►
Description
Infrastructure as code (IaC in short) is one of the critical parts of DevOps and Terraform is one such tool to help spin-up infra as code. In this workshop we will discuss, IaC overview, Terraform introduction and demo. As part of Demo, we will create AWS infrastructure using terraform.
A
We
are
going
to
talk
about
what
is
an
infrastructure
code
and
how
terraform
is
useful
to
implement
infrastructure
infrastructure
as
a
code.
So
I
think
critique
has
pretty
much
covered.
My
introduction,
like
I,
am
working
as
a
solution
architect
at
infra
cloud
technologies,
so
yeah
predominantly
like
you
know.
A
A
We
will
go
to
go
through
about
a
iso
overview
on
telephone
introduction
and
then
we'll
discuss
about
various
terraform
concepts
and
terminologies,
and
then
we
will
kind
of
jump
on
to
the
hands-on
part
of
how
to
create
aws
resource
creation
using
terraform
and
then
we'll
kind
of
have
a
small
discussion
about
like
perform
best
practices
and
we'll
conclude,
and
then
we'll
have
q
a
session
actually.
So
this
is
the
agenda
for
today,
so
when
it
yeah.
A
So
let's
start
then
so,
basically,
like
first
we'll
talk
about
what
is
so
infrastructure
as
a
code
is
basically
as
a
term
like
no
mentions
it
is
like
no
defining
an
infrastructure
using
a
coding
format.
Okay,
so
so,
basically
like
why
we
go
for
interest
infrastructure
as
a
code
in
traditional
days
like
no,
every
infrastructure
has
been
created
manually
for
creating
a
simple
like
no
server
itself.
A
So
if
you
are
running
a
server
in
the
sense,
if
someone
accidentally
deleted
any
kind
of
configuration,
the
sense
that
server
may
go
down
so
using
intra,
we
can
make
the
configuration
like
no
be
in
the
desired
state,
always
actually
so
that
that
configuration
drift
also
can
be
resolved.
And
there
are
many
infrastructure
infrastructure
as
a
core
tools
available
now
in
devops
space
and
right
now,
srv
side.
Actually.
A
So
some
of
the
tools
I
mentioned
here,
those
are
all
like
terraform,
ansible
chef,
aws
cloud
formation,
azure
and
gcp
cloud
deployment
manager
and
the
similar
kind
of
tools.
Basically-
and
there
are
also
like
no
programming
based
infrastructure,
also
becoming
famous
like
you
know,
terraforms
udk
and
the
awa
cdk
will
be
and
all
so.
These
are
also
some
of
the
basic
about
new
cluster
code
and
when
it
comes
to
infrastructure
code,
there
are
two
types
we
can
split
them.
Actually
one
is
mutable
infrastructure
as
a
code
technologies
and
the
other
one
is
immutable.
A
Actually,
okay,
so
that's
the
kind
of
mutable
infrastructure
that
ansible
and
chef
can
be
used
to
to
implement
such
implementation
and
immutable
is
something
like
no,
that
infrastructure
can
be
like
you
know,
considered
as
a
cattle,
basically
like.
No,
if,
if,
if
there
is
one
issue
with
some
some
configuration
drift
happens,
this
is
you
cannot
fix
that
particular
system
alone,
so
we
have
to
redeploy
the
entire
infrastructure
and
so
terraform
and
the
aws
conformation
are
such
a
kind
of
influence
with
the
immutable
infrastructure
code
technology.
Examples
actually.
A
A
A
And
we'll
we'll
see
about
a
bit
about
terraform
as
an
introduction,
so
terraform
has
been
created
by
a
company
called
hashicorp
and
they
have
multiple
like
other
products
as
well,
like
vagrant,
console
or
similar
to
other
technologies
and
products.
That's
what
they
have
and,
as
I
mentioned
earlier,
terraform
supports
many
cloud
providers,
aws
azure,
ibm
cloud,
google
cloud,
distillation
and
then
on-prem
side.
They
also
support
vmware
kind
of
providers.
Basically
and
telephone
manages
the
external
resources.
A
Whatever
the
cloud
provider
on
on-prem
provider,
we
are
talking
about
right
using
the
technology
using
the
implementation
called
providers,
basically
like
no
terraform
maintains
terraform
has
a
wider
community
support
and
it
also
have
a
like
no
library
of
functionalities
for
the
for
supporting
their
infrastructure
resources.
Basically,
so
they
are,
that
is
called
the
providers,
and
so
ashitap
maintains
the
extensive
list
of
such
official
provider
and
can
also
integrate
with
the
community
developer
providers.
Actually
so
in
case
such
for
in
some
cases.
A
If
there
are
some
providers
not
there,
and
if
that,
if
that
particular
instance
or
resources
can
be
created
via
an
api
call
right,
then
we
can
also
like
know,
or
anyone
can
also
develop,
that
community
based
provider
and
it
is
called
kind
of
a
custom
development
of
terraform
actually
like,
but
that
is
a
kind
of
bit
advanced
topic
and
it's
a
kind
of
auto
scope
for
this
question
session.
Basically
so
yeah.
A
A
So
now,
let's
move
on
to
the
basic
concepts
of
terraform,
like
you
know
how
terraform
works,
and
so
so,
basically
like
one
take
away
from
this
session,
could
be
for
anyone
who
is
starting
to
learn
terraform
or
like
no
starting
to
wanted
to
build
infrastructure
using
terraform.
By
using
this
session
or
by
at
the
end
of
the
session,
they
would
be
able
to
create
the
infrastructure,
at
least
in
the
aws
provider.
A
So
that
is
the
kind
of
like
high
level
take
away
from
this
session,
and
it
will
be
a
very
basic
beginner
session
and
will
not
cover
any
advanced
concept.
Basically,
so
so
like
no,
let's
dive
into
like
terraform
concepts.
So
like.
Let's
see
like
how
terraform
works
so
so
terrafor
in
terraform,
we
we
have
like
no,
we
would
be
defining
the
infrastructure
using
the
hashicorp
language
and
it
will
be
having
the
respective
provider
calls
to
create
infrastructure
resources
in
the
respective
provider.
A
So
how
how
it
is
internally
working
is
like
now
for
each
cloud
provider,
for
example,
in
aws,
aws
have
sdks
and
api
for
accessing
or
managing
their
cloud
resources
internally,
and
that
target
api
would
be
implemented.
Using
terraform
provider
that
is
kind
of
developed
using
gold
actually,
and
whenever
that
particular
functionality
of
running
the
creation
of
resources
running
on
a
specific
provider,
it
will
be
interacting
with
the
provider
ap
and
it
will
be
creating
the
resource
actually,
and
so
so,
basically,
like
confirm,
consists
of
three
stages.
A
If
you
are
kind
of
satisfied,
then
we
can
move
on
to
like
apply
that
particular
infrastructure
onto
the
cloud
provider
and
basically
like
terraform,
has
an
extensive
support
for
techno
community,
and
it
is
also
having
a
detailed
documentation
for
everything.
So
in
this
each
slide.
Actually,
I
have
provided
links
for
each
of
the
documentation
references.
A
So
anyone
wants
to
debug
on
the
terraform
concepts
they
can
just
do
like
they
can
just
access
this
clip
and
they
can
read
through
all
of
this
in
detail,
actually
that
that
is
a
very
basic
concept
of
how
terraform
works.
Basically
like
it
is
underlying
layer.
It
is
interacting
with
the
respective
cloud
providers
apa
to
manage
their
resources.
Actually.
A
So
that's
the
high
level
idea
for
this
slide
and
terraform
has
a
executable
called
the
executable
name
itself
is
terraform
and
we
call
it
as
a
cla
term
and
terraform
using
the
transform
cli
only
we
would
be
kind
of
kind
of
it.
Probably
it
is
basically
providing
a
various
commands
to
manage
our
infrastructure
and
some
of
the
commands
I
have
provided
in
this
slide,
basically
like.
A
It
will
be
looking
for
the
what
all
the
providers
defined
in
the
telephone
file
and
they
could
be
like
spinning
downloading
them
into
the
user's
local
location.
Other
than
a
validate
command
is
something
like
a
syntax
checking
of
like
no
terraform
code.
Whatever
we
have
written
and
it
there
is
also
another
command
called
the
terraform
fmt
like
go
away,
fmt
command.
That
would
be
kind
of
doing
a
formatting
of
the
terraform
code.
A
We
can
also
do
the
apply.
We
can
do
the
apply
command
so
that
that
infrastructure
will
be
deployed,
and
then,
once
after,
like
no
everything
is
done
like
no
destroy
command
is
something
like
if
you
wanted
to
destroy
the
entire
infrastructure
that
that
is
defined
in
the
particular
terraform
code,
actually,
so
that
we
can
use
the
terraform
destroy
command
actually
and
using
this
terraform
sub
command
and
help
option.
A
We
can
also
explore
like
no
command
line
hello,
like
options
for
each
of
these
particular
resources,
and
then
we
can
like
know
we
can.
We
can
come
to
know
like
about
more
about
each
of
these
commands.
Actually
so
I'll
move
on
to
the
next
slide
yeah.
So,
as
I
mentioned,
like
hashicorp,
language
is
the
one
in
which
we
will.
We
will
be
defining
our
infrastructure
and
it
will.
It
will
be
having
various
blocks.
Actually,
we
will
also
discuss
in
detail
like
what
are
all
the
blocks.
A
Actually,
one
such
example
is
given
here
basically
like
it
will
be
resource.
Resources
is
a
block.
It
will
be
starting
with
a
block
type.
In
this
case,
resource
block
has
a
aws
vpc.
We
are
going
to
create
so
the
resource
name
defined
in
the
like
hashicorp
module
is
basically
it's
called
the
aw
cpc,
and
this
is
the
like
no
identifier
for
the
particular
vpc
component
within
the
terraform
code.
A
So,
according
to
our
need,
we
need
to
define
that
argument
references
and
we
can
also
add
tags
actually
for
the
particular
resources
so
that
it
can
be
easily
identified
as
a
group
of
tags
in
the
aws
entity.
So
this
is
about,
like
you,
know,
a
high
level
defining
a
hiccup
language
for
defining
a
terraform
code
and,
as
I
mentioned
like
no,
I
have
also
provided
a
document
reference.
So
whoever
wants
it
wanted
to
go
through
about
this
deep
dive
on
this
code.
A
They
can
go
through
that,
since
this
session
is
more
on
a
hands-on
part,
I'll
be
kind
of
running
through
this
high
level
concept.
Actually
so
so
these
are
all
the
basic
like
components
of
terraform
or
like
terminologies.
Basically,
so,
as
I
mentioned
that
like
not
in
terraform,
you
would
be
defining
the
resources.
The
resources
is
nothing
but,
as
the
name
represent
right.
So
the
resources
are
the
component
of
the
power
cloud,
powered
or
on-prem
provider
in
which
it
would
be
an
instance,
a
virtual
machine
instance
or
like
no
in
gcp.
A
A
As
I
mentioned,
like
you
know,
provider
is
the
one
that
would
be
the
cloud
provider
or
on-premises
provider
that
that
is
kind
of
implement,
implementing
the
underlying
resource
management
apis
so
that
it
can
be
written
in
the
terraform
code
and
they
can
be
like
no
used
for
deploying
that
particular
resources
on
the
provider
and
module
is
something
like
no.
We
it's
a
kind
of
modularizing
to
avoid
the
code
redundancy
of
such
resources.
A
Basically,
so,
for
example,
if
we
wanted
to
define
a
ec2
infrastructure
in
aws,
we
can
define
a
module
for
ec2
infrastructure
and
that
model
can
be
reused
multiple
times
for
creating
like
environment,
size
infrastructure
like
or
by
by
passing
the
different
variables
to
the
same
code
so
that
the
code
redundancy
won't
be
there.
So
that's
what
we
have
kind
of
like
explaining
this
one
in
a
module
and
the
provisioners
are
something
like
no.
A
In
each
cloud
provider
they
would
be
providing
a
facility
to
run
some
initial
commands
whenever
the
vm
is
getting
created
right.
So,
basically,
if
in
a
database
it's
called
user
data
and
in
in
gcp
it's
called
metadata
and
azure.
Also,
it's
called
the
user
data,
so
in
in
provisional
we
can
define
such
kind
of
user
data
so
that
whenever
the
vm
gets
created,
we
can
provide
some
basic
commands
to
basically
execute
that
can
be
executed
whenever
the
vm
is
gets
ready,
after
that
it
is
getting
spinned
up
actually
in
the
provider.
A
So
this
this
this
kind
of
provider
section,
can
be
useful
to
install
some
basic
packages
that
needed
to
be
available
whenever
the
vm
is
getting
whenever
it
is
like
accessibility.
So
we
can
use
this
provisioner
for
that
and
terraform
has
various
variable
like
implementation,
so
input
variable
is
something
like
no
kind
of
global
variable.
We
can
declare
in
which
we
can,
like
you
know,
pass
past
the
default
value
and
the
default
value
whatever
is
defined
in
that
input
variable
that
can
be
overridden
by
the
file
called
tfs
file.
A
A
Yeah,
so
next
is
some
of
the
important
concepts
in
terraform
we
have.
They
are
actually
a
terraform
state
file
and
a
terraform
dependency
log
file.
So
whenever
we
are
like
no
creating
a
plan
right
so
or
applying
that
particular
infrastructure
right,
it
will
be
creating
a
terraform
state
file
in
which
it
would
be
updating
that
that
infrastructure
resource
names
and
ids
and
secrets
everything
that
would
be
stored
in
the
terreform
state.
So
this
state
file
would
be
used
to
know
what
is
infrastructure
that
gets
created
in
the
cla
provider?
A
Basically,
so
so
you.
So.
This
is
one
of
the
key
component
of
infrastructure
in
terraform,
so
that
it
needs
to
be
like
no
not
exposed
in
to
the
outer
world,
because
it
has
user
sensitive
data
in
it
actually
and
whenever
we
are
doing
it
that
perform
destroy
our
terraform
plan
whenever
there
is
a
change
rate,
so
that
change
is
also
getting
tracked
inside
the
terraform
state
file.
A
A
So
this
is
about
a
high
level
about
terraform
infrastructure
components,
and
so
this
is
highly
about
the
term
concepts
and
terminologies
of
terraform,
and
now,
let's
try
to
deep
dive
into
the
demo
part
of
terraform,
basically
in
which
I
am
going
to
cover
like
know
how
to
install
terraform
and
how
to
configure
aws
credentials
and
I'll
also
help
you
guys
to
create
some
infrastructure
for
a
beginner
level
right.
So
that's
what
I
am
planning
to
do
now.
A
A
So,
as
I
mentioned,
like
no
for
basic
components
of
terraform
is
something
like
no
for
any
cloud
powder.
If
you
wanted
to
create
infrastructure,
we
first
need
to
install
the
particular
like
no
command
line
tool
for
the
particular
provider,
so
just
to
like
know,
configure
the
infrastructure.
Related
provider
related
authentication
details
into
that
particular
system.
Basically,
and
for
like
you
know,
for
aws,
there
are
multiple
ways
now
being
supported
by
terraform,
so
I'll
just
show
you
them.
A
So
whenever
we
are
planning
to
create
a
authentication
for
aws
right,
there
are
multiple
ways
we
can
provide
the
authentication
details
to
terraform.
Now
in
earlier
versions
of
terraform,
we
have
to
exclusively
define
the
provider
configuration
and
the
path
of
the
authentication
detail,
but
now
terraform
by
default,
understand
it
from
the
mechanism
that
is
implemented
by
aws.
So
first
it
will
look
for
authentication
details
in
the
parameters
and
then
it
will
look
for
authentication
in
the
environment
variables.
A
Basically,
the
aws
authentication
would
be
the
secret
key
access
key,
and
if
there
are
any
tokens
we
needed
we
needed
to
define
for
the
particular
session
type.
So
those
kind
of
detail
you
we
can
get
from
our
aws
account
and
we
can
set
those
details
in
this
one
and
the
third
one
is
a
shared
current
sales
file
and
there
are
few
other
methods
mentioned
so
for
this
demo
purpose,
I
would
be
using
the
shared
credentials
mechanism
in
which
I
have
installed
the
aws
cli
in
my
local,
using
the
method
I
have
mentioned
here.
A
A
Since
I
have
already
added
my
access
key
in
secret
key,
it
is
showing
that
value
here,
so
whoever
trying
to
create
for
the
first
time
it
will
not
show
any
value
here.
They
have
to
paste
their
access
key
first
and
then
secret
key
and
next,
and
then
these
two
values
they
can
provide
their
own
for
this
value.
They
can
provide
their
preferred
region
of
in
which
their
their
resources
needs
to
be
deployed.
And
fourth,
one
is
the
json
like
no
format
or
like
aml
format,
whatever
it
is,
we
can
define.
A
A
Whatever
we
are
adding
as
a
credentials,
it
will
be
added
here
and
what
would
be
we
are
adding
as
a
region
and
json
that
would
be
added
in
the
config
details.
Actually,
so
just
to
confirm
I'll
be
doing
my
just
once
after
we
configure
this,
we
can
just
do
a
check
off
like
whether
it
is
working
fine
or
not
by
doing
aws
ec2.
A
So
since
I
don't
have
any
instances
in
my
aws
account,
it
is
not
showing
anything.
So
this
is
just
confirming
that
this
aws
configuration
works,
fine
actually,
so
that
is
the
first
part
of
like
no
second
part
of
this
aws
configuration
basically
configuring
the
adabs
credentials.
So
in
this
method,
I
I
have
configured
aws,
actually
using
aws,
configure
command
and
added
my
credentials,
and
then
next
is
like
installation
of
terraform.
A
So
basically,
for
that,
so
terraform
has
an
official
documentation,
and
now
it
is
supporting
a
packaged
kind
of
mechanism
to
install
our
terraform
code,
basically
so
that
we
can
just
copy
paste
the
command
and
install
terraform
actually
in
our
local.
It
is
also
having
rhl
federal
amazon,
linux
and
homebrew,
and
a
few
other
like
operating
system
transfer
to
install
since
I'm
using
linux.
I
have
installed
a
terraform
and
as
part
of
like
a
preparation
of
the
demo,
and
it
is
also
ready
in
my
system.
A
A
So
so,
as
I
mentioned
once
after
install
perform,
if
we
type
perform
command,
it
will
be
showing
that
what
are
all
the
commands
basically
right,
we
can
use
the
terraform
and
I
have
installed
the
latest
version
1.2.2,
so
that
can
be
checked
using
the
transformation
command
as
well.
So
these
are
all
the
things
that
I
was
talking
about
like
no
knowing
about
how
to
knowing
about
the
each
of
the
subcommands
of
terraform.
A
A
Actually,
since
I
would,
as
I
mentioned
like
terraform,
has
a
detailed
documentation
for
everything
I
would
be
like
more
or
less
referring
to
the
official
documentation
of
terraform
to
or
create
my
like,
whatever
the
demo
part,
I'm
going
to
try
now
so
basically
like,
as
I
mentioned
earlier,
so
basically
for
terraform,
you
would
need
a
provider
definition
and
some
of
the
basic
components
right.
So,
let's
kind
of
deep
dive
into
defining
those
things.
Okay.
So
what
I'll
do
I'll?
A
A
A
It
will
take
us
to
the
hashicorp's
official
aws
documentation
in
which
we
are
kind
of
getting
to
know
about
how
to
implement
terraform
for
perform
version
13
and
later
and
telephone
12
and
later
so
so,
basically
like
no,
I
would
be
since
I
have
the
latest
version
of
terraform.
I
would
be
using
this
so,
as
you
can
see,
this
definition
has
like
no
terraform
required
provider
section
and
the
provider
section
for
aws
right,
so
I
would
be
using
it.
A
A
So
what
I
am
going
to
do,
I
have
already
let
know
so
so
if
you
wanted
to
use
any
of
the
examples
having
your
they
are
mentioned
here,
you
can
also
like
use
this
code.
Otherwise
I
have
kind
of
defined
a
basic
code
for
defining
the
aws
infrastructure
in
the
workshop
module.
So
I
will
be
using
that
code
here
so
just
to
implement
that
right.
So.
A
A
A
A
As
I
mentioned
earlier,
so
while
doing
doing
the
init
command
it
will,
it
would
be
initializing
the
terraform
back
end
actually
in
our
local.
Basically,
that
is
a
lock.hcl
file
which
contains
the
provider
like
no
version,
locking
and
every
detail
that
would
be
available
in
this
terraform
init
command.
Sorry
log
file,
so
telephone
we
need
to
be
initializing
the
back
end,
basically
in
our
local
and
so
a
little
bit
advanced
concept.
If
I
can
talk
about,
there
is
also
way
to
keep
the
back
end.
A
Basically,
so
we
can
either
to
keep
the
terraform
log
file
locally,
or
we
can
also
store
it
in
the
s3
kind
of
like
no
remote
storage,
basically
in
which,
in
which
time
we
have
to
use
a
terraform
backend
as
a
remote
remote.
Actually,
so
so
that's
the
kind
of
high
level
information
I
wanted
to
say
here,
but
for
our
implementation
it
is
just
initializing
the
backend
in
our
local
and
downloading
the
necessary
files.
It
is
needed
for
for
running
the
telephone
code.
A
B
A
A
We
have
defined
our
sample
ec2
and
what
are
all
the
values
we
defined
for
like
now,
creating
the
infrastructure
it
we
are
kind
of
like
no,
it
is
getting
showed
here
that
ama
details
and
those
kind
of
thing,
and
it
will
also
show,
as
I
mentioned
earlier
right
so
one
this
was
going
to
get
added
actually,
so
it
is
showing
that
one
is
added
and
zero
change
and
the
zero
destroy
right.
So
so
that
is
what
that
tentative
plan.
It
is
getting
showed
and
then
next
we
will
try
to
apply
this.
A
Now,
what
are
the
tentative
infrastructure
dish?
It
was
showing
right,
so
it
will
be
created
in
the
respective
cloud
account
of
of
mine
right
so
that
it
is
now
confirming
that.
Are
you
going
to
apply
this
like
no
deployment
or
not?
So
I
would
be
typing
s
now.
It
will
start
spinning
up
the
instance
in
the
airbus
cloud
account
whatever
I
have.
A
A
So
you
can
see
the
progress
here
in
the
console
itself
that
what
are
what
all
the
resources
getting
created.
So
it
will
be
showing
that
the
progress
in
the
console
actually
so
now
that
the
resource
is
added,
so
you
can
see
that
a
play
is
complete
and
there
is
one
resource
is
added
right.
So
you
can
now
see,
come
and
see
that,
like
console
that
that
resource
is
added
here,
okay,
so
this
is
the
very
basic
of
like
no
creating
an
aws
infrastructure
like
note
in
lecture
terraform.
A
So
this
is
the
code
we
had
so
basically,
in
our
code
we
have
defined
provider
terraform,
sorry
to
provide
aws,
and
we
are
we
are
in.
We
are
indicating
the
terraform
like
package
that
it
needs
to
be
downloaded
from
the
hashicorp
aws
module
and
if,
if
at
all,
if
there
are
like
no
custom
provider
created
by
our
own
purpose,
then
we
have
to
source
that
particular
provider
name
here,
and
we
have
to
provide
the
path
of
that
particular
provider
path
in
our
own
github
repository
or
whatever.
A
It
is
right,
and
we
are
mentioning
that
that
the
minimum
version
of
this
provider
should
be
version
3
and
they
should
not
be
exceeding
more
than
three
actually
so
what
it
is
doing
is
like
it
is
downloading
the
last
package
that
was
available
in
the
version
3.75
that
was
seen
in
the
a
cloud
init
command,
actually
sorry
telephony
command
and
then
in
the
like
this
provider
part.
We
are
mentioning
the
region
right
and
there
is
also
few
other
variables
that
know.
A
If
if
we
are
managing
multiple
aws
profiles
right,
we
can
also
have
a
variable
definition,
argument
definition
for
profile
and
we
can
also
provide
like
the
profile
name
so
by
the
by
default.
Aws
have
the
profile
name
as
default.
So
if
you
wanted
to
like
indicate
that
if
it
is
something
else
right
so
by
default,
it
will
be
creating
the
default
parameter
default
profile
only.
A
But
if
you
have
multiple
profiles
for
creating
infrastructure,
like
you
know,
production
some
other
account
or
for
various
environments,
various
profile
industries,
then
we
have
to
mention
the
profile
name
accordingly.
Here
in
this
profile
detail
actually
so
now,
then
we
can.
We
have
this
resource
definition
path,
part
where
we
have
this
aws
instance
resource
defined,
and
then
we
have
provided
the
ami.
A
So
this
is
the
ubuntu
ami,
and
we
are
also
mentioning
that
what
is
instance
type
for
creating
this
a
instance
actually
and
then
we
are
kind
of
adding
tags,
and
this
is
the
user
data
section.
I
was
talking
about
right
in
the
particular
part,
so
this
script
will
be
executed
whenever
that
vm
gets
created
so
basically
like.
No,
I
will
also
have
a
detailed
example
of
like
know,
creating
apache
server.
That
is
a
kind
of
larger
example.
A
I
have
created
for
this
demo,
but
whatever
code
I
have
showing
here
is
anyone
wanted
to
start
with
aws?
They
can
simply
have
these
three
definitions
just
for
their
learning
purpose
and
explore
more
according
to
that
they
can
add
more
resources
for
part
of
it.
So
for
that
I
can
summarize
that
basically,
they
would
need
a
a
like.
A
No
aws,
credential
and
aws
account
taxes,
and
then
they
have
to
have
a
telephone
cla
command
installed
on
their
local,
and
then
they
can
use
terraform
documentation
to
have
the
basic
need
of
code,
and
then
they
can
create
information
and
hashicorp
also
have
a
portal
called
learn.hashicob.com.
So
these
are
all
the
details
more
or
less
covered.
There
are
there
also,
but
I
wanted
to
provide
for
us
for
beginners
benefit.
I
have.
A
I
am
sharing
all
these
details
actually,
so
this
is
about
like
no
high
level,
and
then
these
are
all
the
code
blocks
that
is
very
basic
for
anyone
just
getting
started
with
terraform.
Actually
so
this
is
about
it
for
the
live
demo
part
actually
under
them.
I
will
also
show
you
the
other
parts
of
code,
whatever
I
have
created
and
let's
also
see
like
what
are
all
the
other
topics.
I
I'm
planning
to
cover
in
this
demo.
A
A
So
you
can
see
that
it
is
reading
the
state
from
the
state
file
telephone
state
file,
and-
and
it
is
mentioning
that
so
since
we
haven't
changed
anything
related
to
infrastructure,
it
is
showing
that
no
changes
are
made,
and
one
part
I
kind
of
listed
to
mention
earlier
was
after
doing
apply.
It
is
creating
the
state
file
right.
So,
as
I
explained
in
the
introduction
right
in
production
part,
it
would
be
having
the
details
of
details
regarding
all
the
like
resources
associated
with
this
instance
id.
A
A
A
So
again,
it
will
be
using
the
terraform
state
file
and
see
what
all
the
resources
that
are
associated
with
this
particular
run
after
form
state,
and
it
will
show
that
changes,
so
it
will
be
showing
that
plan
one
plan
it
is
showing
that
one
would
be
destroyed.
Actually
so
then
we
can
confirm
that.
Yes,
then
that
particular
instance,
whatever
we
created
that
will
be
destroyed.
A
A
So,
since
that
this
infrastructure
is
getting
destroyed,
the
state
file
doesn't
have
anything
now,
so
that
state
would
be
moved
into
the
backup
stage.
Actually
so,
and
as
I
mentioned,
this
state
file
also
can
be
stored
in
the
s3
right.
So
basically,
the
advantage
of
storing
the
telephone
state
file
in
the
sd
packet
is
multiple
developer
environment
right.
A
So
basically,
there
is
a
situation
that
multiple
provider
would
be
running,
like
environment
creation,
right
on
the
same
code
right
so
at
that
time,
this
lock
and
state
file
would
be
used
to
avoid
that,
and
it
will
indicate
that
that
the
infrastructure
creation
is
already
in
progress.
Actually,
so
that's
the
reason
like
no
in
a
multiple
developer
environment,
it
is
better
to
maintain
the
state
in
the
sd
packet
or
similar
kind
of
places.
A
A
A
B
A
But
in
in
my
other
example
of
ec2
right,
I
have
kind
of
modularized
everything
like
now.
I
have.
I
have
created
separate
files
for
each
of
the
things
actually
so,
basically
like
no
main.tf
only
has
the
resource
definition
and
output.
I
am
kind
of
printing
out
the
instance
id
as
well
as
the
public,
ip,
whatever
that
is
getting
created
right
and
then
provider.tf
I
would
be
having
whatever
what
are
all
the
provider
definition
I
have
had
and
then
in
variable.
A
Let's
do
a
terraform
in
it
since
I
have
already
run
this
telephone
unit
earlier
in
my
local.
It
would
be
using
that
terraform
log
file
in
my
local
and
it
is
showing
that
terraform
is
initialized
and
using
the
reusing,
the
previous
version
of
log
file
right.
So
that's
what
it
will
show,
but
for
the
first
time
it
will
download
everything
that
is
needed
for
running
this.
And
then
I
will
do
a
transform
plan.
A
So
now
it
is
showing
that
what
are
all
things
are
you
generatively
created
and
I'll?
Do
it
apply?
So
one
quick
like
no
thing
on
the
option,
part
actually
like
no
for
terraform,
apply
and
destroy.
There
is
an
option
called
auto
approve.
Actually,
there
is
a
caution
that
it
should
not
be
used
in
production
kind
of
environment
right
just
to
avoid
the
prompt
of
having
a
s
right
whenever
we
are
running
apply
command.
A
A
A
We
are
kind
of
sourcing,
whatever
the
model
we
have
created
for
creating
the
easy
to
instance
right,
so
we
are
creating
like
now
providing
the
model
as
a
part
like
a
path
for
that
particular
to
get
the
code
from
there
actually
and
then
this
model
needs
a
region
as
a
variable
right,
so
we
can
pass
that
variable
as
well
in
this
module.
So
let's
try
to
like
you
know,
apply
this
as
well
right,
so
so.
A
A
And
in
in
this
one
you
can
see
that
it
could
be
doing
the
initializing
modules
as
well
as
initializing
the
back
end
right,
because
module
is
the
one
containing
the
actual
implementation
of
the
code
right.
So
it
would
be
doing
the
initialization
of
that
as
well.
What
I
will
do
for
the
demo
purpose,
I
will
just
remove
that
dot.
Terraform
implementation,
whatever
that
was
created
already
right
and
then
I'll
rerun
that
terraform
unit
command
again.
A
A
A
So
once
after
this
is
it
which
is
getting
applied,
we'll
just
go
through
the
code
once
again,
just
for
the
purpose
of
revisiting
so
now
the
model
it
is
using
the
model
code
to
create
the
easy
to
instance
right.
So
that's
what
it
is
showing.
So,
as
I
mentioned,
so
we
are
sourcing
the
module
path
here
and
using
the
module
block
in
the
main.tf,
and
it
is
going
to
that
create
instance,
modules
territory
and
use
this
module
for
creating
instance.
A
Actually,
so,
whatever
the
resource
we
are
defining,
so
we
can
have
multiple
modules
and
multiple
module
definitions
inside
that,
so
we
can
have
modules
for
vpc,
subnet
and
everything,
and
we
can
just
call
it
multiple
times
so
that
the
code
redundancy
would
be
avoided.
Actually,
so
that's
the
high
level
idea
for
this
module,
so
it
is
now
it
is
now
created.
So
we
can
now
see
in
the
console
that
a
particular
instance
would
be
created.
A
So
since
we
have
also
ran
that
other
example
of
ec2
right,
so
it
was
also
showing
that-
and
so
now
that
created
instance
is
ending
with
d1
f.
So
this
is
the
instance
that
was
that
was
created
now,
so
this
is
about
like
no
high
level
on
how
to
convert
our
plane
terraform
code
as
modules
actually
so
that
is
about
the
terraform
model,
and
then
I
was
talking
about
various
sections
like
variables
and
stuff
right.
A
A
I
have
defined
like
no,
what
is
the
provider
and
what?
What
is
that
minimum
telephone
version
required
for
this,
and
this
required?
This
required
version
helps
to
like
you
know,
keep
indicate
the
user
that
this
is
the
minimum,
like
no
version
of
terraform.
Anyone
needs
to
use
actually
so
that
that
can
be
used.
And
then,
in
variable
section,
we
have
this
region
file.
A
B
B
A
A
So
so
one
catch
here
right
we
talked
about
variables
and
we
talked
about
output
variables
like
in
our
in
my
high
level
definition
I
was
showing
about
this
variables
block
right
and
this.
In
this
example,
I
have
implemented
something
like
a
local
variable
mechanism
right
because
in
aws
terraform,
sorry
in
adwords,
s3
packet
name
should
be
unique.
It
should
not
be
created
anywhere
else
right.
A
So
what
I
am
doing
in
this
code
is
basically
I
am
creating
a
random
string
and
then-
and
I
am
attaching
that
string
with
the
s3
packet
name
right,
so
that
that
name
should
be
unique
to
this
implementation
alone
right.
So
so
that's
the
reason
like
I
have
defined
a
resource
called
random
stream.
These
are
these.
These
are
some
of
the
facility
provided
by
terraform.
I
think
that's
that's
available
from
later
from
the
version
13
only
it
will
not
be
available
in
earlier
questions.
A
Actually,
so
you
can
check
in
the
telephone
documentation
that
in
from
which
version
this
terraform
random
string
is
available,
so
for
making
that
string
like
randomized
and
unique
to
our
implementation.
What
I
have
done
is,
I
have
created
a
local
section
of
block
and
in
which
I
am
defining
the
bucket
name
and
in
that
packet
name
argument.
I
am
passing
that,
like
some
common
string
sample
s3
bucket,
because
this
is
a
demo
kind
of
thing
we
are
creating-
and
I
am
attaching
the
like.
A
No,
I
am
adding
that
string
of
particular
random
string
that
was
getting
created
using
this
random
string
resource
actually
so
that
the
sd
packet
name
would
be
so
unique
for
us.
Actually.
So
that's
the
idea
for
creating
this
local.
So
this
also
shows
the
example
of
how
we
can
make
utilize
of
make
you
placing
the
facility
of
local
variable
in
term
and
that
bucket
name
would
be
referred
in
the
s3
packet
resource
as
a
local
dot
bucket
name
right.
So
that's
the
high
level
and
let's
try
to
apply
this
resource
as
well.
A
So
we
have
covered
so
far
like
creation
of
ec2
instance
from
the
scratch
right
using
telephone
documentation
and
we
have
come
across
like
what
are
all
the
basic
components
you
get
for
that.
And
then
we
have
modularized
the
same
easy
to
instance,
code
under
use
the
module
block
to
create
the
instance
and
now
we
are
seeing
example
of
like
local
in
the
sd
packet
code.
Actually
so
now
now
I'll
move
to
that
sd
bucket.
A
A
First,
it
will
do
the
random
string
creation
right
right
and
then
it
will
be
showing
that
so
so
now
you
can
see
right
the
terraform
package,
so
the
sd
packet
name
should
not
have
the
other
special
characters.
It
should
have
only
dot
and
hyphens
right.
So
since
it
is
creating
a
random
alphanumeric
characters
right,
so
it
is
showing
that
only
hyphens
and
characters
are
like
no
dots
are
allowed.
So
what
we
need
to
do,
we
need
to
change
our
code
now
right
to
accept
only
that
right.
So
basically
what
I
do
I'll.
A
So
these
things
can
be
explored
in
the
documentation.
I
will
show
you
that
as
well,
so
we
are
making.
We
are
indicating
that
random
string
that
there
can
be
special
characters
in
our
random
string
and
we
can
we
need
to.
We
can
also
specify
what
are
all
special
characters
that
can
be
added
in
the
string,
basically
right.
So
what
I'm
doing
as
per
the
sl
packet
naming
convention,
only
dots
and
hyphens
are
allowed,
so
only
I
am
giving
that
special
characters
in
the
sd
packet
randomization
name
right
now.
A
A
A
A
A
So
this
is
the
high
level
about
like
using
the
locals
in
the
terraform
file,
and
it
is
also
showing
the
example
of
like
how
it
is
changing
things,
and
one
other
thing
I
wanted
to
show
now
is
like
quickly
is
a.
Is
that
what
what
happens
when
we
do
a
change
right,
so
I'll,
just
change
the
string
to
disable
the
like.
Now
the
versioning
string
has
disabled
right
and
then
we
will
try
to
see
like
what
happens
now.
A
A
A
A
So
we
have
this
example
usage
right
in
which
one
in
which
we
it
will
be
showing
that
example
of
particular
block
actually
and
then
there
are
various
things
like
argument,
reference
and
attribute
reference,
so
argument,
reference
are
the
one
that
needs
to
be
added
inside
that
particular
resource
and
then
attribute
reference
is
some
of
the
outputs
that
is
getting
out
of
the
particular
resource,
actually
so
for
versioning.
Basically,
we'll
just
look
for
status.
A
Okay,
so
for
that
we
have
to
recreate
the
entire
resources.
So
so,
let's
move
on
to,
like
you,
know,
changing
the
like
s3
packet
acl,
actually
so
that
at
least
I
can
show
the
which
one,
like
you
know
that
changed
basically
like
what
happens
when
we
are
changing
the
environment
right
so
just
quickly,
I'll.
A
Sorry,
sorry
for
this,
so
basically
what
I'll
do
I'll
just
remove
this
acl
itself?
Actually
because
that's
an
optional
parameter
for
the
for
the
purpose
of
demo,
so
that
we'll
see
like
what
happens
now,
because,
as
per
the
documentation,
that
aws
is
the
packet
acl
option.
You
know
that
argument
is
an
optional
one.
So
we'll
just
try
to
like
change
that.
A
So
it
is
showing
that,
like
anyway,
that's
by
default
a
private
bucket
right,
so
so
the
default
for
s3
is
a
private
one.
So
I
think
it
will
not
like
show
any
further
changes.
I
think
so,
let's
see
that
so
one
change
it
is
showing
now
right
as
part
of
plan.
It
is
showing
that
one
is
to
change.
So
let's
do
that.
A
A
Okay,
so
I
think
some
of
the
things
are
required
in
like
mystery
package
team.
So
I
think
we
will
keep
that
as
our
electron
separately
and
I'll
show
you
some
other
example
for,
like
the
changing
environment,
but
basically
like
this
is
how
it
will
show
whenever,
like
there
is
a
change
in
the
environment.
Actually,
so
that's
what
and
then
it
will
apply.
A
Larger
example
of
that
creating
apache
server
okay,
so
this
is
a
kind
of
entertained
example
of
creating
a
vpc
subnet,
and
then
it
is
also
having
an
example
of
like
no
creating
a
apache
server
while
doing
the
creating
server
instance
itself,
basically,
so
that
it
will,
it
will
be
like
the
mode
actually
so
that
it
will
try
to
apply
that
quickly.
Okay,
so
let
me
go
to
that
example
of
like
showing
that
particular
apache
server
example.
A
A
A
In
this
one
you
can
see
like
no,
we
have
defined
the
complete
network,
like
that
is
required
for
spinning
up
a
vm
right,
so
we
have
defined
aws,
vpc
and
then
the
internet
gateway
for
providing
the
internet
access
and
then
public
subnet
that
is
located
inside
the
vpc
and
then
a
route
table
for
that
particular
vpc
and
internet
gateway.
And
then
we
are
associating
the
route
table
with
the
subnet
actually,
and
then
we
are
coming
to
the
part
where
we
are
defining
the
infrastructure
for
like
for
creating
the
instance.
A
Basically
in
this
one
I
have
my
ama
defined
instance
type
defined
and
the
instance
key
name
also
defined,
and
I
am
also
associating
the
subnet
id
that
that
I
have
created
in
the
above
definition,
and
then
I
am
also
associating
the
security
groups
as
well.
So
security
group
is
nowadays
by
default.
Aws
doesn't
allow
like
no
public,
like
user
access
to
ssh
or
outer
world
internet.
Actually,
so
for
that
we
have
to
have
a
special
security
groups
needs
to
be
created
for
allowing
the
ssh
and
http
access.
A
So
basically,
what
I
have
done
is:
I
have
created
a
security
group
file
separately
for
defining
the
ssh
taxes
and
the
http
access
for
the
particular
instance.
Why
are
the
subnet
for
other
vpc
security
groups?
So
you
can
see
like
now
that
inbound
is
ingress
and
I
have
defined
the
ssh
22
connection
and
in
grand
indones,
like
http
80
also
load
and
for
outbound
I
am
allowing
all
traffic
actually.
So
this
is
the
security
group.
I
have
defined.
Let's
quickly
apply
this
code
and
I'll
and
we
can
see
what
happens
so
terraform.
B
A
So,
basically,
in
this
example,
I
made
use
of
variables
file
in
which
I
am
kind
of
customizing
various
inputs.
I
I
wanted
to
you
know
pass
in
into
the
particular
infrastructure
creation,
so
predominantly
majority
of
things
are
kind
of
like
can
be
used,
but
only
this
key
name
variable
right.
I
have
added
using
the
tf
vars
file,
so
this
is
the
tf
pass
implementation.
A
Initially
I
was
talking
about
in
the
in
the
introduction
part
right.
We
can
customize
our
own
like
variables
and
we
can
use
this
variable
file
alone
to
pass
the
customized
variable
inside
our
terraform
code.
Actually,
so
for
that
I
am
what
I
am
doing,
while
applying
the
code,
I
need
to
pass
the
option
called
var
file,
in
which
I
need
to
give
the
path
of
this
variable
file,
actually
aws
dot,
pf
vars,
in
which
it
contains
all
the
necessary
variables,
customized
variables
that
is
needed
for
this
infrastructure
creation.
A
Since
the
lack
of
time,
I
couldn't
like
know
show
the
change
of
like
my
s3
bucket
options
actually
because
that
needs
some
exploration
of
options,
sleep
at
a
command
creation.
So
basically,
like
that's
the
reason.
Whenever
we
need
to
create
a
infrastructure,
we
need
to
keep
ready
with
all
our
changes
or
definition
that
is
needed
to
be
created
for
defining
or
changing
infrastructure,
so
that
we
can
avoid
this
kind
of
error.
And
even
if
there
is
an
error,
then
we
can
explore
the
reform
documentation
for
fixing
those
errors.
A
Actually,
so
now
we
can
see
in
this
web
web
server
example,
it
is
started
creating
all
the
code
in
the
meantime,
I'll
show
you
that
what
is
available
in
the
main.tf
right
as
I
was
explaining
like
it,
has
vpc
internet
gateway,
subnet
and
all
the
definitions.
In
the
instance
definition,
you
can
see
that
I
have
defined
the
user
data
section
right
in
user
data,
even
though
it
accepts
cell
scripting
and
for
windows
kind
of
systems.
It
accepts
powershell
right.
A
A
This
script
will
be
executed
and
it
will
be
kind
of
showed
it
will
be
having
the
apache
installation
done
whenever
the
system
is
ready
for
accessing
right.
So
now
we
can
see
that
this
instance
is
created.
Now.
What
I
am
going
to
do
now
is,
I
am
going
to
show
that
this
script
should
be
should
have
been
executed
inside
the
instance
that
got
created
right.
So
since
I
have
configured
a
vpc
subnet
and
using
my
instance
accessing
key
right,
that's
a
pem
file.
We
need
to
provide
what
I'll
do
I'll.
A
This
might
be
felt
too
heavy
for
some
beginners,
but
whenever
you
are
planning
to
create
a
like,
you
know,
instance
or
like
a
resource
creation,
you
can
just
refer
whatever
I
have
like
explained
in
this
session,
so
that
it
would
be
easy
for
you
to
learn
more
on
this
right.
So
basically,
this
session
as
a
told
earlier,
can
be
used
as
a
basic
thing
to
start
learning
as
a
beginner
for
creating
terraform
code.
A
Actually,
so
since
it's
asking
for
that,
adding
that
known
host,
I
will
be
adding
it
so
now
it
will
be
going
into
my
vm
that
got
created
right.
So
this
is
a
vm
that
got
created
and
it
is,
we
are
inside
the
vm.
So,
as
I
told
earlier,
it
was
creating
a
it
was
running
a
set
of
scripts
right
whenever
the
vm
is
created,
so
that
can
be
checked
in
the
cloud
init
log
that
would
be
available
in
the
slash
dialog
part.
Actually.
A
So
this
is
the
user
data
file
and
it
is
having
a
set
of
instructions
right,
so
you
can
see
here
right.
So
we
are.
We
have
given
that,
given
the
command
of
inside
apache
2
that
we
can
see
it
here,
so
it
means
that
it
runs
this
cloud
like
no
user
data
section
and
run
the
script
right
for
accessing
this,
for
installing
the
apache
inside
the
instance
source.
A
A
So
this
is
the
sample
right,
so
this
is
the
apaches
default
page
that
comes
from
the
slashware
log,
slash,
www,
dot
path
actually,
and
so
this
is
a
kind
of
like
no
full
level.
Example.
That
shows
how
to
create
a
entertained
instance
like
with
all
the
networking
and
stuff
actually.
So
this
is
the
high
level
I
wanted
to
cover,
and
there
are
few
other
slides
I
wanted
to
quickly
run
through.
So
we
are,
we
are
pretty
much
done
with
the
demo
part
actually
and
on
a
high
level.
A
These
are
the
best
practices
right
use,
the
terraform
bar
files
example.
I
showed
you
for
customizing
for
sending
the
customize
variable
and
the
version
control
this
that
form
state
file
for
like
no
reverting
back
to
the
earlier
versions
or,
like
you
know,
for
role
for
for
rollback
under
managing
the
s3,
that
is,
for
the
multiple
developer
environment,
right,
tf,
state
files,
so
so
that
it
can
be
avoided
for
multiple
turns
of
the
same
infra
and
then
retrieve
the
state
metadata
from
remote
backend
right.
A
So
that
is
also
similar
to
that
and
use
shared
module
and
isolate
environment
using
variables
and
modules.
Actually
so
these
are
some
of
the
best
practices
and
in
this
deck
also,
I
have
provided
the
kind
of
github
reference
for
this
particular
best
practice.
Github
page
yeah-
and
we
are
pretty
much
covered.
Everything
and
that's.
It
hope
this
session
might
be,
might
have
been
useful
for
people
who
are
getting
started
with
terraform
right.