YouTube Summaries | Learn Terraform (and AWS) by Building a Dev Environment

March 7th, 2024

Introduction:

This summary will serve to cement the learnings that I took from the video above, which discusses learning terraform by building a dev environment in AWS. I hope you find it useful too!

Main.tf

For this summary, we’re going to do something a little different. Instead of going section by section through the video, we’re going to focus on summarizing the created main.tf file, after which we’ll summarize different sections of the file. The created main.tf is very similar to the one below:

provider "aws" {
  region = "your_aws_region"
}

# Define the AWS key pair
resource "aws_key_pair" "example_key" {
  key_name   = "example_key"
  public_key = file("~/.ssh/id_rsa.pub")
}

# Define the AWS security group
resource "aws_security_group" "example_sg" {
  name        = "example_sg"
  description = "Example security group for dev_node"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "example-security-group"
  }
}

# Define a data source to find the latest Amazon Linux 2 AMI
data "aws_ami" "latest_amazon_linux" {
  most_recent = true
  owners      = ["amazon"]

  filter {
    name   = "name"
    values = ["amzn2-ami-hvm-*-x86_64-gp2"]
  }
}

# Define the AWS instance
resource "aws_instance" "dev_node" {
  ami           = data.aws_ami.latest_amazon_linux.id
  instance_type = "your_instance_type"
  key_name      = aws_key_pair.example_key.key_name
  security_group = [aws_security_group.example_sg.id]

  # Specify the variables
  tags = {
    Name = "dev_node"
  }

  # Associate the instance with a specific subnet
  subnet_id = "your_subnet_id"

  # User data for customization
  user_data = <<-EOF
    #!/bin/bash
    echo "Hello, World! This is user data."
    # Additional user data configurations can be added here
  EOF
}

# Define the AWS internet gateway
resource "aws_internet_gateway" "example_igw" {
  vpc_id = "your_vpc_id"
}

# Define the AWS route table
resource "aws_route_table" "example_rt" {
  vpc_id = "your_vpc_id"

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.example_igw.id
  }
}

# Associate the route table with a subnet
resource "aws_route_table_association" "example_rta" {
  subnet_id      = aws_instance.dev_node.subnet_ids[0]
  route_table_id = aws_route_table.example_rt.id
}

# Define an additional AWS instance
resource "aws_instance" "additional_instance" {
  ami           = data.aws_ami.latest_amazon_linux.id
  instance_type = "your_instance_type"
  key_name      = aws_key_pair.example_key.key_name
  security_group = [aws_security_group.example_sg.id]

  # Specify the variables
  tags = {
    Name = "additional_instance"
  }

  # Associate the instance with a specific subnet
  subnet_id = "your_subnet_id"
}

# Additional AWS resources and configurations can be added here

# Define the output for the public IP address
output "dev_ip" {
  value = aws_instance.dev_node.public_ip
}

Main.tf Summary

  1. Provider Configuration:

    • The provider block specifies the AWS provider and its region, allowing the subsequent resources to be provisioned in a specific AWS region.

  2. AWS Key Pair:

    • The aws_key_pair resource creates an SSH key pair, named “example_key,” using the public key from the local file ”~/.ssh/id_rsa.pub.” This key pair can be associated with AWS instances for secure access.

  3. AWS Security Group:

    • The aws_security_group resource defines a security group named “example_sg” with an inbound rule allowing SSH traffic (port 22) from any source and an outbound rule allowing all traffic. This security group is tagged for identification.

  4. Data Source for AMI:

    • The data "aws_ami" block fetches the latest Amazon Linux 2 AMI from AWS owned by “amazon” and matching the specified name pattern. This data source provides the AMI ID for use in the instances.

  5. AWS Instance (“dev_node”):

    • The aws_instance resource creates an EC2 instance named “dev_node” using the specified AMI, instance type, key pair, security group, subnet, and user data script. It associates the instance with a specific subnet and assigns tags for identification.

  6. AWS Internet Gateway:

    • The aws_internet_gateway resource creates an internet gateway that can be attached to a Virtual Private Cloud (VPC) for enabling communication between instances in the VPC and the internet.

  7. AWS Route Table:

    • The aws_route_table resource defines a route table for the specified VPC, including a default route directing all traffic to the internet through the previously created internet gateway.

  8. Route Table Association:

    • The aws_route_table_association resource associates the route table with the subnet where the “dev_node” instance resides. This ensures that instances in the subnet use the specified route table for routing.

  9. Additional AWS Instance:

    • The second aws_instance resource creates another EC2 instance named “additional_instance” with similar configurations but potentially in a different subnet, providing flexibility for multiple instances.

  10. Output:

    • The output block defines an output variable named “dev_ip” that displays the public IP address of the “dev_node” instance. This can be useful for obtaining the IP address after provisioning for further configuration or access.