#TerraWeek Day 6
Introduction:
In this blog, we will look at terraform providers and their configuration and authentication, as well as practice using them on platforms such as AWS, Azure, and Google Cloud.
Providers are distributed separately from Terraform itself, and each provider has its own release cadence and version numbers.
Learn and Compare Terraform Providers:
A provider in Terraform is a plugin that enables interaction with an API. This includes Cloud providers and Software-as-a-service providers. The providers are specified in the Terraform configuration code. They tell Terraform which services it needs to interact with.
The Terraform Registry is the main directory of publicly available Terraform providers and hosts providers for most major infrastructure platforms.
To utilize a provider, it is necessary to declare it within your Terraform configuration file, typically denoted by a .tf extension. Below is an illustration of declaring the AWS provider.
Compare Terraform Providers
Terraform can provision infrastructure across public cloud providers such as Amazon Web Services (AWS), Azure, Google Cloud, and DigitalOcean, as well as private cloud and virtualization platforms such as OpenStack and VMWare. Depending on what type of infrastructure we want to launch, we have to use appropriate providers accordingly.
AWS Provider:
Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. You must configure the provider with the proper credentials before you can use it.
Azurerm-Public Cloud
The Azurerm provider enables the lifecycle management of Microsoft Azure using the Azure Resource Manager APIs.
Google - Public cloud provider
The Google provider is used to configure Google Cloud Platform infrastructure (Compute Engine, Cloud Storage, Cloud SDK, Cloud SQL, GKE, BigQuery, Cloud Functions)
Provider Configuration and Authentication
Configuration for the AWS Provider can be derived from several sources, which are applied in the following order:
Parameters in the provider configuration
Environment variables
Shared credentials files
Shared configuration files
Container credentials
Instance profile credentials and region
Provider Configuration
Credentials can be provided by adding an
access_key
,secret_key
, and optionallytoken
, to theaws
provider block.Usage:
Other settings related to authorization can be configured, such as:
profile
shared config files
shared credential files
Environment Variables:
Credentials can be provided by using the AWS_ACCESS_KEY_ID
, AWS_SECRET_ACCESS_KEY
, and optionally AWS_SESSION_TOKEN
environment variables. The region can be set using the AWS_REGION
or AWS_DEFAULT_REGION
environment variables.
provider "aws" { }
$ export AWS_ACCESS-KEY-ID="ansccesskey"
$ export AWS_SECRET_ACCESS_KEY="secret key"
$ export AWS_REGION = "us-west-2"
$ terraform plan
Shared Configuration and Credentials Files:
The AWS Provider can source credentials and other settings from the shared configuration and credentials files. By default, these files are located at $HOME/.aws/config
and $HOME/.aws/credentials
on Linux and macOS, and "%USERPROFILE%\.aws\config"
and "%USERPROFILE%\.aws\credentials"
on Windows.
If no named profile is specified, the default
profile is used. Use the profile
parameter or AWS_PROFILE
environment variable to specify a named profile.
The locations of the shared configuration and credentials files can be configured using either the parameters shared_config_files
and shared_credentials_files
or the environment variables AWS_CONFIG_FILE
and AWS_
Container Credentials:
If you're running Terraform on CodeBuild or ECS and have configured an IAM Task Role
,
Terraform can use the container's Task Role. This support is based on the underlying AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
and AWS_CONTAINER_CREDENTIALS_FULL_URI
environment variables are automatically set by those services or manually for advanced usage.SHARED_CREDENTIALS_FILE
.
Assuming IAM role
If provided with a role ARN, the AWS Provider will attempt to assume this role using the supplied credentials.
Usage:
Practice Using Providers:
Now it's time to gain some hands-on of it. Yes, we are going to do it in the AWS cloud platform.
Log in to the AWS console.
Create an EC2 instance and connect it to your local machine by doing ssh. It connects the instance to the local machine.
Now make a directory using
mkdir
cmd.$ mkdir terraform-provider
$ cd terraform-provider
Now create a file in which we will define the providers.
-
Now create another
main.tf
file so that we can perform some actions. Now run the
init
command to initialize to download and install all the plugins required to run AWS.$terraform init
Now run
terraform plan
command to see the architecture of our configurations.Now to check the syntax of everything, run
$terraform validate
-
Now finally to apply and see your changes visually, run
$terraform apply
Now go to the AWS console in the EC2 instance dashboard, you can see there the instance has been created and running.
Now, we have to run
terraform destroy
.$terraform destroy
Thank You for Reading!!!!!!!
Happy Learning!!!!