TerraWeek Day 3

Task 1:Create a Terraform configuration file to define a resource of AWS EC2 instance, Azure storage account, Google Compute Engine, etc. (any one)

Create an EC2 instance in the AWS region “ap-south-1”.

Summary of the section:

• Creates an EC2 instance.
• Copy the specified AMI ID to launch the instance
• Take a instance type is "t2.micro"
• Define the security group.
• Add the tag.
• Defines ingress rules to allow inbound traffic on a port 80 from any IP
• Defines an egress rule to allow all outbound traffic

mkdir terraweek03
cd /terraweek
vim main.tf        

main.tf

provider "aws" {
 region     = "ap-south-1"
}
resource "aws_instance" "myec2" {
  ami                    = "ami-05552d2dcf89c9b24"
  instance_type          = "t2.micro"
  vpc_security_group_ids = [aws_security_group.ownsg.id]
  key_name               = "tf-key-pair"
  tags = {
      Name = "terraform-Ashish"
  } 
}
resource "aws_security_group" "ownsg" {
  name = "own-sg"
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
    } 
ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
}
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}
  resource "aws_key_pair" "tf-key-pair" {
    key_name   = "tf-key-pair"
  public_key = tls_private_key.rsa.public_key_openssh
  }
resource "tls_private_key" "rsa" {
    algorithm = "RSA"
  rsa_bits  = 4096
}
resource "local_file" "tf-key" {
    content  = tls_private_key.rsa.private_key_pem
  filename = "tf-key-pair"
}        

Task 2:Check state files before running the plan and apply commands & Use validate command to validate your tf file for errors and provide the Output generated by each command.

To use the above configuration, save it in a file with a .tf extension (e.g., main.tf), and then run the following Terraform commands in the same directory:

terraform init
terraform plan
terraform apply        

after terraform apply command it will create a EC2 instance based on the configuration.

Check file test:

To check the state files, you can use the terraform state list command. It lists all the resources managed by Terraform and their current state.

You can see the terraform state list command and output.

Validate Configuration File:

To validate the configuration file for errors, you can use the terraform validate command. It checks the syntax and structure of the Terraform files and reports any errors or warnings.

Task 3:Add a provisioner to the configuration file to configure the resource after it is created and use Terraform commands to apply for changes and destroy to remove resources.

Here an example of adding a provisioner to an AWS EC2 instance resource. you run scripts or execute commands on the resource during creation or destruction.

provider "aws" {
 region     = "ap-south-1"
}
resource "aws_instance" "myec2" {
  ami                    = "ami-05552d2dcf89c9b24"
  instance_type          = "t2.micro"
  vpc_security_group_ids = [aws_security_group.ownsg.id]
  key_name               = "tf-key-pair"
  tags = {
      Name = "terraform-Ashish"
  } 
}
resource "aws_security_group" "ownsg" {
  name = "own-sg"
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
    } 
ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
}
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}
  resource "aws_key_pair" "tf-key-pair" {
    key_name   = "tf-key-pair"
  public_key = tls_private_key.rsa.public_key_openssh
  }
resource "tls_private_key" "rsa" {
    algorithm = "RSA"
  rsa_bits  = 4096
}
resource "local_file" "tf-key" {
    content  = tls_private_key.rsa.private_key_pem
  filename = "tf-key-pair"
}        

terraform init        

terraform plan        

terraform apply        

After run the command you can see the below O/P:

You can see the newly created EC2 instance.

terraform destroy        

Created instance terminated by terraform destroy command.

Task 4:Add lifecycle management configurations to the configuration file to control the creation, modification, and deletion of the resource and use Terraform commands to apply the changes.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.67.0"
    }
  }
}

provider "aws" {
  region = "ap-south-1"
}

resource "aws_instance" "terraform" {
  instance_type = "t2.micro"
  ami           = "ami-05552d2dcf89c9b24"
  
  tags = {
    Name = "Terraweek_03"
  }

  lifecycle {
    create_before_destroy = true
    prevent_destroy       = false

    ignore_changes = [
      instance_type,
      key_name,
      tags
    ]
  }
}
ubuntu@ip-172-31-34-211:~/lifecycycle$         

1.create_before_destroy = true ensures that Terraform creates a new instance before destroying the existing one when changes are made. This allows for zero-downtime deployments by minimizing the time when no instance exists.

2.prevent_destroy = false allows Terraform to destroy the instance during the terraform destroy command. By default, Terraform prevents accidental destruction of resources, but setting it to false enables the resource to be destroyed.

To apply changes and create or update the resource with the lifecycle management configurations, you can use the following command: terraform apply

After terraform apply command EC2 instance will be created.

To destroy the resources created by the Terraform configuration, you can use the following command: terraform destroy

terraform init
terraform validate
terraform plan
terraform apply
terraform destory        

Happy learning!