Terraform is a powerful tool for automating the creation and management of cloud infrastructure. In this guide, we'll walk through the process of launching an EC2 instance on AWS using Terraform, including setting up necessary IAM roles and configuring resources.
Step 1: Create an IAM Role with Required Permissions
Navigate to the IAM Dashboard > Click on IAM > Click Create role.
Choose AWS service
Select EC2 as the service that will use this role > Click Next.
In the Attach permissions policies section, search for vpc > Select AmazonVPCFullAccess
Search for ec2 > Select AmazonEC2FullAccess
Click Next
Provide a Role name > Terraform-ec2-vpc-role
Click Create role
The IAM role is now created.
Select the EC2 instance to which you want to attach the IAM role > click on the Actions button > Under the Security section, select Modify IAM role
In the Modify IAM role dialog, select the IAM role you created from the drop-down menu. > Click on Update IAM role to attach the role to the instance
Step 2: Set Up Your Terraform Project
Create a directory for your Terraform project
Inside this directory, create a file named main.tf
. This file will contain the configuration for your AWS EC2 instance.
Copy the blow content and paste it in to the main.tf
file
vi main.tf
# Configure the AWS Provider
provider "aws" {
region = "ap-south-1" # Choose your desired region
}
# Create a VPC
resource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
}
# Create a Subnet
resource "aws_subnet" "my_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24"
}
# Create an Internet Gateway
resource "aws_internet_gateway" "my_igw" {
vpc_id = aws_vpc.my_vpc.id
}
# Create a Route Table
resource "aws_route_table" "my_route_table" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.my_igw.id
}
}
# Associate the Route Table with the Subnet
resource "aws_route_table_association" "my_route_table_assoc" {
subnet_id = aws_subnet.my_subnet.id
route_table_id = aws_route_table.my_route_table.id
}
# Create a Security Group
resource "aws_security_group" "my_sg" {
vpc_id = aws_vpc.my_vpc.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
# Create an EC2 Instance
resource "aws_instance" "Ansible" {
ami = "ami-0c2af51e265bd5e0e" # Replace with a valid AMI ID for ap-south-1
instance_type = "t2.micro"
subnet_id = aws_subnet.my_subnet.id
security_groups = [aws_security_group.my_sg.id]
tags = {
Name = "Ansible VM"
}
# Optional: Add an SSH key pair for access
key_name = "key" # Replace with your actual key pair name
}
Step 3: Initialize and Apply Terraform Configuration
Before applying your configuration, need to initialize the Terraform project:
Run the following command to initialize your Terraform project:
terraform init
Preview Infrastructure Changes:
Use the terraform plan
command to preview the changes Terraform will make:
terraform plan
Apply the configuration to create the resources, run the following command:
terraform apply
Terraform will show you a plan of the resources it will create.
If everything looks good, type yes
to proceed
Terraform will then provision the resources
Step 4: Verify Resource Creation
After the apply process is complete, verify the new EC2 instance and VPC in the AWS Management Console.
Step 5: Clean Up Resources
To remove the resources created by Terraform, use the terraform destroy
command:
terraform destroy
All the resources created by Terraform are now deleted.