sangeeta shinde's Blog
Terraform Providers

Terraform Providers

sangeeta shinde's photo
sangeeta shinde
·

4 min read

Table of contents

#TerraWeek Day 6

Introduction:

In this blog, we will look at terraform providers and their configuration and authentication, as well as practice using them on platforms such as AWS, Azure, and Google Cloud.

Providers are distributed separately from Terraform itself, and each provider has its own release cadence and version numbers.

Learn and Compare Terraform Providers:

A provider in Terraform is a plugin that enables interaction with an API. This includes Cloud providers and Software-as-a-service providers. The providers are specified in the Terraform configuration code. They tell Terraform which services it needs to interact with.

The Terraform Registry is the main directory of publicly available Terraform providers and hosts providers for most major infrastructure platforms.

To utilize a provider, it is necessary to declare it within your Terraform configuration file, typically denoted by a .tf extension. Below is an illustration of declaring the AWS provider.

Compare Terraform Providers

Terraform can provision infrastructure across public cloud providers such as Amazon Web Services (AWS), Azure, Google Cloud, and DigitalOcean, as well as private cloud and virtualization platforms such as OpenStack and VMWare. Depending on what type of infrastructure we want to launch, we have to use appropriate providers accordingly.

AWS Provider:

Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. You must configure the provider with the proper credentials before you can use it.

Azurerm-Public Cloud

The Azurerm provider enables the lifecycle management of Microsoft Azure using the Azure Resource Manager APIs.

Google - Public cloud provider

The Google provider is used to configure Google Cloud Platform infrastructure (Compute Engine, Cloud Storage, Cloud SDK, Cloud SQL, GKE, BigQuery, Cloud Functions)

Provider Configuration and Authentication

Configuration for the AWS Provider can be derived from several sources, which are applied in the following order:

  1. Parameters in the provider configuration

  2. Environment variables

  3. Shared credentials files

  4. Shared configuration files

  5. Container credentials

  6. Instance profile credentials and region

    Provider Configuration

    Credentials can be provided by adding an access_key, secret_key, and optionally token, to the aws provider block.

    Usage:

    Other settings related to authorization can be configured, such as:

    • profile

    • shared config files

    • shared credential files

Environment Variables:

Credentials can be provided by using the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and optionally AWS_SESSION_TOKEN environment variables. The region can be set using the AWS_REGION or AWS_DEFAULT_REGION environment variables.

provider "aws" { }

$ export AWS_ACCESS-KEY-ID="ansccesskey"

$ export AWS_SECRET_ACCESS_KEY="secret key"

$ export AWS_REGION = "us-west-2"

$ terraform plan

Shared Configuration and Credentials Files:

The AWS Provider can source credentials and other settings from the shared configuration and credentials files. By default, these files are located at $HOME/.aws/config and $HOME/.aws/credentials on Linux and macOS, and "%USERPROFILE%\.aws\config" and "%USERPROFILE%\.aws\credentials" on Windows.

If no named profile is specified, the default profile is used. Use the profile parameter or AWS_PROFILE environment variable to specify a named profile.

The locations of the shared configuration and credentials files can be configured using either the parameters shared_config_files and shared_credentials_files or the environment variables AWS_CONFIG_FILE and AWS_

Container Credentials:

If you're running Terraform on CodeBuild or ECS and have configured an IAM Task Role, Terraform can use the container's Task Role. This support is based on the underlying AWS_CONTAINER_CREDENTIALS_RELATIVE_URI and AWS_CONTAINER_CREDENTIALS_FULL_URI environment variables are automatically set by those services or manually for advanced usage.SHARED_CREDENTIALS_FILE.

Assuming IAM role

If provided with a role ARN, the AWS Provider will attempt to assume this role using the supplied credentials.

Usage:

Practice Using Providers:

Now it's time to gain some hands-on of it. Yes, we are going to do it in the AWS cloud platform.

  1. Log in to the AWS console.

  2. Create an EC2 instance and connect it to your local machine by doing ssh. It connects the instance to the local machine.

  3. Now make a directory using mkdir cmd.

    $ mkdir terraform-provider

    $ cd terraform-provider

  4. Now create a file in which we will define the providers.

  5. Now create another main.tf file so that we can perform some actions.

  6. Now run the init command to initialize to download and install all the plugins required to run AWS.

    $terraform init

  7. Now run terraform plan command to see the architecture of our configurations.

  8. Now to check the syntax of everything, run

    $terraform validate

  9. Now finally to apply and see your changes visually, run

    $terraform apply

  10. Now go to the AWS console in the EC2 instance dashboard, you can see there the instance has been created and running.

  11. Now, we have to run terraform destroy.

    $terraform destroy

Thank You for Reading!!!!!!!

Happy Learning!!!!

TerraformTerraweekchallengeterraform-cloudTerraweekDevops