Creating An IAM User With An Access Key And Secret Access Key For Terraform Access
GOALS:
- Install terraform
- Create an IAM user on AWS
- Create an access key and secrete access key
- Add access key to AWS CLI
Heyy!
Welcome to this blog.
in this blog, I am going to show you how to set up an environment that is comfortable for terraform to run.
if you check my other blog you will learn how to use terraform to create a vpc, subnets, instances, and load balancer.
and you can get it by clicking HERE!
the blog will teach you the fundamentals of how to “use terraform to create a vpc, subnets, instances, and load balancer” by yourself
but if you want a well-detailed video explanation of a zoom class
then you should CLICK HERE to reach me. see you soon!
Let’s jump right in!!
1. INSTALLING TERRAFORM
to install terraform you visit this site: https://developer.hashicorp.com/terraform/downloads
and you can see in the operating system the different types you can install on.
but for this blog, we are going with Linux and Ubuntu/Debian.
$ wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
$ echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
$ sudo apt update && sudo apt install terraformnow above are the commands you will copy one by one and run on your ubuntu machine.
after doing this you will want to check if terraform is installed using this command:
terraform -v
you will get a result like this.
and now you are good to go!!
2. CREATING AN IAM USER ON AWS
now that we have installed terraform safely on our ubuntu terminal.
we will need to go to our AWS console and search IAM in the search box above.
now that we are in the IAM dashboard we navigate to our user section. and above you can see add user. we will click on that.
and here we input the name we want to give the user. we are not enabling console access we are enabling programmatic access.
as you can see it’s not available there so we will add it after creating the user. so we click on next.
it now takes us to the set permissions section. and here we are going to click on the attach policies directly.
and the policies we will be adding are only AdministratorAccess. then you scroll down and click on next
here we are just going to be clicking on create user.
our user has been created. we now click on the user to add our access key and secret access key.
now that we are in. click on security credentials.
scroll down to where you will see the access key. and click on create access key.
On this page, you will tick the local code.
then at the bottom of the page tick the box and click next.
set a description and name it my access key or something else. then click next.
download the CSV file cos you will never have access to this access key and secret access key again. and when you have downloaded it click done.
3. ADD ACCESS AND SECRET ACCESS KEY TO AWS CLI
in this section of the blog which is the last section we are going to be adding the access key and secret access key to the AWS CLI
firstly what we would need to do is to install aws cli on your server
and that can be done with the command below
# first run this
$ sudo apt update && sudo apt dist-upgrade -y
# run this next
$ sudo apt install awscliafter running these commands in your terminal you can run the AWS CLI to be sure that it is installed.
and the output should look like this
although the list of features is longer than this is. this is just a simple view.
Configuring Our Aws Cli
This is where we configure AWS CLI to hold our access key and our secret access key.
$ aws configurewith the command above we can configure our AWS CLI and after typing in that command you should get an input field like this:
this is the first out of four and this is where you will copy and paste your AWS access key ID that you created with your IAM user.
as you can see above I have already put in mine that’s why it is ending in AOEH. if it is yours it will be empty.
after entering your AWS access key. type enter:
and now it brings out a space to input your AWS secret access key that you will copy from the CSV file you downloaded.
after putting it in type enter:
and here it asks you for your default region. that is the region that you are using in your AWS console.
as for me, mine is London and that’s the region's name. input yours there and press enter:
and lastly, it asks you for a default output format. put JSON in there.
just like above.
and you are good to go!!
although there are multiple ways you can store your Access and secret access keys to give terraform access to your account which are:
- creating a terraform variable file
creating a terraform variable file and storing it in the variable file and calling the terraform variable file in your provider's section like this:
the image above is the variable file where we stated an example method in the terraform variable file.
and now this is how we call it in our terraform providers block.
NOTE: if you are storing it in a variable file you must not push the variable file to your git hub because it’s not safe.
2. Export method
you can also use the export method to save the keys in the environment just for that session.
$ export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
$ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
$ export AWS_DEFAULT_REGION=us-west-2and it’s exactly like the example above but knowing that doing it this way does not save it permanently
once you close or turn off the machine the variables go with it also.
so now it’s up to you to choose which method best works for you.
with that said. you are good to go!!!!
Reminder
if you want a well-detailed video explanation of a zoom class in the Mastermind.
Resources
- How To Create a Load Balancer, Instances, and A Hosted Domain Name In Route 53 Using Terraform
- How to Configure a Service Manually In A Private Server & Creating A Load Balancer In AWS
- How to Configure a Service In A Private Server Using BASH script & Creating A Load Balancer In AWS
- How to Configure A Service In A Private Server Using Ansible & Creating A Load Balancer In AWS
NOTE: if you have any questions or want to add to this blog. you can message me through E-mail.
I reply faster to people that are subscribed to my newsletter!!
Conclusion
If you loved this blog post give it a like, comment, and don’t forget to click on the follow button.
And if you would love to get an update on the two interesting blogs I will be posting this week then you should sign up for my newsletter right here!!
