Terraform
Activity 5: Create an RDS in AWS
- To create rds instance we need
- vpc
- subnet group (group of 2 or more subnets)
- security group
- database details
- engine (mysql, oracle, …)
- size (db.t2.micro or db.t3.micro)
- credentials
- For this activity lets try using
- default vpc
- default subnet group
- create a security group
Terraform Backends
- Backend represents the location in which the terraform state file is stored
- Default backend is local folder
- Terraform support different backend types
- local
- remote
- s3
- azurerm
- gcs
- ..
- Backend also needs locking
- S3 backend doesnot support locking, so we need to provide dynamo db as extra configuration for lockig
- azurerm supports locking
- Watch classroom video for further illustration.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.82.2"
}
}
required_version = ">= 1.10.0"
backend "s3" {
bucket = "ltterraformstates"
region = "us-east-1"
key = "backendtest/terraform.tfstate"
dynamodb_table = "ltterraformlock"
}
}
Terraform Modules
- Terraform modules are reusable terraform templates
- For resource or backend
- input => argument
- output => attribute
-
For module
- variables acts as arguments
- outputs act as attributes
-
Community Modules are available in terraform registry for public usage
- To use a module we create a module block
module "security-group" {
source = "terraform-aws-modules/security-group/aws"
version = "5.3.0"
}
module "web_server_sg" {
source = "terraform-aws-modules/security-group/aws//modules/http-80"
name = "web-server"
description = "Security group for web-server with HTTP ports open within VPC"
vpc_id = "vpc-12345678"
ingress_cidr_blocks = ["10.10.0.0/16"]
}
- When we create Modules, modules will not have provider block, templates do
Lets create our own AWS VPC Module
Lets use community module to create a security group
