Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added solution.md with images for Day-03: Terraform Configuration for AWS EC2 Instance with Provisioners, State Management, and Lifecycle Configuration #23

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Added solution.md with images for Day-03: Terraform Configuration for AWS EC2 Instance with Provisioners, State Management, and Lifecycle Configuration #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4b22e6f
Added solution.md
Amitabh-DevOps Dec 2, 2024
6155707
Added solution.md
Amitabh-DevOps Dec 4, 2024
1626ca2
Added solution.md with images
Amitabh-DevOps Dec 6, 2024
46e1606
Added solution with images
Amitabh-DevOps Dec 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
221 changes: 221 additions & 0 deletions day01/solution.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,221 @@
# TerraWeek Day 1

### **Day 1: Introduction to Terraform and Terraform Basics**

#### **What is Terraform, and how can it help you manage Infrastructure as Code?**
Terraform is an open-source tool by HashiCorp that allows you to define, manage, and provision infrastructure as code (IaC). It uses a declarative configuration language, HCL (HashiCorp Configuration Language), to describe the desired state of infrastructure. By applying these configurations, Terraform ensures that the actual infrastructure matches the desired state.


Key benefits of Terraform:

- **Consistency:** The same configurations can be reused across environments (e.g., dev, staging, production).
- **Version Control:** Infrastructure definitions are stored in source control systems like Git.
- **Automation:** Removes the need for manual intervention during resource creation.
- **Cloud-Agnostic:** Supports multiple cloud providers like AWS, Azure, GCP, and even on-prem solutions.

---

#### **Why do we need Terraform, and how does it simplify infrastructure provisioning?**
1. **Eliminates Manual Effort:** Automates the provisioning, scaling, and configuration of resources.
2. **Infrastructure as Code:** Maintains infrastructure as code for better tracking, auditing, and collaboration.
3. **Cross-Cloud Compatibility:** Provides a unified approach to managing multi-cloud and hybrid environments.
4. **Dependency Management:** Automatically understands and manages dependencies between resources.
5. **Cost and Time Efficiency:** Reduces operational overhead and human error, enabling rapid infrastructure changes.

---

#### **How Can You Install Terraform and Set Up the Environment for AWS?**

#### **Before You Begin: Create an EC2 Instance for Running Commands**

To execute the following commands in an isolated environment, create an Ubuntu EC2 instance using AWS Management Console:

##### **Launch an EC2 Instance:**

1. Go to the **EC2 Dashboard** on AWS.
2. Click **Launch Instance**.
3. Configure:
- **Name:** Terraform-Setup
- **AMI:** Ubuntu Server 22.04 LTS
- **Instance Type:** t2.micro (free tier eligible)
- **Key Pair:** Create or select an existing key pair.
- **Network Settings:** Allow SSH traffic (port 22) from your IP address.
- **Storage:** Keep the default 8 GiB or adjust as needed.

##### **Connect to the Instance:**

Use an SSH client or AWS CloudShell to connect:

```bash
ssh -i "your-key-pair.pem" ubuntu@<EC2-Public-IP>
```

##### **Update the Instance:**

Run the following commands after connecting:

```bash
sudo apt update && sudo apt upgrade -y
```

Now proceed with the installation of Terraform and setting up AWS credentials.


##### 1. **Install Terraform on Ubuntu:**

To install Terraform on Ubuntu, follow these steps:

- **Add the HashiCorp GPG Key and Repository:**

```bash
wget -O - https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
```

- **Update the Package List and Install Terraform:**

```bash
sudo apt update && sudo apt install terraform
```

- **Verify Installation:**

Confirm that Terraform is installed correctly by checking its version:

```bash
terraform version
```

---

##### 2. **Set Up Terraform for AWS:**

- **Create an IAM User in AWS:**

- Go to the **IAM Management Console** in AWS.
- Create a new IAM user with **programmatic access**.
- Attach the necessary policies (e.g., `AdministratorAccess` or policies tailored to your use case).
- Note down the **Access Key ID** and **Secret Access Key**.

- **Install the AWS CLI:**

Install the AWS CLI to configure credentials:
```bash
sudo apt update && sudo apt install awscli
```

- **Configure AWS CLI Credentials:**

Run the following command and enter your IAM user details:
```bash
aws configure
```

Provide:
- **Access Key ID**
- **Secret Access Key**
- **Default region** (e.g., `us-east-1`)
- Output format (default: `json`)

Comment on lines +107 to +119
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Enhance AWS credentials security

The current AWS credentials configuration could be improved with more secure alternatives.

Consider adding these secure alternatives:

### Secure Alternatives for AWS Authentication

1. **AWS IAM Role** (Recommended for EC2):
   ```bash
   # No credentials needed when using IAM roles

  1. AWS SSO:

    aws configure sso

  2. Environment Variables:

    export AWS_PROFILE=your-profile
# Or
export AWS_ACCESS_KEY_ID=your-access-key
export AWS_SECRET_ACCESS_KEY=your-secret-key
export AWS_SESSION_TOKEN=your-session-token  # If using temporary credentials

⚠️ Security Note: Avoid storing credentials in plain text. Use AWS Secrets Manager or Parameter Store for production environments.


<!-- This is an auto-generated comment by CodeRabbit -->


- **Verify AWS CLI Configuration:**

Check your AWS CLI configuration:
```bash
aws sts get-caller-identity
```

- **Use AWS as a Provider in Terraform:**
Add the provider configuration to your Terraform `.tf` file:

```hcl
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.65.0"
}
}
}

provider "aws" {
region = "us-east-1"
}
```
Comment on lines +131 to +144
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve AWS provider configuration flexibility

The current provider configuration could be enhanced for better maintainability and flexibility.

Consider this improved version:

 terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "5.65.0"
+      version = "~> 5.65.0"  # Allow minor version updates
     }
   }
 }

 provider "aws" {
-  region = "us-east-1"
+  region = var.aws_region  # Use variable for flexibility
+  
+  default_tags {
+    tags = {
+      Environment = var.environment
+      ManagedBy  = "Terraform"
+    }
+  }
 }

Committable suggestion skipped: line range outside the PR's diff.


With these steps, your environment is ready to manage AWS infrastructure using Terraform.



#### **Important Terminologies of Terraform**

1. **Provider:**

- Defines the cloud service (e.g., AWS, Azure) or on-premises platform you are interacting with.

- Example:

```hcl
provider "aws" {
region = "us-west-2"
}
```

2. **Resource:**

- A fundamental element (e.g., an EC2 instance, an S3 bucket) described in the Terraform configuration.

- Example:

```hcl
resource "aws_s3_bucket" "example" {
bucket = "example-bucket"
tags = {
Name = "example-bucket"
}
}
```
Comment on lines +171 to +177
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add security best practices to resource examples

The example configurations should demonstrate security best practices.

Consider these improved examples:

 resource "aws_s3_bucket" "example" {
   bucket = "example-bucket"
+  
+  # Enable versioning
+  versioning {
+    enabled = true
+  }
+
+  # Enable server-side encryption
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+
   tags = {
     Name = "example-bucket"
+    Environment = var.environment
   }
 }

 data "aws_ami" "ubuntu" {
   most_recent = true
+  owners      = ["099720109477"]  # Canonical's AWS account ID
+
   filter {
     name   = "name"
     values = ["ubuntu/images/*"]
   }
+  
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  filter {
+    name   = "root-device-type"
+    values = ["ebs"]
+  }
 }

Also applies to: 207-214


3. **State:**

- A file that tracks the current state of your infrastructure. It helps Terraform understand the desired state versus the actual state.

- Example:

Terraform generates a `terraform.tfstate` file during execution.


4. **Module:**

- A reusable and logical grouping of resources defined in separate files or directories.

- Example:

```hcl
module "vpc" {
source = "./modules/vpc"
cidr = "10.0.0.0/16"
}
```

5. **Data Source:**

- Allows fetching data from external sources (e.g., the details of an existing AWS AMI).

- Example:
```hcl
data "aws_ami" "ubuntu" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/*"]
}
}
```

These terminologies form the backbone of understanding and working with Terraform effectively!



Watch this [Reference Video](https://www.youtube.com/live/965CaSveIEI?feature=share)

Binary file added day02/images/task3.1.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added day02/images/task3.2.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added day02/images/task3.3.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
13 changes: 13 additions & 0 deletions day02/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}


provider "aws" {
region = "us-west-2"
}
98 changes: 98 additions & 0 deletions day02/solution.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
# TerraWeek Day 2


## Task 1: Familiarize yourself with HCL syntax used in Terraform
HCL (HashiCorp Configuration Language) is used to define infrastructure in Terraform. Here are the key components:

- **Blocks**: These define a configuration in Terraform, e.g., `resource`, `provider`, `output`.
Example:
```hcl
resource "aws_s3_bucket" "example" {
bucket = "my-unique-bucket-name"
}
```
- **Parameters**: These define values within a block, e.g., `bucket`.
- **Arguments**: These are the specific values provided to parameters. For example, `"my-unique-bucket-name"` is an argument for the `bucket` parameter.

**Resources** in Terraform represent infrastructure objects like instances, buckets, and databases. **Data sources** fetch information about existing infrastructure, such as querying for AWS instance details.

## Task 2: Understand variables, data types, and expressions in HCL
- **Variables**: Variables allow you to reuse configuration and pass values dynamically. Define a variable in `variables.tf`.

Example of a `variables.tf`:
```hcl
variable "bucket_name" {
description = "The name of the S3 bucket"
type = string
default = "my-default-bucket"
}
```

- **Use the variable in `main.tf`**:
```hcl
resource "aws_s3_bucket" "example" {
bucket = var.bucket_name
}
```

## Task 3: Practice writing Terraform configurations using HCL syntax
- **Required Providers**: In your `main.tf`, specify providers such as Docker or AWS.
Example:
```hcl
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
```

- **Testing Configuration**: To test the configuration:
1. Initialize the Terraform working directory:
```bash
terraform init
```

![task3.1](images/task3.1.png)


2. Run a plan to check for errors and preview changes:
```bash
terraform plan
```

![task3.2](images/task3.2.png)


3. Apply the configuration:
```bash
terraform apply
```

![task3.3](images/task3.3.png)


4. If necessary, adjust the configuration and reapply.


## Example of a `main.tf` file:
```hcl
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}

provider "aws" {
region = "us-west-2"
}

resource "aws_s3_bucket" "example" {
bucket = var.bucket_name
}
```
5 changes: 5 additions & 0 deletions day02/variable.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
variable "bucket_name" {
description = "The name of the S3 bucket"
type = string
default = "my-default-bucket"
}
Loading