Automation can save you time, money, and decrease errors.

One popular tool intended to assist in that goal isTerraform.

Terraform is intended for versioning infrastructure through configuration as code.

The main page of the Homepage homelab dashboard with services running on it.

Thankfully, Terraform is distributed as a single binary, which makes it very easy to upgrade as well!

More secure ways exist, which we will review, and it keeps it out of your version control.

Two potential options are to define the access keys within environmental variables or within an on-disk secrets file.

Terminal window showing the manual page for the Mutt email client on Linux

Both are kept outside of your version control.

Let’s look at defining your credentials via environmental variables.

To use the above credentials within a configuration file, you would actually define the provider ofawswithout any options.

Article image

Terraform

The benefit of using environmental variables is that no credentials are stored on disk.

Terraform knows to look for those environmental names when it runs for theawsprovider.

The downside is that the credentials are only available for as long as the session is running.

More commonly, credentials are stored in on-disk in a default location.

In Linux, that location is~/.aws/credentials.

Additionally, we need to define a region as well so that Terraform knows where to create the resources.

Initializing Terraform

Next, you oughta initialize Terraform.

Inside the file, put theproviderinformation as created above, utilizing whatever method works best for you.

Run theterraform initcommand in the same location where you have defined your configuration.

Terraform sets up some local files and configuration to enable it to run properly.

Now, you might move on to defining your credentials and configuration.

You are going to create a pretty simplet2.microinstance with the latest Ubuntu image.

A couple of things to note on the following configuration.

First is thedatasection, where you are pulling in the AMI that you want to use.

That’s all that is needed for a very basic deployment of an instance.

By running the commandterraform plan, you might verify what the output will actually look like.

Output is truncated for readability.

Output is truncated for readability.

Many resources and data sources are available within the AWS provider.