EC2 Provisioning with Terraform

Published in

adessoTurkey

4 min readDec 29, 2022

In this lectuere we are going to create apache serving on AWS EC2 with Terraform. Before the starting the coding i want to give some information about Terraform.

Terraform is an open source, cloud-agnostic infrastructure as software tool that enables us to create, change or imrove our infrastructure. Terraform workflow consist of three steps; Write, Plan, Apply.

Firstly we must configure aws cli with “aws configure” thanks to the this command we are able to connect our aws account.

Let’s wite some code. First step identifying the priovider. In here we are specifying to use aws in eu-central-1 region .

provider "aws" {
  region = "eu-central-1"
}

Then we are going to create AWS EC2 instance. In here we must specify AMI ID and instance type. It should not be forgotten AMI IDs may vary by the regions. I am going to use ubuntu ami and t2.micro instance. I specified this arguments in my variable.tf file as shown in below.

variable "ec2server" {
    type = map(any)
    default = {
    ami_id = "ami-06ce824c157700cd2"
    instance_type = "t2.micro"
  }
}

Then continue with specifying the my EC2 Server. I create aws_instance resource block and specified my ec2 specs.

resource "aws_instance" "ec2server" {
  ami = var.ec2server.ami_id
  instance_type = var.ec2server.instance_type
  key_name = aws_key_pair.ec2server.key_name
  vpc_security_group_ids =[aws_security_group.ec2serverSecurityGroup.id]
  user_data = file("script.sh")
}

“key_name” argument keeps the my private key name. Let’s create key pair to connecting to the ec2. The code shown in below will be create my key pair file that name is “myPrivateKey” with file permission with “0400”

resource "tls_private_key" "ec2server" {
  algorithm = "RSA"
  rsa_bits = 4096
}

resource "local_file" "key_file" {
  content = tls_private_key.ec2server.private_key_pem
  filename = "myPrivateKey"
  file_permission = "0400"
}

resource "aws_key_pair" "ec2server" {
  key_name = "myKey"
  public_key = tls_private_key.ec2server.public_key_openssh
}

In ingress rule block i will allow SSH port and http port. In egress rule block allow ec2 the outgoing destination.

#security group using terraform
resource "aws_security_group" "ec2serverSecurityGroup" {
  name = "#security group using terraform"
  description = "#security group using terraform"
  ingress {
    description = "HTTP"
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  ingress {
    description = "SSH"
    from_port = 22
    to_port = 22
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
}

The last part of the write code step is specifying the executable code that install, setup apache2 and create index.html file after creating the ec2. “user_data” argument calls “script.sh” file as shown in below. This file will those install, setup and create processes that we write the script file.

#!/bin/bash
mkdir -p /var/test
sudo apt-get update
sudo apt-get install -y apache2
sudo systemctl start apache2
sudo systemctl enable apache2
echo "<h1>Deployed via Terraform</h1>" | sudo tee /var/www/html/index.html

Now we are going to run terrform plan and see the result. Check the plan output to comparing desired and wrote EC2 configuration.