }

Slide 15

Slide 15 text

Command: terraform init TERMINAL > terraform init Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "aws" (terraform-providers/aws) 2.65.0... Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.

Slide 16

Slide 16 text

EC2 Instance CODE EDITOR variable "ami_id" { type = string description = "AMI ID to use" default = "ami-09d95fab7fff3776c" } variable "instance_type" { type = string description = "Instance type to use" default = "t2.micro" }

Slide 17

Slide 17 text

EC2 Instance CODE EDITOR resource "aws_instance" "hack_the_ne" { ami = var.ami_id instance_type = var.instance_type availability_zone = var.availability_zone }

Slide 18

Slide 18 text

Command: terraform plan TERMINAL > terraform plan -out="aws.tfplan" Terraform will perform the following actions: # aws_instance.hack_the_ne will be created + resource "aws_instance" "hack_the_ne" Plan: 1 to add, 0 to change, 0 to destroy. This plan was saved to: aws.tfplan

Slide 19

Slide 19 text

Command: terraform apply TERMINAL > terraform apply "aws.tfplan" aws_instance.hack_the_ne: Creating... aws_instance.hack_the_ne: Still creating... [10s elapsed] aws_instance.hack_the_ne: Still creating... [20s elapsed] aws_instance.hack_the_ne: Creation complete after 22s Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Slide 20

Slide 20 text

EC2 Instance http://us-east-1.console.aws.amazon.com/ec2

Slide 21

Slide 21 text

EBS Volume CODE EDITOR resource "aws_instance" "hack_the_ne" { ... } resource "aws_ebs_volume" "hack_the_ne" { ... } resource "aws_volume_attachment" "hack_the_ne" { ... }

Slide 22

Slide 22 text

Command: terraform apply TERMINAL > terraform apply "aws.tfplan" aws_ebs_volume.hack_the_ne: Refreshing state... aws_instance.hack_the_ne: Refreshing state... aws_volume_attachment.hack_the_ne: Refreshing state... Apply complete! Resources: 0 added, 0 changed, 0 destroyed. Outputs: volume_device_name = /dev/sdh

Slide 23

Slide 23 text

Command: terraform output TERMINAL > terraform output volume_device_name = /dev/sdh

Slide 24

Slide 24 text

Command: terraform output TERMINAL > terraform output volume_device_name /dev/sdh

Slide 25

Slide 25 text

Command: terraform destroy TERMINAL > terraform plan -destroy -out="aws.tfplan"

Slide 26

Slide 26 text

Command: terraform destroy TERMINAL > terraform apply "aws.tfplan"

Slide 27

Slide 27 text

Command: terraform destroy TERMINAL > terraform apply "aws.tfplan" aws_ebs_volume.hack_the_ne: Destroying... aws_instance.hack_the_ne: Destroying... aws_volume_attachment.hack_the_ne: Destroying… Apply complete! Resources: 0 added, 0 changed, 3 destroyed.

Slide 28

Slide 28 text

Command: terraform fmt TERMINAL > terraform fmt main.tf

Slide 29

Slide 29 text

Command: terraform validate TERMINAL > terraform fmt main.tf > terraform validate Success! The configuration is valid.

Slide 30

Slide 30 text

Command: terraform help TERMINAL > terraform help Usage: terraform [-version] [-help] [args] The available commands for execution are listed below. The most common, useful commands are shown first, followed by less common or more advanced commands. Common commands: apply Builds or changes infrastructure destroy Destroy Terraform-managed infrastructure fmt Rewrites config files to canonical format output Read an output from a state file

Slide 31

Slide 31 text

Next Steps

Slide 32

Slide 32 text

Terraform lifecycle ▪ terraform init ▪ terraform fmt ▪ terraform validate ▪ terraform plan -out="terraform.tfplan" ▪ terraform apply "terraform.tfplan" ▪ terraform plan -destroy

Slide 33

Slide 33 text

Terraform State ▪ maps real-world resources to your configuration ▪ keeps track of (resource) metadata ▪ improves performance for large infrastructures ▪ stored locally (by default), can be stored remotely

Slide 34

Slide 34 text

Security Groups CODE EDITOR service "aws_security_group_rule" "allow_from_self" { description = "Allow all inbound access from local" type = "ingress" from_port = 0 to_port = 65535 protocol = "tcp" cidr_blocks = ["${chomp(data.http.icanhazip.body)}/32"] }

Slide 35

Slide 35 text

Review ▪ Infrastructure as Code ▪ Introduction to Terraform ▪ Deployed Resources

Slide 36

Slide 36 text

Materials ▪ slides: hashi.co/htne-slides ▪ code: hashi.co/htne-code ▪ guides: hashi.co/tf-learn

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text