Terraform Variables and Datasources¶
Step-00: Pre-requisite Note¶
- Create a
terraform-keyin AWS EC2 Key pairs which we will reference in our EC2 Instance
Step-01: Introduction¶
Terraform Concepts¶
- Terraform Input Variables
- Terraform Datasources
- Terraform Output Values
What are we going to learn ?¶
- Learn about Terraform
Input Variablebasics - AWS Region
- Instance Type
- Key Name
- Define
Security Groupsand Associate them as aList itemto AWS EC2 Instance - vpc-ssh
- vpc-web
- Learn about Terraform
Output Values - Public IP
- Public DNS
- Get latest EC2 AMI ID Using
Terraform Datasourcesconcept - We are also going to use existing EC2 Key pair
terraform-key - Use all the above to create an EC2 Instance in default VPC
Step-02: c2-variables.tf - Define Input Variables in Terraform¶
- Terraform Input Variables
- Terraform Input Variable Usage - 10 different types
# AWS Region variable "aws_region" { description = "Region in which AWS Resources to be created" type = string default = "us-east-1" } # AWS EC2 Instance Type variable "instance_type" { description = "EC2 Instance Type" type = string default = "t3.micro" } # AWS EC2 Instance Key Pair variable "instance_keypair" { description = "AWS EC2 Key pair that need to be associated with EC2 Instance" type = string default = "terraform-key" } - Reference the variables in respective
.tffies
Step-03: c3-ec2securitygroups.tf - Define Security Group Resources in Terraform¶
- Resource: aws_security_group
# Create Security Group - SSH Traffic resource "aws_security_group" "vpc-ssh" { name = "vpc-ssh" description = "Dev VPC SSH" ingress { description = "Allow Port 22" from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { description = "Allow all ip and ports outboun" from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } # Create Security Group - Web Traffic resource "aws_security_group" "vpc-web" { name = "vpc-web" description = "Dev VPC web" ingress { description = "Allow Port 80" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { description = "Allow Port 443" from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { description = "Allow all ip and ports outbound" from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } - Reference the security groups in
c5-ec2instance.tffile as a list item
Step-04: c4-ami-datasource.tf - Define Get Latest AMI ID for Amazon Linux2 OS¶
- Data Source: aws_ami
# Get latest AMI ID for Amazon Linux2 OS # Get Latest AWS AMI ID for Amazon2 Linux data "aws_ami" "amzlinux2" { most_recent = true owners = [ "amazon" ] filter { name = "name" values = [ "amzn2-ami-hvm-*-gp2" ] } filter { name = "root-device-type" values = [ "ebs" ] } filter { name = "virtualization-type" values = [ "hvm" ] } filter { name = "architecture" values = [ "x86_64" ] } } - Reference the datasource in
c5-ec2instance.tffile
Step-05: c5-ec2instance.tf - Define EC2 Instance Resource¶
- Resource: aws_instance
# EC2 Instance resource "aws_instance" "myec2vm" { ami = data.aws_ami.amzlinux2.id instance_type = var.instance_type user_data = file("${path.module}/app1-install.sh") key_name = var.instance_keypair vpc_security_group_ids = [aws_security_group.vpc-ssh.id, aws_security_group.vpc-web.id] tags = { "Name" = "EC2 Demo 2" } }
Step-06: c6-outputs.tf - Define Output Values¶
Step-07: Execute Terraform Commands¶
# Terraform Initialize
terraform init
Observation:
1) Initialized Local Backend
2) Downloaded the provider plugins (initialized plugins)
3) Review the folder structure ".terraform folder"
# Terraform Validate
terraform validate
Observation:
1) If any changes to files, those will come as printed in stdout (those file names will be printed in CLI)
# Terraform Plan
terraform plan
Observation:
1) Verify the latest AMI ID picked and displayed in plan
2) Verify the number of resources that going to get created
3) Verify the variable replacements worked as expected
# Terraform Apply
terraform apply
[or]
terraform apply -auto-approve
Observations:
1) Create resources on cloud
2) Created terraform.tfstate file when you run the terraform apply command
3) Verify the EC2 Instance AMI ID which got created
Step-08: Access Application¶
# Access index.html
http://<PUBLIC-IP>/index.html
http://<PUBLIC-IP>/app1/index.html
# Access metadata.html
http://<PUBLIC-IP>/app1/metadata.html
Step-09: Clean-Up¶
# Terraform Destroy
terraform plan -destroy # You can view destroy plan using this command
terraform destroy
# Clean-Up Files
rm -rf .terraform*
rm -rf terraform.tfstate*
🎉 New Course
Ultimate DevOps Real-World Project Implementation on AWS
$15.99
$84.99
81% OFF
DEVOPS2026FEB
Enroll Now on Udemy →
🎉 Offer