What's going on guys, so I decided to make a
quick crash course on terraform. And if you don't know what terraform is, it's another
one of those infrastructure as code tools. And so it's really great for modeling your cloud
infrastructure through code. And so for anyone that actually wants to get more familiarized
with terraform, or learn another automation tool, especially with regards to the cloud, you
know, this crash course is going to be really helpful for you guys. And I'm going to make
sure to start from the absolute beginning. So I'm going to walk you through how to set up
an AWS account, I'm going to walk you through how to set up and install terraform. And
that's going to be across all operating systems. So I'll show you guys how to install
it on a Mac on a Windows and a Linux machine. I'll even show you how to set up a text
editor like VS code, which I highly recommend, by the way, and then you know, we'll get started
learning the core concepts of terraform. And what it has to offer, I'll show you guys how to create
resources on AWS within terraform. We'll take a look at how to modify them how to delete them,
I'll go over how terraform state works. And we'll take a look at how we can kind of reference other
resources within our code. And I even have a like a mini project where we'll get to deploy a web
server onto AWS. And you know, it sounds simple, but there's a lot of things that actually have to
happen from a terraform perspective to get all of that to work. So I think that'll be a great
learning tool. And I think after this course, or by the time we finish it, you guys would have
a solid understanding of terraform. And at that point, you guys can just kind of take it from
there. And then focus on specific topics that you want. And, you know, I plan to do a lot of
a lot more terraform videos. So if you guys have a specific topic you want me to cover, let me
know, and I'll be happy to record a video and, you know, upload it to YouTube. But hopefully
you guys enjoyed this course. And you know, if you guys have any questions, just leave them in
the comments, and I'll try my best to answer them. To set up an account with AWS,
just navigate to aws.amazon.com. And here, we can actually create an
account and create a root user. So we want to click on this button right here that
says create an AWS account. And it's going to ask for some basic information like an email
address and a password. So just fill that in. And then you'll also have to
provide in a account name, so I'm just going to call this sloppy networks. And go ahead and select your account type, you're
probably just gonna select personal if you just make an account for yourself, but you work for
an enterprise, you may want to select personal or professional. And it's going to ask for
some basic information like your phone number, your country your address, and you will
need to provide all of this information. And to actually create an AWS account,
you will actually have to provide your a credit or debit card information. You know,
throughout all of these videos that I make, we're going to stay within the free tier
so you shouldn't be charged anything as long as you shut down all of your resources
when you're done. And if you do end up getting charged, it'll be at most just a couple of
cents. But you know, AWS does require it so you will need to have a credit card to kind of
follow along with everything that I'm doing. Once you've finished adding in your credit card
information, it will ask you to verify your phone number. So it'll send you a voice, a voicemail
or a text message depending on what you select. So just wait for that text message to come in and
you can just pass in whatever code they sent you. And we want to make sure that we select
the free plan so we're not charged. Okay, and at that point, we
should have an account set You will receive an email address probably just
asking for you to actually confirm that you created that account. So we'll just go to your, my
email, I just like this, and then there should be, nope, it doesn't look like we need to actually
confirm anything. So it looks like we're done at this point, we can just select this button right
here, and just go and sign into the console. And so we're gonna sign in as the root user at this
point, because that's all that's been created. And so we'll just specify the email
address that we signed in with. And we're gonna have to pass in the same password.
Okay, so there you go, we've created an AWS account. So at this point, you should have
access to all of the resources within AWS, you are logged in as a root user. So if you want
to create other users, you can do that at that point. Um, but most of my videos, I usually just
log in as the root user just for simplicity sake. To install terraform on a Windows machine, there's
a couple of steps that we have to perform. And the first step is to download the terraform executable
file. And so to do that, all we have to do is just do a quick Google search for terraform.
And we're going to select that first link, it's most likely going to be the first link. But
if you want to navigate directly to their website, you can just go to www.terraform.io. And then just
click this download button right here. And here, we can see all of the different operating
systems that terraform can run on. But for installing Windows, we're going to
focus on that. So we want to select the 64 bit machine because that's what my machine is,
however, if you're using 32 bits, like 32 bit. And this will download a zipped folder. And so
Once that's complete, you know, just right click and go into show in folder to just navigate to
your downloads folder, or wherever you store your downloads. And this is a zip file folder, so
we want to extract it, so I'll just right click, extract all. And it's going to pick a
location. So this is the default location, I usually just leave that be. And so we'll
hit extract, it'll pop up in a new window, we can just close that out. But you'll
see that right next to that zip folder is the new folder that we extracted.
And so I'm going to go into there. And you'll see that we just have one file in
here. And that's just the single executable file that terraform needs to run. And so what we're
going to do is we're going to copy this file, and we're going to create a new terraform directory
where we're going to store this executable file. Now, where do you create this terraform directory
does not matter. You can pick whatever location you feel most comfortable with, if you want to put
it in my documents, that's fine. If you want to leave it in downloads, that's fine. The only thing
that matters is you remember the exact location of where you're keeping this file. So what I'm going
to do is I'm going to go to my PC, and I'm gonna go into my C drive. And I'm just gonna make a
new folder here, cuz that's where I want to keep it. And I'm just gonna call this directory
terraform doesn't really matter what you call it. And I'm just gonna paste in that executable
file. Okay, and like I said, before, you know, the location doesn't matter. The only thing that
matters is you remember this exact path to this file. And so to actually get this exact path, go
up to this search bar right here. Well, actually, this is the search bar, whatever this is, and just
click, and you'll see that it'll turn it into the exact it'll transform it to the exact path.
So I'm just going to highlight that, copy it. Okay, and now what we want to do is we want
to set an environment variable that points to this path. So I'm just going to go to whoops,
not command, I want to go to E and V. So just search for those letters. And there'll be a button
that says edit the system environment variables. And then we want to select this button
down here, this is environment variables. Okay, and we want to focus on system variables. So
we'll hit edit. Whoops, we actually want to select our specific environment variable. And the one we
want to modify is path. Okay, so we'll hit edit. And so you'll see all of our environment variables
for the PATH variable. And what I'm going to do is hit New. And I'm just going to paste in
what I copied. So that path to that folder, hit OK. And OK, and then hit OK. We're done. Okay,
and so if you have any terminal windows open, make sure you close it after you make that change. If
you didn't have one open, then don't worry about that. And so now what we want to do is we want to
type in cmd. And we want to open up the command prompt. And I did not mean for that to be that
big. And I'm just going to type in terraform dash v. Okay. And if you see this output, that means
basically, this command is just going to tell you what version of terraform you have installed. So
right now I have version 12 dot 26, you may see a different version. If you download this in the
future. The only thing that matters is that we see this output. So if you see anything else, that
means there was an issue with your installation of terraform. I remember I recommend you just
repeat the steps that I covered in this video. There really shouldn't be any issues that you
run into. Just make sure that once you're done that you see this output and that's it. You can
now start running terraform on a Windows machine. Now there's a couple of different ways to install
terraform. On a Mac machine, however, my favorite way is through using a tool called homebrew. And
if you aren't familiar with what homebrew is, it's a package management tool for Mac OS. So it can be
used to install all sorts of different packages, not just terraform on your Mac. So I highly
recommend that you, you know whether you choose to use this method or not eventually install
homebrew it'll make your life a whole lot easier. And so to actually install homebrew,
let's just do a Google search for it. And it should be the first link. So
brew.sh is the link that you want to go to. And it's just going to give you this command
right here to copy. So copy this command. And we need to go to our terminal now. So I'm
going to go into finder, I'm going to go into my applications, and then just look for a terminal.
So I'm just gonna do a quick search for that. Okay, and so this is what we want right here
if you aren't familiar with the terminal. Okay, and so once the terminals open, just
copy and paste that line that you copied. And then hit enter. And so this will
automatically install homebrew for us, you will have to provide your password. And
then it'll just let you know that you need to hit return to continue. So just hit return.
And this is going to take a little bit of time. So I'll pause this video for now and
touch base with you guys. Once that's done. Alright, now they brew our homebrew is
installed, we can actually use homebrew to install terraform and with homebrew will
have access to a whole bunch of new commands, mainly the brew install command. So anytime you
want to install a package using homebrew all you to do is type in brew, and then install and then
the name of the package that you want to install. So we want to install terraform. So we can
just do brew, install terraform, hit Enter, and it's going to download the terraform
package for us and handle everything that we need. Alright, now that the terraform installation
is complete, there's one last thing we need to do. And that's verify that the installation
went okay without any issues. And to do that, all we have to do is just type in one command
and that's going to be terraform dash v. Okay, and it should if the installation went okay, just
print out whatever version that was installed. And so you can see that I am running version 12
dot 26. However, if you're watching this video, my future you'll probably see a different
version most likely a higher version number. But the only thing that matters is that
you see the version getting printed out if you see anything else, if you see an error,
that means that the installation did not go as planned. And so you'll probably have to redo
the steps that I covered in this video. But you know, I don't think you should be running into
any issues, it's a fairly straightforward process, homebrew will set up everything for you.
So you shouldn't run into any issues. To set up terraform on a Linux machine, the
first thing that we have to do is download the terraform package. So we can just go to
www.terraform.io. And on the terraform homepage, we just want to navigate to that download
button right here. So we'll select that. And on this page, just select the operating
system that you're using. So we're using a 64 bit Linux machine, if you're using 32
bit, make sure you select 32 bit, if you're using FreeBSD, then you know
just select the appropriate package, I'm gonna select the 64 bit, want to make sure I
save the file and then hit OK. So at this point, it should be downloaded. So I can just you know,
select this right here, and it's going to take us to where we download it. And it's the zip file,
so we will have to extract it. And there's two different ways of extracting it. And I'll show you
how to do it through the GUI. And I'll show you how to do it through the command line depending
on whichever method you prefer. So I want to extract this zip file that we just downloaded.
So I can just select that and then hit extract. And then we'll hit extract again. And then
it'll say extraction is completed. And then we can select Show the files. And it's going to
show us in our Downloads directory, the original zip file as well as the unzipped terraform file.
So this is the file that we really care about. However, I want to show you guys how to do this
to the command line because I think that's an important skill to have. So I'm just going to
move to trash. Okay, and I'll show you how to do it through the command line. So we'll just
go to our applications and search for terminal. And we want to navigate to where that zip folder
is. And so I set up my machine to download all files to the Downloads directory. That's
usually the default location. And so we'll do CD downloads. And if I do an ls we should
see the zip file and I can just do unzip and then the name of the file. However, if you
don't actually have the unzip utility, then you'll have to do a sudo. You know, apt install unzip
first so that you can get access to that utility. And then once you have access to that utility,
you can just do an unzip and then terraform. Okay, and you'll see that, if
you were following along on the, the GUI, you'll see that it did create the file
for us. And we can verify with an LS. So we've got the original us. So we get the original zip
folder, as well as the terraform executable file. Now we're almost done. However, there's, there's
one thing that we have to do is we want to move this to a location that will allow us to run the
terraform command, regardless of what directory we're in, because right now, we can only run
it when we're in this exact directory. And it's kind of a pain to always have to move to our
directory to be able to run terraform commands. So what I want to do is or what I want you guys
to do is type in the command MV. So this is going to move a file to a specific location.
And then we want to move the terraform file, and we want to move it to slash user slash local
slash bin. Okay, and it's going to throw an error, it says permissions denied. So if you see that
error, just run the same command except put in the word sudo. beforehand. So this is going to give
us root privilege. And you need root privilege to move any folder into this specific directory.
So hit enter, it's gonna ask for our password. Okay, and so it looks like it's
completed. So we'll just move to that directory and just verify
that it did actually move it there. Okay, so it's in the user slash local slash bin
directory. Now I want you to move back to your home directory. So you can do a CD and then Tilda
that's going to take us to our home directory, or just move to any directory, if you
want to move to the root directory, you just move out of that folder. And now what I
want you to do is type in the command terraform dash v. Okay, and if you see this output, it
should print out the version of terraform that we downloaded. So I'm using version 12, not
26. However, if you're watching this video in the future, you're probably going to see a
different version, that's perfectly okay. The only thing that I want to ensure is that you see
some version get printed out, that means terraform is installed, and everything is working properly.
However, if it spits out any other message, okay, if it shows you anything else, like, you know,
terraform is not a command or anything like that, that means there was an issue with your
installation, and I recommend you just, you know, repeat all the steps that I performed.
And, and hopefully that fixes any issues that you may run into. Um, but at this point, you're good
to go, you can start using terraform. And so you know, in the next videos, we'll get started on,
you know, actually playing around with terraform. Okay, so there's one last step to setting up
terraform. And this is technically an optional step, but I highly recommend it. And so what
we're gonna do is we're going to install a very powerful text editor. Now you can use any
text editor of your choice, it's not going to make a difference. So if you prefer something
like sublime, feel free to use that. However, I'm going to be using one that's called Visual
Studio code. So this is a free text editor that's provided by Microsoft. It's supported across all
operating systems. And that includes Windows, Mac, Linux, and it really is one of the best
text editors out there. There's a lot of people that use it. And I highly recommend you guys use
this if you want to follow along with my videos, because I'm going to provide a lot of tips within
VS code that will help make your life a little bit easier when you're trying to work with terraform.
So if you want to follow along and get VS code as well just go to code dot Visual Studio Comm.
And the website should automatically detect what operating system you're on. And so you should just
be able to hit this button. So you can see here it detected, I'm using Windows, but if you're on a
Mac, it should say, you know, download for Mac, to just download that. And you know, moving forward,
that's what I'm going to be using. But you know, once again, if you want to use something else,
feel free to do that. But anyways, once you've got VS code installed, I do recommend that you install
an extension. So if you aren't familiar with extensions, extensions, within VS code just give
you some extra functionality. So to actually see your extensions, you know, once you open up VS
code, it looks like I already had it open, but you want to navigate to this button right here.
So this is going to manage all of your extensions, and just search for terraform. Okay, so once
you search for terraform, the first one should be the one that you want. But just to double
check, make sure it's the one by hashey Corp, who's the company that makes terraform and just
do an install. And so this extension is going to provide us a lot of features that make our
life easier, so you can take a look at them. But obviously auto completion is great syntax
highlighting auto formatting. You know, all of these are going to make your life a
lot easier when you're writing terraform code. But you know, once you have that done, at this
point VS code set up, that's all you really need to do. It's just going to behave like any other
text editor. So you can create and delete and modify files within here. So it's kind of like
an ID but we're going to use it for terraform. Now that we've got terraform installed in
our environment, for the most Part set up, the last thing I want to do is just create a
directory that we can store all of our code in. And so within my documents, I've created a folder
called a terraform project. And then within this folder, I've created a folder called Project one.
So this is going to be where we're going to start our code for our first project. And so you know,
feel free to make a directory wherever you want. If you want to keep it in downloads, if you want
to keep it on your desktop, just pick a location. And once you have that location set to actually
open a folder in VS code, we can just open up VS code, go to File, go to open folder, and then
navigate to wherever that folder is selected. And then we can open it up. Alright, and so at
this point, it's going to give us a welcome page, which we don't care about. So just close
it out. And you'll see that we've opened up project one within our root directory, and
there's no files or folders within there. Now, terraform is written in a language
called hashey Corp configuration language in a file that has a.tf extension. So all
of our terraform code is going to be stored in a file with a.tf. Extension. So we're going
to do is we're just going to do new file, if you right click here and just do a new
file, I'm just going to call this main.tf. And the.tf just signifies that this is a terraform
file, and you'll see a couple of pop ups. If you install the extension, just ignore those
for now. But keep in mind that you don't actually have to call this main, you can call this you
know file one, you can call it first project.tf just make sure it has a.tf extension. Now in
this file, the first thing that you have to do is define a provider. And in terraform, we
have this concept of riders which basically just allow us or it's a plugin that allows
us to talk to a specific set of API's. And if you go to their documentation
page, so if you just go to terraform.io slash Doc's slash providers, slash index dot HTML,
is going to show a list of all of the providers that terraform supports. So if we download, you
know, let's say the AWS provider, right, whereas AWS have provider, that's going to make sure that
terraform downloads all of the necessary code to talk to the AWS API, so that we can actually
create resources within our AWS environment. But you can see that you know, terraform,
even though it's really synonymous with, you know, cloud automation, you can see that it's
got a ton of providers outside of the cloud space, it obviously does support, you know, all the
major cloud providers, as well as some of the smaller cloud providers. But it also supports
Kubernetes, it supports VMware, it supports, you know, like digitalocean, DNS. So it's got a
lot of support for a lot of different platforms. Just keep in mind, though, anytime you want to
work with any of these platforms in terraform, you will have to install the necessary plugins,
so that we can talk to those providers. And you might be wondering, Well, you know, we downloaded
terraform, you know, shouldn't that come with all the code to talk to all these guys? Well, think
about this, guys, you know, for the most part, are you guys going to be working with all of these
providers? No, each customer, or each user is going to have a predefined set of providers that
they're going to work with. And there's no point in terraform, shipping out all of the code for all
of these providers in the installation package. So instead, on a per user basis, or per
project basis, terraform will figure out which plugins need to be installed based off of
the provider configuration in your terraform file. So we want to use the AWS provider, because that's
what we're going to be working with. So let's just click this. And it's going to give us an example
on how to actually set that up. And so you can see that this is the configuration for a provider. And
hopefully this is big enough for you guys. I'll just do a control. Let me see if I can make this
a little bigger. We'll zoom in 110%. I think that should be good enough for you guys. But yeah, this
is all we really need. So we can just copy this, actually, the version is optional.
So well, we can just leave that out. I'll just do copy. And I'll just paste that in
here. And I'm just going to delete the version. And now we're hard coding the region to be
US East one. And you know, before I do that, we'll kind of want to explain exactly, you
know, what are regions if you're new to AWS, basically, a region is just a location
where Amazon or AWS has a data center. And so there's a whole bunch of different
regions. And we can actually take a look at all the different regions that Amazon has if we
just search for AWS, and login to our console. And so let's say my account, we want to go
to AWS management console to log back in, and I'm going to be logging
in as my root users will do. Okay, so this is our management console. And
if you just select this button right here, so right now mine says Northern Virginia,
but yours may say something else. You can see all of the different regions or data
centers that the that AWS has, and so it's going to default and use whichever data center is
G Graphically closest to you. So I'm on the east coast in the US. So it defaults to using the
Northern Virginia data center or what's referred to as US East one. However, if you're in like
California, it's going to default to probably us West one. And so what I would recommend that you
guys do is that following along with me, I would recommend that you just use US East one, like
I am, it's going to, it's going to help prevent any weird issues with like ami is because for some
reason, like if you want to deploy an Ubuntu ami, in one region, like US East one, and one region in
like us West one, they'll have different names or IDs, I don't know why AWS decided to do that.
But it can lead to issues, because if you're copying my code, the AMI instances might be called
something else. So just set it to US East one, and in AWS, or sorry, in terraform, set it to US
East one. And so that way, you know, my resources, as well as your resources will get deployed in
the same exact region. And we should hopefully, avoid running into any weird issues. All right.
And so now that we've got the provider set up, if we go back to the code, it's going to
keep walking us through how to set things up. And so the next thing that we have to do is set up
authentication. Now, authentication can be a bit tricky with terraform. And what I'm going to do
is I'm going to start off doing it the wrong way, I we're going to just hard code our static
credentials into our terraform file, which is not recommended. Because obviously, if you're storing
your actual access keys, within this terraform file, if you decide to eventually publish your
code onto you know, GitHub or something like that, well, then now all of your your, your credentials
are being stored in GitHub. And so that can be a security vulnerability. However, I want to start
off doing it like that, because one, I want to show you guys how to do it every possible way.
But also, just to keep things simple. For now, I promise we'll have some sections later on,
that covers how to do this in a more secure manner. But let's start off just by, you know,
doing the bare minimum, so that we can focus on learning terraform, before we start worrying,
worrying about security, or anything like that. And so basically, all we have to do is get
our access key and our secret key and pass it into the provider config. And so to do that,
let's go back to our AWS Management Console, and you want to just select your profile name,
and then just go to my security credentials. And then here, you want to select this
access key tab, and you want to select Create new access key. Okay. And if you do
show access key, these, this is my access key. And this is my secret access key. But this
is what I'm going to paste into terraform. Alright, so I'm going to copy this
right here, paste it into my code, and then go back to here, and then copy
my access key. paste it into here. Whoops. Alright, so we've got our access keys set up in
terraform. Now, when you actually create security credentials, within AWS, you can only see these
values once. Okay, so once, once you see these, you won't be able to get them again. So
make sure you store them in a safe place, you can actually hit this download key file,
and it's going to download a CSV file with all of that information. So we can just click on
that. And it'll by default open up in Excel. But you can see here, this is
where my access keys are stored. So just keep that in mind. Because once you hit
close, if you do try to look at your access keys, you'll see that we can see the key ID but we
can't see the secret key anywhere in Amazon does that for security purposes. So make sure
you write that down. However, if you lose it for some other reason, just delete your old one and
then just create a new access key, and then you should be good to go. Okay, so now that we have
our provider set up and our access key set up, the next thing to do is let's try and figure out
how we actually create or provision a resource within AWS. And within terraform, the syntax is
actually really simple. And this is probably one of the nicest parts of terraform. And is really
the main selling point of terraform is that, regardless of what provider you're using, so
whether you're trying to create a resource within AWS, or a resource within Azure or GCP, it's gonna
use the same exact syntax from a terraform side, so that you don't actually have to learn the
underlying API from you know, Azure, or AWS, or GCP. And the main syntax is going
to be you type in the word resource. And then in quotations, you're going
to first provide the provider name. Right, and so in our case, we would
pass in AWS, then you do underscore, and then you do resource type, right, whatever
type of resource you're trying to deploy. And then you have to give it a name. And then
we're going to do curly braces. And then within the curly braces, we provide in all of our
config options. And these are going to be basic key value pair. So key equals and then you
know, some value, right and then Key two, that's going to equal, you know, another
value. So that's the basic structure of how to create resources within a provider. And
so I'm just going to comment that out for now. And I'm going to walk you through how to deploy an EC
two instance, within AWS. And if you don't know what EC two ns is sorry, it's basically just a
virtual machine within AWS. So if you want to, if you want a Windows Server deployed in AWS, you're
going to be doing it in EC two. But you know, you can obviously deploy any type of machine that you
want. If you want to deploy Linux, if you want to deploy a database, you can all do that within ECG
two. And so before we actually deploy that, within terraform, I want to kind of walk you through how
to do it within the AWS console, because I think it's important to see, you know, how to do it in
the console, and then how it kind of maps to in terraform. But obviously, if you guys are already
familiar with AWS and the console, this is going to be really trivial. So you may just want to
fast forward the video. This is more from people that are also kind of learning about the cloud
while also learning terraform at the same time. And we can just go to our Services tab at the top,
select ECS. And then select instances. And you'll see that I have one instance, terminated in one
instance running if you just create an account, you shouldn't see any instances, I'm
actually going to just delete this for now. I'm just going to terminate that.
And I'm going to just deploy a new instance. So I'm just gonna hit launch instance. And here we've got all of the different ami that
Amazon supports, has millions of different ami is and you can even create your own. However,
I want to deploy just a simple Ubuntu ami. And if you guys don't know what an ami is, it's
really just an image, okay, so there's going to be an ami for Ubuntu, there's going to be an ami for
Windows, there's going to be an ami for Red Hat, one for Fedora. And I'm going to search for
Ubuntu and we're going to select the 18.04 LTS and you can see here, this is the actual ami
ID that's associated with this Ubuntu server. So we can hit select. Here we specify the the
instance type, the EC two instance type. And so you know, obviously there's different you
know, sizes and speeds. So some have more CPU, some have more memory. So obviously, if you want a
really high performing server, you want to go down to one of the ones at the bottom. But
obviously, the more high powered they are, the more expensive they are.
So for demonstration purposes, and for just learning to stick to T to micro
because it's part of the free tier, so you shouldn't be charged as long as you shut it down
accordingly. So we'll just hit review and launch. And you'll get this page, we'll just launch that.
And it's going to ask you to provide a key pair. For now just ignore that. So we can just
say proceed without creating a key pair. And we're going to launch that instance. And if
we select this view instances button, that's going to take us back to the AWS console, and you can
see that it's now creating this new instance. So it's in a pending state at the moment, but if you
give it a few minutes, it'll eventually turn into it'll, it'll get colored green, which means
that will have been fully deployed. And then at that point, you can actually start using it.
Um, but that's how we create an AC two instance within AWS using the console. Let's go ahead
and create it using terraform. Now, so that I can really show you how quick it is to do it
through terraform versus just using the console. So like I said, the syntax is
going to be just like this. So we're going to do resource. And then
our provider is going to be AWS, right, it's just based off of what's provided
here. Then we want to do underscore, and then the resource type. And you might be
wondering, Well, what is the resource type? Well, this is something that you actually have to refer
back to the documentation. So let's go to the documentation. I'm already on the AWS provider
page. And we're just gonna do a Ctrl F for EC to just keep going down. Actually, that's
not what I wanted. Here we go, we want to search EC two on the left side. So just open that
drop down menu. And we can just unexplained data sources. We don't care about that. We care about
the resources section. And so what we want to do is look for AWS underscore instance. So this
is how we deploy an EC two instance within AWS. And it's going to give you an example. And
this is what I love about the documentation that examples are super helpful. But
basically ignore the data. Once again, we want to focus on just the resource. So this is
pretty much like the bare minimum of what we need. We have to specify an ami. And
don't worry about this goofy syntax. You know, he's using variables and things
like that, which we're not going to cover yet. Instead, what we're going to do is we're going
to hard code the AMI value in the instance type. For now we'll ignore the tag so I'm just going to
copy this and delete But I had started already. And so you'll see that Remember, the syntax is
the provider, underscore, and then the name of the resource type. So in this case, it's just
instance. And then we have to give it a name. So this is a name, that's not going to be, you
know, set in AWS, this is a name, so that we can reference this resource within terraform. So this
name is just going to be scoped to just terraform. It has AWS will not be aware of this name. So
I'm just gonna give this name of my first server. But you can call it whatever
you want. Okay, and so the AMI, we're going to delete that. And to get the AMI,
we're going to deploy another Ubuntu server. And we'll do a launch instance. And then
if we search for that Ubuntu server, again, we want to go here and just copy this ami.
And I recommend you follow these exact steps, and not just copy what's on my screen, because
Amazon has a tendency to kind of change up the AMI IDs. And so you may end up copying this one,
which may get changed in the future. So you know, go to here, search for it, and then just grab the
AMI. And we want to put it in quotations. So we just paste the AMI in there. And then the instance
type, we want it to be T to micro just like we selected within the console. And we'll delete
the tags. And before I actually run that code, let me go back to services and EC two. And let's
just verify what we have running right now. So I've got two terminated and one running. So once
this gets deployed, we should see two running. So make sure you save your configs. Now
what we need to do is open up our terminal. And so you know, if you're on Windows, you can
just hit the search button and just search for CMD to open up the command line, or you know,
do whatever the necessary steps are for a Windows or a Mac. And then you want
to navigate to wherever this project is. Okay. So for me, that's going to be in documents. And then I think it's called terraform.
And at that one terraform dash projects. And then if I do a dir, okay, so then we want to
navigate to this project one. And here we're going to run our terraform commands. However, it's kind
of a pain to have to open up the command line, and then navigate to that folder. Instead, what
you can do is move this off to the side for now, we can go to our VS code. And this
is why I absolutely love VS code, we can go to new terminal. And it's going to open
up a terminal. And if it's a if it's a Windows machine is going to open up a Windows terminal,
if you're on a Mac, it's gonna open up a macro, if you're on Linux, it's gonna open a Linux
terminal. And it's going to automatically take you to the project directory. So you can
see it's already navigated to project one, which is the root of our directory. And so here,
we can actually run our terraform code instead of having to kind of flip back and forth between our
code and and this command line right here. So I'm just gonna close this out, because we don't need
that I'm just gonna use VS code moving forward. Okay, and the first terraform command
that you need to learn is terraform in it, okay. And so what terraform in it is going
to do is it's going to look at our config in all of our terraform files, which are anything
that starts with the.tf. And it's going to look for all of the providers that we have defined.
So right now we just have one provider. And so it's going to see that we just have
provider AWS, and it's going to download the necessary plugins to interact with the AWS
API. Let's do that. We'll do a terraform in it. And let's actually take a look at what
the output is doing. So you can see here, it's initializing the back end. And it's now
initializing the different provider plugins, and then it's downloading the plugin for
AWS, if we decided to add in a separate provider, that would be like provider,
and then maybe one for Azure, well, then it would not only download the code
for AWS, it would also download it for Azure. Okay, but you should see that terraform has
successfully initialized if you see some other kind of error, then you may have to do a little
bit of troubleshooting, but just make sure you see that, you know, nice shiny green output. Okay. And
so we've got that set up. The next step we want to do is I want to show you the terraform plan
command and the terraform plan command. What this does is it kind of does a dry run of your code so
you can see all the changes that will take place. It'll kind of show you you know if it's going
to delete any instances if it's going to create new instances if it's going to modify instances.
So it'll just do a dry run so that you can make sure that you're not accidentally about to break
your production network or something like that. So I always highly recommend you run a terraform
plan, even though it is completely optional. It'll just be like a quick sanity check so that
you can just gloss over the changes that will be made. And you can just make sure that you're not
going to break anything if you do terraform plan. And this may take a little while depending on how
much code you've written, but we just have one instance. So you should see that it should be
minimal output, it should be a fairly quick. But if we kind of scroll up a bit, and
just take a look at what's happening, you'll see that it's going to color code things
depending on the action. So if you see a plus, that means going to create a resource. If you see
a minus, and it's usually colored red, I think, I mean, it's going to delete a resource. And
then if you see something that's orange with a Tilda, that means that it's going
to modify a pre existing resource. And so if we scroll down a bit, you'll see
that right now, we're going to be creating an AWS instance, an EC two instance. And
you'll see that we're using this ami, and then you'll see a lot of details are
not known at this point. So it won't be, it'll be known only once we actually deploy
it to the to AWS, because we won't know the ID that AWS gives it until we actually deploy
it. So you'll see that most of these fields are unknown, but except for the ones that we've
actually specified, like the instance type, source test, check defaults to true, so some of
the defaults will automatically get applied. But this is just letting you know everything that's
going to get changed. So it's going to be creating a whole bunch of things for this one instance.
And so now that we've run the terraform plan, we can now run the terraform, apply to actually
run our code. So we'll do terraform apply. And you'll see that terraform apply will do
something similar to terraform plan where it will actually take a look at your code and then figure
out the changes that will take place. And so this is just another security check. So you can just
verify that you're not going to break anything. And it's going to ask you, you know, do you
want to make these changes, so to approve them, hit yes. And it's going to run our code now. And
hopefully, you know, we don't break anything and everything passes. But you can see here, it's
creating our first server right now as we speak. So we'll let that run, it's going to take some
time, usually creating instances can take a little while, sometimes up to like 510 minutes, depending
on what kind of instance you're deploying. Especially if you're on something like Azure,
I think Azure takes a little while for some reason. Well, actually, that's pretty quick. But
you can see that it completed. And it'll give you kind of like a quick overview of the total
number of changes that were made. So you can see one resource was added zero were changed, and zero
were destroyed. And you know, as usual, you know, just because terraform says it's finished and
completed, we want to double check within AWS to see if that instance actually got created. So
you can see that this was the state before we ran terraform. So we've got two and a terminated
state and one in a running state. So if I hit this little refresh button, it's going to just
refresh it. And you can see now we have to in a running state. And this instance right here is
the one that it got deployed by terraform, because you can still see that it's an initializing
state. But if we click on this and just kind of take a look at the details, you can see that
it's a T two micro instance, like we specified. And you can see the AMI, so this is the AMI which
is using Ubuntu 18.04. And so there you have it, guys, you've successfully deployed your
first EC two instance using terraform. And hopefully, you can really start to
see the power of terraform, just from this simple example. Because I mean, what if we
wanted to deploy 50 different instances, right? Would you want to manually have to click through
these windows 50 different times? Or would you want to just copy and paste a couple of, you know,
instances right here, and then you're good to go? Okay, so we've successfully deployed our first EC
two instance, using terraform. And what I want to do now is I want you guys to try and guess what
will happen if we do another terraform. Apply? I don't actually run this, just try to figure out
what would happen. And I can pretty much guarantee you that your guess is going to be incorrect.
I'm assuming most of you guys that are watching are probably going to assume that well. terraform
is going to run this code again. And it's going to create a another EC two instance. So we would
end up with two EC two instances. And I'm going to tell you that that is incorrect, in fact, and
the reason for that is that terraform is written in a declarative manner. And what that means
is that we're not actually giving terraform a bunch of steps to carry out like a, like a
normal program would, right? So it's not going to go through this code and just run through
each one step by step. Right. So if we wrote, If we pasted this one, you know, it's not going to
go and say, okay, we want to deploy one resource, and then we want to deploy another resource.
Instead, what's actually happening is that we're telling terraform, what we want our
infrastructures to look like in the end. So we're giving it the exact blueprint of what our
infrastructure should look like. And so if we look at our terraform file here, it says that we should
have just one AWS instance in our infrastructure, and that is it. So no matter how many times
we apply terraform or run terraform apply. We should all We just have one AWS instance. And
that's this specific instance. Right. So that's why in terraform, we're not giving any set of
instructions to carry out, we're trying to define what our entire infrastructure should look like.
And then terraform will go in and then figure out exactly what needs to get deployed, what needs
to remain the same, what needs to get deleted, so that our actual state in AWS matches
what's being defined in our terraform code. So if we do terraform, but before we do apply,
I always recommend you do a terraform plan. So if we do a terraform plan, again,
it's going to tell us what the changes that would take place. And you'll see that it's
actually refreshing the state. So if we look here, it's refreshing. It's refreshing the state
of our AWS instance that we actually deploy, just to make sure it's still there.
And there are any issues with it, and that it matches what's here. And then you
can see here, it's telling us that, Oh, look, no changes were made, or no changes need to be
made. infrastructure is already up to date and matches what's defined in our terraform file.
If I do a terraform, apply and hit enter, it's going to once again, refresh the state of
our AWS instance. So it's just basically talking to the AWS server, just making sure that instance
is still alive and working. And then once again, when we run the terraform, apply, it figures
out that look, nothing needed to get added, changed or destroyed. Okay, and this
is an important concept, I think it's, it's a little bit challenging at first, but just
know that once again, it's everything's being defined in a declarative manner, which is a little
different than a lot of other automation tools. But you know, keeping that in mind, I want
to make a few changes. Just to show you guys, you know, what terraform will do when we start
adding, you know, extra properties to this easy to instance. So the simplest change we can
make is adding a tag. So if you aren't familiar with tags, right, you can give any AWS instance,
a specific set of tags to kind of identify them, and so that you can actually search
for them and filter by those tags. So we'll go back to our code. And actually,
let's go back to the documentation to see how we apply a tag. So this is all you have to do,
you just do tags, and then you just provided all the tags that you want to give it. So
we'll copy this, paste it in there. Oops, I'm just gonna change this tag, I'm just going
to call this we'll call this Ubuntu server, we'll just call it Ubuntu. So we're going to give
it a tag of Ubuntu, make sure you save the code. And we're going to do a terraform plan now, just
to see what changes are going to take place. So it's going to refresh the state. And now
we've printed out some changes that are going to take place. And so you know, you'll see that any
time we're going to change an existing resource, you'll see this yellow ish orangish color with
that little Tilda. And so it's saying that we're going to change something regarding this
resource right here that we already deployed. That's the by first server resource. And if we
scroll down a bit, you'll see that this is the change that's going to be made. So it's going to
add in a new tag. Okay. So terraform was smart enough to know that look, you know, we know what
the current state is of our resources deployed on Amazon. And right now it has no tags. But in
our code, we're telling it to have a tag. So then terraform goes in and figures out Oh, okay,
I need to add a specific tag to this resource. So we'll do a terraform apply now. It's
going to run that same check we just did. And once it's doing that, once it's done
doing that, you can see that it's going to make one change. And we're going to say
yes, just so we can complete those changes. Okay, and it successfully completed
that it's changed one resource. We'll go back to the console, we always want to
make sure that the changes actually took place. Don't just take Tara forms word for it.
Okay, and so you can see right here already, the name got populated. So that's the special tag
for naming a resource. But if you click on the resource and just scroll down to tags someplace,
I forget where it is. Should be Where is it? Here we go. Yeah, I forgot
on AWS. It's like this tag. And so you can see here we've got our tag
which has a key of name and a value of Ubuntu. and if we remove that, or comment it out, and
then hit save, we can do a terraform apply again. And Tara Form is going to talk with AWS API, just
to get all the information about our server again. And it's going to see that it has a tag, but we're
telling it to not have any tags. So then it's going to make the necessary changes. And so all
we can see here is that look, we're going to go from a name of Ubuntu to null, which means we're
going to remove that tag, we'll run that. And it should remove that tag. And if we hit refresh,
you can see that now there are no longer any tags. Up to this point, you know, I showed you guys
how to create instances as well as modifying instances, I think the next logical step is
to show you guys how to destroy instances. And so if we want to destroy the instance that
we created, we can do a terraform destroy. Once again, when we run a terraform, destroy,
it's going to do a refresh of our state. And it's going to show us what are the changes
are going to be made. So you can see here, anything with that dark red dash means we're
going to delete it. So we're going to delete that one EC two instance that we've deployed.
And we're going to delete everything kind of associated with that. And so when we hit yes, it
should run that and it should remove it from AWS. Alright, so it successfully destroyed
our resource, go back to the AWS console, you can see if we hit refresh, this guy should
get removed. And so you can see it's now in a terminated state, and then I forget how long it
normally takes me like two more hours, and then they'll get completely removed from the AWS
console. But that's how you destroy your all the instances that were deployed using terraform.
Keep in mind, though, you know, if we had like, I don't know, 1010 of these resources, what's going
to happen is, when you do a terraform, destroy, it's going to destroy every single resource
that was created by terraform. So keep in mind, you know, if you want to destroy a single
resource, there are some parameters that you have to pass in to actually make that work. By
default, the terraform destroy will destroy your entire infrastructure. So you probably won't be
actually running that very often. Within within a production environment, usually, usually, you're
just, you know, doing terraform applies, and then you know, making changes and then applying those
changes. However, I do want to show you a another thing that we can easily do. So first of
all, let's actually deploy this once again. So I'm just gonna do a terraform apply, we're
gonna have to wait for this to get deployed again. Okay, and once it's deployed, let's just quickly
double check that has been created. So this is the new instance, that's been created. And what
I want to show you is really the power of that declar style of writing code that I mentioned
earlier. So instead of doing a terraform, destroy, to destroy a specific instance, what we can do
is just, we can just delete this code right here, right? And so instead of deleting it,
I'm just going to comment it out for now, which is doing the same thing as essentially
removing that code altogether. If we hit Save terraform will see that look at this. And within
our code, there's no resources being defined. And so terraform will see that it'll check the
state and it will see that there's actually an EC two instance, deployed by terraform. And I'll
say, Hey, wait a minute, that doesn't match. You know, we should not have any resources
deployed based off of this terraform file. So let me go ahead and delete that one resource
that we've deployed. If I do a terraform apply. It's going to refresh the state
like it did before. So it's is refreshing that instance, that we created.
And it's saying, whoa, whoa, whoa, wait a minute, right, based off our code, there should not be an
AWS instance, deployed at all. So let me go ahead and destroy this sucker. Though, if we hit Yes,
he's going to end up destroying it. And so that's just another example of that declarative nature of
terraform. And so you can use that as a tool to, you know, delete instances, or delete any resource
within AWS, as long as you just delete it from your terraform file, and then run apply terraform
is going to figure out what you want and what you don't want. So you don't actually have to
delete it from AWS, or do a terraform destroy. So it looks like it's destroyed it. Let's
just go back to the console, double check. And so it looks like it's already
terminated it so it refreshed it for us. And so there you have it, guys. So that's
how you delete resources within terraform. You can do it through the terraform destroy
or you can just remove it from your code and do a terraform apply and terraform
will figure out what it needs to delete. Till now we've till now all we've done was
deploy an AWS instance but it See, anything you can do with the AWS console, we can do it in
terraform. So I want to start taking advantage of some of the other things that terraform can do.
And I want to start playing around with other resources within AWS. So if you're already if you
haven't already done so, I'll go ahead and destroy the AWS instance that you created, you
want to do it through terraform. Of course, I don't do it through the console. So either do
a terraform destroy or just delete this resource, and then run a terraform apply
to get that resource removed. And once you have it removed, what I want
to do now is I want to explore how to create a VPC. And I want to explore how to
create a subnet within that new VPC. Okay, and so if you don't know what a VPC is, it just
stands for virtual private cloud. So it's just a, a private, isolated network, within your AWS
environment that you can create as many v PCs as you want, or there may be a limit, but you can
have a lot of V PCs, and then each one of these VP C's by default, is going to be isolated
from one another. And so to create a VPC, the first thing that we want to do is always just
navigate towards the documentation. So if you just search for a resource, AWS underscore VPC, that's
going to show you how to create a VPC. And you'll see that the configuration is dead simple, right,
all you have to do is just provide a cider block. And so this just means that for our VPC, the 10.0
slash 16 is going to be the network that's going to be used for that VPC. So let's just copy
this and paste it in here to create a VPC. And I'm going to change this name, so we can give
this any name that we want. So I'll just call this my first VPC. And keep in mind that this is
just the name that's going to be used within our terraform. So anytime we want to reference this
resource, we can just reference first test VPC. And if we want to give the name within AWS, we
can provide a tag. So you can take a look at the configs here, and then this is how you do it.
So there's a specific tag for naming things. And that's called main with the capital N. And we'll
call this we'll call this our production VPC. Okay, and so this once we run this, we'll create
a VPC. However, what I want to do now is I want to create a subnet within that VPC. And this
is going to be a little bit more challenging. And I'm going to show you why in a second. But
if we navigate to the AWS subnet resource, if you don't know how to find it, the first thing I
always do is just do terraform. And then you know, AWS, and then whatever resource you're trying
to configure. So if you want to see a subnet, just search for subnet, and it's usually going to
be either the first or the second one. So we want AWS underscore subnet. So it's going
to be the second link in this case. And you can see how to configure it is pretty
easy. Alright, so we just specify resource, AWS subnet, then the name. And then we have
to specify a VPC ID, we also have to specify a cider block. So what subnet do we want
to use for that subnet? That makes sense. And then any necessary tags. So let's copy
this. And let's paste it down here. And so I want to change up a few things. I'm gonna
change this to I'm going to call this subnet one. And the cider block 10.0 dot 1.0, slash 24. That's
fine. Just make sure it falls within this range. And then for tags, I'm going
to call this prod subnet. Okay, and here, we have to specify the VPC ID, and you're probably thinking, Well,
you know, we haven't deployed this VPC, how do we get the VPC ID right, I can't go into
the console and get it because we haven't actually created that VPC. This is where the power of
terraform comes in. Right, we can reference other resources that are being defined within
our code. So we want to reference this VPC that we're creating, and pass in the ID down to this
field. And the way to do that is pretty simple. All we have to do is we have to specify
the resource name. So we'll do AWS underscore VPC, just like it is up here.
Then we do a dot, then we have to take the name of it. And so we'll take this name.
And so that's why the naming is important. paste it here. And then we have to get a specific
property off of that resource. And so every property has an ID, sorry, every resource has
an ID property that we can access. So this value right here is going to get the ID of this VPC that
gets created from the line above. Okay? And so that's how we can reference other resources that
are being defined in our code, right? So you just, what I do is for simplicity sake, I usually just
copy this whatever's between the quotations and I just remove these two quotes, put in a dot and
then put it in a.id. That's my little shortcut. Okay, so I think we're good to go. Let's try to
run this and deploy it. So we'll do a terraform Apply. Actually, let's do a terraform.
Yeah, let's do a terraform apply. And so we'll see all the changes that are
being made. And let's scroll up a bit. And so you'll see that we're creating a subnet.
And we're also going to be creating our VPC. And you'll see all the details that are
being passed into it. So we can hit yes, at this point, and it's going to
deploy that VPC as well as that subnet. Okay, it looks like it's already done. That
was super quick. I guess it's really just easy to instances that take a long time. But if
we go back to our dashboard, what is this bear Who cares? Anyways, let's go to services, search
for VPC. And let's take a look. So you can see, by default, there's a default VPC for every user.
So this is the default VPC that gets created. So we don't, we can ignore that. I just wanted
to make sure you guys understood that if you were confused as to why there's two v PCs. But
this is the VPC that we created from terraform. And if we take a look at the details, we've
got the cider block that we assigned to it. And then the tags, obviously the name being
production. And if we go to our subnets. So there's going to be a whole bunch of subnets
here, but once again, these are all part of the default VPC that gets created. And we want to just
take a look at the one we created, which is prod dash subnet. And so if we go here, we'll see that
the VPC that this subnet resides in is this VPC, which is prod, which is going to be the VPC that
we created within terraform. And then we also have the cider block, which the 10.0 dot 1.0 slash 24.
And so that's pretty much it. Obviously, there's a tag, which is the name, which you can see right up
there. Now, there's one thing I want to point out, you're probably thinking, well, since when we
create the subnet, and we're referencing the VPC, the VPC resource has to get declared first.
And what may be shocking is it actually does not need to be defined first. And I'm
going to, I'm going to prove that to you. I'm going to do a terraform destroy when
I let that get destroyed real quick. Okay, so it's been destroyed. Let's just double
check and make sure. Okay, and so that's gone. And what I'm going to do is just to prove
my point, I'm going to copy this, or cut it and paste it right above right above the VPC. So
now, within our code, we're defining the subnet, and we're referencing the VPC, even though the
VPC is defined beneath it. And once again, guys, this is just to show you guys that the order
in which you place your code does not matter within terraform, which is a little confusing,
right? If you're familiar with programming, right, it always follows a sequential order,
starting from the top and working to the bottom. Let's make sure we save everything. And then
let's do a terraform. Apply. And, guys, if you get tired of having to hit yes, whenever you want to
destroy or create something, you can always do the dash dash auto approve, and that's going to skip
that step. So that way, you can just run it, step away from your seat, go grab something to
eat, and then just come back when it's done. And so you can see here, even though
the sub net was declared first, you can see that terraform Actually, I realized
that this window is probably not that big for you guys. And so I'm going to make this
a little bigger for you guys. Let's see, is there a way to do that?
me afraid to do a Ctrl Plus, there we go. But if you take a look at
the order in which things are created, you'll see that we create the VPC first, they
create and it took three seconds to complete. And then we created the subnet. So terraform does
not care which order the order in which you define things because terraform is intelligent enough
to figure out what needs to get created first. So terraform knows that a subnet belongs in a VPC.
And since this subnet is represent is referencing the VPC or creating, it knows to create the
VPC first, and then create the subnet. Okay, so terraform is very intelligent, it can figure
out what needs to get created. So you don't have to worry about any of that nonsense. It'll figure
out what needs to be done. However, I will say this, there are certain instances where it can't.
However, if you look at the documentation will always tell you whenever terraform can't
figure out what order to create things, and it'll give you a workaround. So like usually
you'll have to pass in an extra flag that says one resource depends on another but for the most
part terraform will figure out everything for you. Now, if you guys have been following along, you
may have noticed that there's a couple of extra files that gets created on the left side. And so
you may be wondering what those mean and you know, that's what I want to cover in this section. So
we'll start off with this dot terraform folder. So this folder gets created whenever we initialize
any plugins. So when we did a terraform in it, right terraform in it, it's going to create that
directory, and then it's going to install all the necessary plugins for our code to run in this
folder. So since we have just one provider, all of the code for the, the AWS provider is going to
get installed into there. And just to prove that to you guys, I'm going to delete this real quick.
And it's okay, it's not going to break our code. It looks like he just deleted one of those
folders, I want to delete all of them. Alright. Okay, so they're all deleted.
And if I try to do a terraform, apply, it's going to throw an error saying, Look
at this, we don't have a AWS provider. And so what we have to do is we have to
initialize it again. So if I do a terraform in it, it's going to do that initialization process.
And when it does that, it's going to create that folder that we just deleted. There you go. So
we see the dot terraform folder, and it's got the configs for AWS, right here. Now
moving on to the second folder, or sorry, the second file that you may be wondering out,
that's going to be the terraform.tf. state. So what this file is, is that it represents all of
the state for terraform. And basically, anytime we create a resource within AWS or any cloud
provider, we need a way for terraform to keep track of everything that's created, right? Because
that way, if we go to modify a parameter, like add an extra tag, or maybe change the instance type
to from like a T to micro to a another size, it needs to be able to check, you know, what is
the current status of that resource, you know, what are its configurations and compare it to
what's in the code. And the way it does that is it just creates a simple text file. And so we've
got this terraform.tf state, and it looks like it's in a JSON format, I can't remember if it is
fully JSON, it may not be, you know, don't quote me on that. But we can basically store all of the
resources that we create when this state file, so you can see we've got the AWS provider. And
if we just kind of look through it real quick, we can see all the resources it's created.
So we've got the first VPC that we created. And so you can see all the details about
that VPC. And then I think someplace, there's going to be a subnet. So this is the one
that covers the subnet. And this is going to have all of the information regarding the subnet. So
this file is very important, too. For some reason, you ever go into this and start deleting things,
you will break terraform. So terraform will have a mismatched state from what's actually
being deployed into AWS. So never mess around with the TF state file. It's a very
important file. And we it's absolutely crucial to the overall functionality of terraform.
And just to kind of show you how this state file gets updated, I'm just going to create
another VPC. And I'm just going to take this, copy this, and we'll just paste it down here. And
I'm going to call this we'll call the second VPC. And I'm just going to change the cider
block. And we'll change this name to say Dev. And might as well just create a
new subnet for that guy as well. I'll call this subnet two. And for the VPC ID,
I'm going to reference this VPC. So whoops, that the typo, and we're gonna just change this to
secondary VPC. And I'm gonna change the subnet to make sure that this subnet resides within this
cider block. And we'll call this dev subnet. Now, if I do a terraform, apply, do a dash dash auto approve. And
once again, typos all over the place. Now if we go back to our TF state file, we can
take a look at it. We'll see that there we had subnet one already. That was already in there. And
then we've got you know, now we have subnet two, right? So you can see that anytime we create
an instance or modify an instance within AWS, we're going to update our state file so that
we can keep track of all of that information. Alright guys, so that's all I
wanted to cover in this video. Till now, we've only been doing very simple
tasks like creating an EC two instance, or creating a VPC or a subnet and we haven't even
be been able to log into that EC two instance. And so what I wanted to do was With everything
that we've learned so far in terraform, I want to walk you through how to create an EC two instance,
deploy it on a custom VPC on a custom subnet and assign it a public IP address, so that not only
can we SSH to it and connect to it and make changes on it, we can also automatically set up a
web server to run on it so that we can handle web traffic. And you know, this task, it seems like
a very simple task with a couple of steps. But it's actually a little more complicated than you
think. But luckily, we don't actually have to do anything from a terraform perspective that we
don't already know how to do. And so I'm going to walk you through that. And I've actually outlined
all of the steps that are necessary to do this. So there's nine total steps, technically 10, we're
gonna have to do one step outside of terraform. Just to keep things a little simple, we could do
it through terraform. But that would get a little more complicated. But just to walk you through
the steps, we're going to create a custom VPC. And then within that VPC, we're going to designate
a internet gateway. And the reason we need to have an internet gateway is so that we can actually
send traffic out to the internet, because we do want to be able to assign a public IP address to
this server so that anybody in the world can reach it, then the next thing that we need to do is we
want to create a custom route table. Technically, this would have been optional, but I thought
it'd be cool to show you guys because these are all things that you need to be able to do. So
I wanted to make sure I walk you through that, we're going to then create a subnet in step four.
And then anytime you create a subnet, we have to assign it to a route table, or then they'll get
assigned to the default route table for your VPC. And so this will just associate the two together,
then we're going to create a security group. And the security group is just responsible for
determining what kind of traffic is allowed to get to any one of your EC two instances. So since this
is a web server, we're going to allow Port 80 and Port 4434 HTTP and HTTPS traffic, we're also going
to allow Port 22, so that we can SSH to it and, you know, obviously connect to it and make changes
to it. We're going to create a custom interface. And that's going to be assigned to the subnet
that was created in step four. And we'll assign an elastic IP. So an elastic IP in Amazon world
is just a public IP address that's routable on the internet. And then we're going to assign that
to the network interface we created in step seven. And then finally, we're going to create an
Ubuntu server, we're going to automatically through terraform install, and enable Apache.
And then we're going to assign that IP address or that network interface that we created in step
seven to that Ubuntu server. And at that point, we should have a live running web server. And
we should be able to connect to it and you know, do whatever we want with it. Alright, guys. So
you know, before we get started, the first thing that we need to do actually is create a key pair
within AWS. And the key pair is just going to allow us to connect to these devices. So AWS
requires us to set up, set up access keys so that we can connect to these devices. So to set
up the keys, we need to go to the EC two section. And then there's a section within here called
key pairs. Here we go. So you can see I have one key pair here already, but I'll walk you
through how to create a new one. So we'll just do create new key pair. And here, we'll just
give it a name. Okay, so we'll call this whoops, we'll just call this access key. If you
want to give it a better name than this, I just couldn't think of one. Okay, how about
this, we'll call this main key, main dash key. So there's two different file
formats that you can use. Go ahead and download the PEM format. For now,
I'll show you how to actually convert this to a ppk if you want to use putty. So, you know
moving forward, though, if you were mainly a Windows user, download the ppk. So that you can
use with putty. If you're using Mac or Linux, you're gonna want the PEM file. So you know,
download that but you know, for now, even if you are using a Windows machine, download the PEM
and I'll show you how to convert it to a ppk. So we'll create this key pair. And it's going
to automatically download this for you. So just remember where it's getting saved to. So it's
probably gonna get saved in your downloads folder. And just keep that in mind. Okay, so now that
we have our key pair set, this is going to this key is going to allow us to actually
connect to our server once we've deployed but, you know, let's go through this
step by step and tackle each step. And you'll see that just how easy it is to create
all these resources. And I'll obviously point you to all the necessary documentation so that if
you guys want to read up further on it, you can and so the first step, create a VPC, you know,
you guys have already done this. But, you know, I'll walk you through that. So obviously, I
already forgot how to actually configure one. So just search for terraform AWS VPC, this
is all I do, guys, you know, just Google it, and Google will tell you what to do. And so here,
we're gonna define a resource. A VPC resource. I'm just gonna copy and paste that. I'm
gonna keep this as the same cider block, it doesn't really matter for the purpose
of this project. Now we need to create an internet gateway. So this is something new. But
once again, the power of Google, go to terraform, AWS and then what was it called internet gateway.
Okay, so there's a couple of things. Really, the only thing you have to pass in is
the VPC ID. So we'll just copy this. And I'm gonna just go in here, paste that in
there. don't really care about PACs for now. And we need to pass it the VPC ID. So remember,
we can reference a another resource within our terraform code. And so we'll just reference
this VPC. So we do AWS underscore VPC, then dot, well, let me give this a more descriptive
name. I don't like main, we'll call this prod VPC. Actually, let's give this a tag as well.
Why not. And we'll just call this a production. And so to reference this, we'll do AWS underscore
VPC, then dot m, the name, so prod, dash VPC. And then we have to do a dot and
an ID, because we always want the ID property of this resource, we
don't want the resource itself. And don't worry about giving giving us a tag. So
that's all we need to do. Now we have to create a custom route table. So this is something that's
new again. So we'll just search for that terraform AWS route table. And, you know,
obviously, we already have this open, so we could just kind of navigate to wherever
it is. But there's just so many resources, it just takes forever to find what you're
looking for. So I always just Google it. And so here, we want the AWS route table. And it's
going to give us an example. So just copy this. And I'll take you, I'll explain step
by step what each line is doing. And I'm going to give this a name,
we'll call this prod route table. And we have to reference the VPC ID, so we can
just copy what we did with the internet gateway. And we don't really need a tag for this
route. Oh, let's get let's give it a name. I think we'll just call this prod as well. Okay,
and then now here, this is where we define the routes for this route table. So if you look at
this, what this is saying is that for the subnet, the 10.0 dot 1.0, slash 24, we're going to send
it to the internet gateway. However, what I want to do is I just want to set up a default route,
which means all traffic is going to get sent to the internet gateway. So to do a default route,
if you guys aren't familiar with networking, you just do this 0.0 dot zero, slash zero. And
this is going to send all traffic, all IP all ipv4 traffic wherever this route points. And this is
the old syntax of referencing other resources. But remember, we're just going to do it the same way
we did for the VPC. So let's find the internet, the AWS internet gateway. And so we just do
AWS underscore, internet underscore gateway, then you do dot, and then we just reference the
name, so we just give it a name or GW. And then we want the ID property. Okay, and so that's
all we have to do to create a default route. And we can also create an ipv6 default route, I'm
not using ipv6, but you know, we might as well go put it in. And so for an ipv6 default route,
it's already been provided. So you just do colon colon slash zero, it's the equivalent of this.
But for ipv6, we can delete this and just point it to the same internet gateway. And you know,
once again, this is just going to make it so that our traffic in the in from the subnet that we're
going to create can get out to the internet. Right now we have to create a subnet
where our web server is going to reside on this, we don't need to kind of search
how to do because we've already done this before. So resource AWS underscore
subnet. And then let's give it a name. I'm just gonna call it subnet dash one.
And then we have to give it a VPC ID. Let's just grab what we did here for
the internet gateway and just copy that a lot of copying and pasting here, guys. And then we have to give it the the actual subnet
that we're going to use. So the cider block. And so I'm going to use the 10.0 dot 1.0 slash
24 subnet. And there's also another optional property so we can actually start suffi what
availability zone we want to use. And if you don't know what an availability zone is, within
a region, we it's not that just it's not that AWS just has one data center. Within each region,
they actually have a couple of data centers, I'm not really sure how many maybe like
three to five. And so that way, if one of their data centers goes down in a region,
the whole region doesn't go down. So they have redundancy. And so you can actually deploy
resources to a specific availability zone. And we can pass that in bypassing
any availability zone property, and then just specifying the name. So we'll just
do a US dash East dash one, a. And so there's going to be US East dash one, a one B, one C, and
so on. But we're just gonna set it into one a. And then we can give this a tag as well. So we'll
set the name to prod, underscores or dash subnet. And so now we've created a subnet,
we've created a route table, but we actually have to assign this subnet
to this route table. And so there's a another resource, a resource type within terraform.
That's called route table Association. And we'll just let me pull up the documentation so
you guys don't get confused. So we'll do terraform AWS route table Association. And all this
does is just a just associate the subnet with a route table. And so you can see
here, we have to pass in the subnet ID, as well as the route table ID. So we'll copy
this. And then we just need to update the subnet and the route table. So we can remove that
and pass in our subnets. So AWS underscore subnet dot subnet dash one.id. And then let's grab
the route table. So I'll just copy this, paste that in there, remove the quotations, lips, and then just join them together with a dot. And
then we want to grab the ID. And that's all we have to do for the route table Association, we
can just leave it as the name of a because we're not going to reference that anyways. So the next
thing we need to do is create a security group, this is something new again. And so it's always
good to make sure that you have a security policy, that's a really clamped down on only the protocols
that you need. And so we'll just search for that. And I'm just going to copy this example
and walk you through what's happening. So let's give this a name.
We're going to call this allow web traffic. And we're gonna change this to allow
underscore web. So this security group is really just going to be there to allow just web traffic.
So we just want Port 22, Port 80 and Port 443. And description, we can just change this
to allow web traffic. And we have to point to our VPC. So there's, we already know how to do
that, we can just copy the one from the stub net. Now, this is where we actually apply
the different rules. So we have Ingress policy as well as the egress policy. So in
this example, what this is saying is that we are going to allow TCP traffic on port 443.
Right, so the front port and the two port just means it allows us to specify a range of ports. So
if I did 4432447, that means we would allow ports 443 through 447. So when you just do the same
number of means we're allowing just that port. And this is the protocol. So you have TCP you have
UDP, and so on. And then you have, we can actually clamp down on what subnets can actually reach this
box. So we can actually put in like our own IP address of our of our work computer or something
so that only certain devices can actually reach this. And so sometimes it's best not to open it
up to the internet. But since we're creating a web server, that's meant to be used by anyone we want,
we want to allow it so that anyone can use it. So we'll change this to 000. That
default, that means any IP address can access it. But if you just wanted like
one specific IP, you could just do like 1.1 dot one slash 32. And then this would
mean that you know just that IP address, I can access it. But we want everyone to be able
to access it. So we'll do that. And we can have as many ingress and egress policies as we want.
And so this is actually technically for HTTPS traffic. So htt ps traffic. I'm just gonna call
it that. And what we want is not to HTTPS, but we want Port 80 and Port 22. So we can just copy
this Ingress rule and paste it a couple of times. Hit Save just so it formats it. And this is
going to be HTTP. And HTTP resides on port 80. TCP once again, so all web traffic is TCP.
And then we want it from any IP address. And then finally, we want one for
SSH. So this is going to be Port 22. TCP, and then yes, any IP address. And if
you look at the example, for the Ingress, this is just saying that, you know, we're
allowing all ports in the egress direction. And when you put n minus one for the protocol, it
means any protocol. And for the cider block, it means any IP address. So this is exactly what we
want for the egress policy. What's more concerning is always setting up the Ingress policy. And we
can change the tag to allow, call it allow web. Alright, now we want to
create a network interface. So let's go to documentation for that.
So terraform AWS network interface. And so I'm going to copy this. We're going to change the name,
I'm going to call this web server, Nick. And so we need to assign this
Nic to the subnet that we created. Let's find our subnet. Where'd it go? Here
we go. And don't forget to grab just the ID. And here we need to specify an IP. So what IP
do we want to give the server we can pick any IP address within the subnet? Well, not technically
any IP address, you know, AWS is going to reserve a couple addresses like the dot one and a couple
other ones. So I'm just going to do 10 dot 0.1 dot 5010 dot 0.1 dot 50. And then finally,
we have to pass in a list of security groups. And so let's pass in the security group
that we just created in the step above. And we can actually attach it to a device
now. But we're going to skip that. And we can actually specify what Nic we want to use when
we actually go to the provisioning section for an EC two instance. So we're going to delete
that part. And we don't need that for now. And then now, so this created the private
IP address for the host. But we also want to assign it a public IP address so that you
know anybody on the internet can access it. And to do that, we need to create an AWS elastic
IP. So if we search for terraform, AWS AIP. All we have to do is just we can
just grab this as an example. So VPC equals true, I can't I forgot what
that actually does, we can take a look at the documentation. So this just means Boolean if
the IP is in a VPC or not. So it isn't a VPC. So we have to set it to true. And then network
interface. So we can specify what network interface we want assign it to, which is the one
we created in step seven. So we can copy this. And then when it says associate with private
IP, it's going to be the private IP that we gave right here. And also, I guess,
I forgot to point out that, you know, here we're passing in a list of IP. So
technically, we could have given more than one. But we're just going to assign one here. And then
we can just reference that here. Go to 10 dot 0.1 dot 50. Now, you know I told you guys that
terraform you know does not care about the order and it will figure out the order at which things
need to be deployed so that everything works. However, there are certain gotchas. And
this is one of the gotchas right here is that the AWS IP relies on the deployment of
the internet gateway, which is created up here. And so if you try to do this through the
console, and you try to create an elastic IP, and assign it to a device, that's, you know, on
a subnet that are in a VPC that doesn't have an internet gateway, it'll throw an error, because,
you know, for you to have a public IP address, you need to have an internet gateway. So deploying
an elastic IP requires the internet gateway to be deployed first before the actual elastic IP gets
deployed. And I guess terraform, by default, can't figure that on its own. And if you actually
take a look at the documentation, it even lets you know that. So it says, elastic IPS may require
internet gateway to exist prior to Association. So you can use the depends on to set an
explicit dependency on the internet gateway. So what we can do is exactly what it told
us to do, we can set a depends on flag and set that equal to the the internet gateway
that we created. And here, we actually don't need to specify the.id, we want to actually
reference the whole object and not just the ID. All right, guys, we're almost done, we just got one last step. And
that's to create our Ubuntu server. And here, we're going to do resource AWS underscore instance. And then we'll
call this web dash server dash instance, the AMI, so let's grab the AMI from our
console again. If we do launch instance, we'll just search for Ubuntu. And
we'll grab the first ami right here. The instance type, we're going to do
the T to micro again, because it's free. And here, we can also set an availability zone. And I'm going to make sure this is very important
to actually set this to the same one that we used for our subnet. And so if you remember,
we go all the way back to the top. Where is it? Where's our subnet? There we go. Our subnet we
passed in this availability zone, the dash one a. And there's a reason why I hard coded the
availability zone because if you don't hard code it, Amazon will, will pick a random availability
zone to deploy that. And I've had a couple of times where where the subnet would get deployed
in one availability zone, and then my interface would get deployed in another availability
zone. And then I couldn't like combine the two because they're essentially in two different
data centers. So whenever you get an option, make sure you to hard code availability zone, or
then you could lead to issues where it says like, Oh, you know, you can't have your server
in, you know, one availability zone, and then your subnet and another one,
it just creates all sorts of issues. So anytime in the documentation, it gives you an
option to pass it in, go ahead and pass it in. Now, if you remember the key pair that we created,
we need to reference that so that we can actually access our device. And so let me go back to
the key pair, what did I call it main dash key, main dash key. And now we can specify the network interface.
We do network underscore interface. And if you're wondering where I'm getting all of this,
it's all in the documentation. So if I pull up AWS terraform instance, it's going to walk us
through how to do all of this. But what we want to do is we want to scroll down look for network
interface. So there's a network interface section. Within word, it actually it didn't
take me to the right section. Here we go. There's a network interface section.
So we have to define a network interface block. And this is what a block looks like. So you
can actually create another block within our resource to define a few extra parameters. And
so the first thing that we have to do is provide a device index. And all this is doing is that, you
know, for any, any EC two instance that we deploy, we can give it a ton of different interfaces,
right, we don't have to just give it one. So we have to tell it which interface you want it to be
right because you know it's gonna get labeled like Ethernet one, Ethernet to Ethernet, three, and
so on. So we're gonna make sure that this is his first interface. And you can do that by specifying
the device index and setting it to zero. And we want to set that to zero,
because, you know, it's kind of like it's kind of like, you know, like in any
programming language, the first number you start with is a zero instead of one. So
this is going to mean that this is the first network interface associated with this device,
then we have to specify the network interface ID. So we just have to reference this
network interface. So we'll copy that. And now guys, this is where the actual magic
happens here. So what we're going to do is we're going to tell terraform, to on deployment
of this server to actually run a few commands on the server so that we can automatically install
Apache. And the way to do that is to use the user underscore data block. And what we have to
do is we have to pass in, it's gonna look a little goofy. But we just say dash that elf,
and I forget what this stands for. But you just put that in there. And then now we just type in
all of the commands we want to run. So just like with any bash script, we want to start off with
the, with this goofy header that you always need. And then now we just specify all of
the commands that we want to run. So we'll do a sudo apt update, dash y, we'll
do a sudo apt install Apache, two dash y. And then we'll do a sudo
systemctl. Start Apache two. And then finally, this last one's kind
of optional, but what I'm going to do is I'm going to copy some text to the index dot
HTML file that gets served by the web server does that we can confirm that, you know,
all of these commands actually worked. I'm just gonna say we'll say echo. And then we
want to send a string of text. So we'll just say, your very first web server. And we want
to redirect that to slash var, slash www, but HTML slash index dot HTML. And hopefully,
I wrote all of that without a typo. And then, you know, obviously, you guys can run any command
that you want. So you can put in whatever command so you can install, you can install any package,
you know, you can modify and configure files all from here. But once you're done entering in all
your commands, you just do elf. So elf at the top starts all the configs. And then the elf at the
bottom basically tells terraform that we're done. And then lastly, let's give it some tags. will
say name equals, we'll just call this web server. Let's hit save. And now we're
going to do a terraform. Apply. And it looks like I messed something up.
So let's see, depends on what happened here. A static list expression is required. Ah,
okay, I already know my mistake. So when you use the depends on parameter, you
actually have to pass it in as a list. And so the reason we pass in this list
is because we can actually specify multiple things that we need to wait on, before
we actually run the elastic IP. So if we wanted to make sure that you know the VPC got created,
we can specify that as well as the subnet and so on. So you can put in as many criteria
as you want. So that's why we have to pass it in as a list. Let's do a terraform. Apply
again. Hopefully it goes through this time. Looks like it's good. So far. We'll do yes.
And let's just now it's time to start praying. And it looks like we got another error
on line 25. Let's see what happened here. Yep. And I already figured out the mistake,
this should be under the AWS route table. This should not be egress only gateway
ID. This should just be gateway Id like it is up here. And that was just because I
copied and pasted. I forgot to change it. But you know, just to make sure you
guys understand what's happening here. All we're really doing is we're just saying
that our default route for ipv4 and ipv6 is going to go towards the internet gateway
so that we can get out to the internet. Alright, it looks like it's done, guys. So
let's just take a look. Let's just verify in the console that everything is okay. And so
we'll go to let's go to our EC two instance, let's see if it got created. And so we've got one
that's initializing right now. And that's our web server, you got the previous one. Obviously, I
did a dry run before this video, although I still messed up a whole bunch of things. But this is
very easy to instance, I think things look good. Obviously, we can go through each and
everything, you know, make sure our VPC is good, make sure our subnets good, make sure our route
tables good. But that's just a waste of time, because I already know there okay, I instead,
what I want to do is I want to actually show you how we can connect to this device or actually,
let's wait till this is finished initializing. And once it's initialized, let's just navigate
to this IP address and see what happens. So I think it's probably at this
point already running. So let's just go to that. And then we'll just go to
the IP address. So copy the IP address, and your web browser, go to that. And you can see
your very first web browser. So this just confirms that we installed Apache on our server. And we
copy that text to the index that HTML file to get served to all the users. So that just confirms
that everything is working. Okay. However, now what I want to do is I want to show you
guys how to actually connect to that device. Since it has the public IP, we can
actually SSH to it. And the way to do that, it's going to vary depending on what operating
system you're on. So if you're on Windows, I'm going to walk you through that now. And then
in a second, I'll show you guys how to do that in on a Linux or, or a Mac machine. So if you're on
Windows, the first thing that you need to do is download a software called putty. It's a little
annoying that we need to use putty, but just search for putty. And then let's see if I can so
just download it here, like this button. And then you can just download the installer. So
get the 64 bit if you're using 64 bit, or get the 32 bit if you're using the 32 bit. So
after you install it, just go to your search bar, and just search for putty. And you'll see
that there's two applications that actually got installed. There's putty and putty Gen. And
the first thing that we need to do is we actually need to open up putty Gen. And the reason we need
to do this is because this is a PEM file, and I told you guys that, you know, there's the there's
the ppk file or PKK. I forget which one it is I think it's ppk. And then there's the PEM file. So
Linux machines like to use the PEM file. However, Petey likes to use the PKK file or the ppk file,
whatever it is, I can't remember. And so we have to convert this PEM file to the right format to
be able to use it on a Windows machine. So the way to do that is open up the putty Gen application
like I just showed you, and hit this LOAD button. And here, select all files. And
we've got this main dash key dot PEM. So hit open. And it's important this and then
all we need to do is select Save private key. And it's going to give you this warning, go
ahead and ignore it just hit yes. And then give it a name. So I'm just going to call this main
dash key again. And it's going to save it as a ppk file. So I'll have a pen version as well as a
ppk version, that I can use it on either machine. I'll hit save, and I think it should have
created it so we can just double check. And let me go to my downloads folder real quick.
And if I move that over here, you can see that now we have the main dash key ppk file as well as the
PEM file. So now what we need to do is we'll close out of this party, Jen. And we're going to open up
the regular putty device or the party application and keep opening up on the other window, which
is kind of a pain. And now let's go back to our console. And the way to connect to one of these
devices, hit this Connect button right here. And it's going to give you all the information on how
to connect to this device. And so you'll see that the user for this device is Ubuntu. And then you
know, it's going to also give us the IP address, but we can actually confirm the IP address here.
The important thing is we know that we need to login using the user as Ubuntu. So we'll do Ubuntu
and then to specify the IP address you do at and then the IP address. So let's copy this IP
address and paste it in. Now we have to log in using that ppk file. And to tell putty to use that
go into this SSH right here. And I know this text is a little small for you guys. I don't know how
to make this bigger unfortunately. So you're just gonna have to bear with me, hit the off button.
And then there's a section that says private key file for authentic action. So hit browse, and
then just find that main, a dash key ppk file, hit open it open again. And once again
this opened up in another window. And it looks like I'm running into some
issues. So I'm not sure what happened here. Let me close this out. I'm
going to open up my terminal. I should be able to ping 3228 that 248252. Or
maybe not. Well, that's a problem. Oh, wait, no, we didn't allow pings. Let's just make
sure this works again. Okay, so that's good. Now, why is it that we cannot reach this
device? So let's check our security group. Let's view inbound rules. Oh, look at
this, guys, I messed this up. You see, we're allowing port two. And we don't
care about port two, we want Port 22. So let's go back to our terraform file.
Let's see where, where I messed that up. Here we go. This is where I mess
it up. So this should be Port 22. We hit save and then do a terraform apply it
should play this on the fly real quick for us. Alright, that's been done. Let's just double
check here. So we'll go to View inbound rules. Now it says Port 22. And let's open up putty
again and just perform the same exact steps we want to go to Ubuntu at
and then copy this IP address through SSH, go to our authentication,
browse, find our main key ppk file it open. And it should pop up with a
security alert. So just hit yes. And at this point, you should be logged in using
putty. So um, you know we're on a Linux machine, you can run any command you want. But you
know if we want to verify Apache is running, let's just do a system CTL status
Apache two. I spelled that wrong. And so and so it's running. And so
that's how we, you know, connect to one of these boxes on a Windows machine. Let
me show you how to do it on a Mac machine. And let me just copy this PEM file
to to my Mac machine real quick. And so remember, we want the PEM file on
a Mac. And on a Windows we want the ppk. Okay guys to connect to our web server or an EC
two instance from a Mac or Linux machine steps are going to be identical. The first thing that I want
you to do is go to your web browser and just go to AWS and log into your console. Because it actually
kind of walks you through how to do it step by step, it's actually really easy. So if we go to
our EC to section and go to running instances, go to your web server and then tick Connect. And
so these steps are all you have to do. We have to do ch mod 400 and then the name of that PEM file
that we downloaded. And that's just going to set the permissions to the correct values. And then we
have to connect to it. So the way to connect to is you go to your command line, you do SSH dash I and
then the name and location of your PEM file. And then we want to connect to it doing Ubuntu at and
then the IP address. So that's all you have to do. So let's go to our terminal. And let's find that
PEM file, but I saved it in my downloads folder. And so I've got that main dash key dash Pam. So
we'll do a CH mod 400 main dash key dash Pam. And now to actually connect to the server, we
do SSH dash I and then the name of the file. So main dash key dash Pam. And then now we
do Ubuntu at and then we need to get the IP address. So let's go back here. Let's copy the
IP address. And then paste it in. And then we hit Enter. And we should get this same warning that
we got on the Windows machine. So we'll hit yes. And there you go. You're now connected to
the device and you can run any commands. So that's all I wanted to show you guys in
this video. Hopefully you learned a lot. You know, I showed you guys how to create a lot
of different resources. These are all things that you're going to need to know how to do. And
hopefully at this point, you guys should feel relatively comfortable with navigating
around terraform and creating and deleting resources. Definitely go ahead and you
know, once you're done with this project, do a terraform destroy because we did deploy a
lot of things and I don't want you guys to get any kind of unexpected bills, even though we
are in the free tier. So just do a terraform destroy and then we can just do a dash dash
auto proof but you know what happened here? terraform and oh, not the story. But
you know we still have a lot of things to cover when it comes to terraform you know
You know, I get a chance to cover variables, or, or modules or things like that. So there's
still a lot to cover with terraform. I think that's going to wrap it up probably for this
video, make some follow up videos. If there's any topics you guys want me to cover, let me know, and
I'm happy to do it. You know, terraform has been something that I really enjoy working with. So
if you guys want me to do more terraform videos, also, let me know. And I'll be happy to do
any videos or any topics that you guys want. In this video, I'm going to go over a few extra
terraform commands that I think are helpful. And if you've already destroyed the
project that we created in the last video, go ahead and deploy it again, or at least just
deploy a few resources, we need a few resources deployed so that we can actually take a look at
the output. And so I've already done that. So I've already, you know, run this terraform
config. And so we have several different resources deployed. And the first command that I
want to show you guys is terraform. State list. And by the way, guys, if you don't know
what commands to run, I always just start off with terraform, hit Enter, and you'll see
that the command line will kind of help you, you know, with the different commands that are
available. So these are all the options that we have. And so right now, I want to focus on the
state sub command. So where is this, I think it's terraform, is down here. So the terraform
state sub command, so if we do terraform, state, and then hit enter, you can see all
of the commands that we have at our disposal. So we've got left, this is the main one that I'm
concerned concerned with. So if we do a terraform, state list, this is going to list out all
of the resources that we have state for. So any resource that I've created in
my topology, you know, we're going to have an entry in this output. And so you can
see, we have the elastic IP that I created. We've got the web server that I created, as well
as the internet gateway, the network interface, the route table, the route table Association, the
security group, the subnet and the VPC. And if you actually want to see detail, regarding any one
of these resources, you can do a terraform. State show and then just copy one of the one of these
items. So if I want to see detailed output for the elastic IP, I can copy that and paste it
in. Oops, it looks like I didn't copy it hold on terraform state list. And it's got Copy that.
And sorry, we need terraform state show. Alright, and so you can see it's going to give us
a detailed output regarding that state incident include a lot of information that would normally
only be stored in the AWS console, so we can see the IP address, we can see the association ID,
we can actually see the actual ID of the resource that gets created in AWS. And then we can see the
ID of the instance this elastic IP is assigned to as well as the network interface. And we can even
see the public IP. And this is super helpful, because there's gonna be a lot of times
when you deploy something, and you want to know what the IP address is, especially the
public IP. And normally, you'd have to do it through the AWS console. But you know, we have
this command so that we can just verify it from the command line really quickly without having
to log in. And we could do this with, you know, really any one of the resources that we've
deployed. So if we want to see more detail regarding the web server that we deployed, we
can copy this and just take a look at that and just do a terraform state show. And you can
see all the information that we have regarding that server that we deployed. So we can see the
ID, we can see, you know, the AMI that was used, what availability zone it was deployed
on, we can see its public IP here as well. And, you know, a couple of other details that
would once again normally only be available in the AWS console. So you know, those are the
two commands, keep those in mind. So remember terraform state list, and then terraform state
show those are going to be the two big ones. In the last video, I showed you guys how to
verify the state information for resources that we've deployed using the terraform state show
command and the terraform state list command. And those will allow you to see information like
the resource ID, it'll allow us to see information about you know, like, what's the public and
private IP of EC two instance. So we can see a lot of detail about these resources that we've
deployed ourselves. And it's super helpful, super handy. But I want to show you another thing that
we can do to actually see that information, right, because, you know, after you deploy something,
you know, we can always do a terraform state list and then whoops terraform state list. And
so if we wanted to extract the public IP of the elastic IP that we created, you know,
we can always do a terraform state show And then just copy that. And you can see
here that we can actually see the public IP under the public IP property of this resource
that we created. But there's going to be times where, you know, it's kind of a little
inconvenient to have to always do a terraform state list. And then terraform state show for
all of the details that we want, you know, what if we could get terraform to automatically print
that out when we run a terraform apply? And Well, guys, there is a way to do that. And that's by
using the terraform output command. So you know, any one of these properties that we can see, by
doing a terraform state show on any one of these resources, we can tell terraform to automatically
print those out when the resources are created. And we can do that using the terraform output
command, I'm going to show you just how simple it is. So as I said, before, you know, one of
the main use cases is extracting the public IP, that's going to get assigned to an elastic
IP or a EC two instance that gets created. So we can just do a terraform terraform, we
can do the output. And then we have to define an output for this. So I'm just going to call
this my server underscore public underscore IP. And then here, we just assign it a value. So
we get the value from from this right here. From this terraform state show, so to get
the value, what we have to do is we have to pass in the name of our resource, which is AWS,
underscore E, IP, underscore or dot one. And then we want to grab the public IP property, okay. So
we can go down here and we just say value equals AWS underscore IP, dot one dot public,
underscore, IP. Okay, and so that will get this property and it'll print it out into
the console, when we run terraform. Apply, follow me save this. And we'll do a terraform
apply, and then dash dash auto approve. And let's just wait for that to run. And I
want you to notice what happens at the end. Alright, look at that. So the output that we
created, it's going to print out our server public IP, so that we don't have to go into
the terraform. State and verify it ourselves. And so this can come in handy, because,
you know, we can print out all the details that we are concerned with, without having to
actually go in and check the states ourselves. And we could obviously, you know, grab any
other property. So as an example, let's say, let's see what other properties we can grab
that I think would be cool. Let's do a terraform state list, and then terraform state show, and
then let's check our, our web server instance. So let's say we want to grab the private IP of our server, as well
as the AMI that's being used, or no, I think the ID would be cool because we were hard
coding the AMI. So who really cares about that we already know what it is. And so we can just define
another terraform output, so we'll do output, then we have to give it a name. So just give
it any name you want, I'm just gonna say, server. We'll call this server, private IP.
I'm going to do value. And then remember, we have to set this equal to our
resource. So we'll copy our resource name. And remember, we need to get our property name. So
this is going to be called private underscore IP. And I can't remember if we can put two values
in here, but let's just give that a shot. So let's see if I just copy
this. And let's print out the ID. And let's try to terraform apply again. Yep, so it
looks like we can only set at once. So we'll have to create another output. And we'll call this
server ID. I'm just gonna move this down here. Alright, so now when we do a terraform,
apply, we should see three different output. There you guys, there you go, guys. So you
can see the three different outputs that we've defined. We've got the server ID, we've got
the private IP, as well as the public IP. And, you know, you can always verify the
app Puts by doing a terraform output, and it's going to print out all the outputs for
us. However, if you decide to add another output, you know, into your config, but you don't want
to do a terraform apply, because technically terraform apply could potentially make changes
to your network. And if you're in a production network, you don't want to accidentally deploy or
delete something, just to see what the output is. So, you know, if you're in that situation,
you can always do a terraform refresh. And this should, you know, just refresh all of
your state. And it'll run the outputs again, so that you can verify them without actually, you
know, deploying anything or doing an actual apply. With the decorative nature of terraform. It's kind
of an all or nothing situation when you want to deploy your terraform config, or destroy it. So
you can either spin up everything that's been configured in your terraform file or destroy all
of it. However, terraform does understand that, you know, there's going to be instances where
you want to just delete an individual resource. Or if you're just trying to roll out with
a deployment to do staged deployments, where only certain resources are to play are
deployed one day. And then the next day, another set of resources that are deployed. And so we can
target individual resources within our configs to either apply or destroy them by passing in the
dash target flag. And so I've got a whole bunch of resources deployed. And let's say that I just
want to delete this web server right here, well, we can do a terraform, destroy, and then we can
pass the dash target flag, and then I'm just going to provide the name of the resource. So we'll do
AWS underscore instance, dot web dash server dash instance. And so this should leave everything
else in my configs untouched. So all of these, you know, the route tables, the subnets, all of
that should remain untouched. And terraform should just delete this one easy to instance, let's
give that a shot. And let's see what happens. All right. And so if we go up here,
just to see what's going to change, you can see that we're going to
be destroying just one resource, and that's that web server that we
targeted. And so you can see here, only one resource is going to get destroyed. If I
hit yes, it should then delete just that server. Alright, so it successfully destroyed just that
one resource. And if we want to do the exact opposite thing, and deploy just this one resource,
we can use the dash target flag once again, to accomplish that terraform apply dash target
and the name of the resource that we want to deploy. So in this case, we're just deploying
just that web server that we just deleted. And I'm going to move the apply to here. Alright, and if we take a look at the
summary of the changes that'll take place, we can see that it's going to add one
resource, which is exactly what we want. We'll hit yes. And let's just double
check that everything works. Okay. And there you have it, guys, we've deployed just
one individual resource from our terraform config. So this was just a short video, I just wanted to
make sure that you guys understood how to target an individual resource or individual resources
if you want to deploy just a couple. So that just hopefully gives you a little bit more flexibility
on maintaining your infrastructure using terraform. Now, just like any other programming
language, terraform does allow us to make use of variable so that we can reuse values throughout
our code without having to repeat ourselves. And right now, inside this example configuration
file, I've got just a VPC being defined. So we're going to create a VPC. And then we're going to
create a subnet within that VPC. So I'm nothing new up to this point. You guys should already be
familiar with how to do this. But what I want to do is I want to take this cider block definition
for subnet one, and store this value right here, the 10.0 dot 1.0, slash 24. subnet in a
variable. And to define a variable in terraform, it's very easy, all you have to do is just
type in variable, and then the name of the variable so we can give it any other name. So I'm
just gonna call this subnet underscore prefix. Okay, and within this variable definition,
we can pass in three arguments or three parameters. And all three of them are completely
optional, so we can technically leave this empty, but the three options are, we can give it a
description. We can also give it a default value, as well as a type okay? So, once again, all
three of these are optional. But a description is exactly what it sounds you can like, you can
just give it a description. So we'll say this is going to represent the
cider block for the subnet, the default value, so the default value
is just going to be what terraform is going to give this variable if we don't
actually pass in a value for this variable. So I'm going to leave this blank for now
and just comment that out, we don't need it. And then the type so we can actually perform
type constraints on variables so that when a user enters in a value, we can make sure
that they enter in the proper type for this variable. So if we're expecting a string,
you know, we can say type equals string. And there's a couple of different types
that terraform supports. So you know, it supports strings, it supports
numbers, Booleans, lists, maps, sets, objects, tuples. And if you're not sure what
type you're going to use that. And if you're not really sure what type needs to be passed
in, you can always just pass in the any argument to say that we support any type. But you know, we
can just leave this blank for now. And we'll come back to using type constraints. So for now, all
we're going to do is just provide a description. And I'm going to hit save. And let's see what
happens when we actually run our code. Now. Well, actually, one more thing, we actually have
to, you know, use that variable someplace, right. So to actually reference a variable in
our code is very simple. So I'm going to delete this subnet right here. And to reference a
variable, we just type in var, and then dot and then the name of the variable. So that's going
to be subnet underscore prefix. Alright, and so you can see that nowhere in our code so far have
we actually defined the value of subnet prefix, we just provided a description. So if we do a
terraform, apply, let's see what happens. And look at that. So any variable that isn't assigned
a value terraform will actually prompt the user to enter in a value for that. So I'm going to give
this a value of 10.0 dot 1.0, slash 24. And so this value that I'm passing in is going to get
assigned to subnet prefix. And so once the AWS subnet resource runs, it's going to pull that
value and store it for the cider block. So let's hit enter. Let's wait for that to run. Okay, so
the resource has been added. Let's take a look at the AWS console just to see if that actually
works. So I'm going to go to this prod subnet. And so you can see here that it got passed
in a 10.0 dot 1.0 slash 24. prefix. And so that just confirms that our variable is
working. Now, it's kind of a pain to have to get prompted for what the value of a variable
should be. So there's other ways of passing in values or assigning values to a variable. And
one of those is through a command line argument. And so what we can do is I can do a terraform.
Well, first, let's do a terraform destroy. So we can delete those resources. And it looks
like I spelled something wrong. Yep, ROI. And you'll see that when it needs to get destroyed,
it's going to ask you for a value for that. That variable that we defined, but for destroying,
it doesn't actually matter. So you can just technically just leave it blank, and it
should be able to destroy things just fine. We only really care about passing in the
proper value when we're doing an apply. Alright, so we've destroyed the resources.
Now let me show you guys how to assign a value to a variable through a command line argument.
So if we're going to do a terraform apply, we can also do a dash of var. And then set a value
for a variable. So we're going to reference this subnet underscore prefix variable. So we'll do
subnet underscore prefix. And then we can set it to whatever value we want. So I'm going to do
the 10.0 dot, let's do 100.0 slash 24. Hit Yes. And now let's double check in the console to
make sure that this new value got assigned. And so you can see here, we've now got our
10.0 dot 100.0. So the variable assignment that got assigned on the command line argument
worked. Now this is cool and all but you know, in reality, I don't think we're going to use
either one of these methods to assign variables. Very often, the best way to do it is actually
creating a separate file to assign variables and terraform automatically looks for a
file called terraform.tf rs for variable assignments. So we can just create that
file now and we'll do terraform.tf bars And here we can define a value for
that variable. So I'm going to go back, what was it called? subnet prefix. And so
what do subnet underscore prefix equals, and then let's give it the value that we
want. So we'll do 10.0 dot 200.0, just to show that something has changed. And so I'm going
to do an apply without passing in an argument. It looks like it's still looking for,
it's still asking for assignment. So let me cancel that I messed something
up, I forgot to hit save, probably, yep. Let's just wait for that to finish up, I cancelled
out it. So hit save all. And so now because we've actually defined this variable here, it should
not prompt us for for a value for that variable. Okay, so let's hit refresh. And let's take a
look at the value. And so now it's set to the 10.0 dot zero slash 24. So those are really the
three different methods for assigning variables. Technically, we can also use environment variables
from your operating system, I'm going to hold off on using that as an example or giving you an
example of how to do that, because that's going to come into play when we worry about how we're
going to store our credentials for terraform, instead of just hard coding it into our terraform
file. So in that scenario, it's really good to use environment variable. So I'm going to
hold off on doing a demo of that for now. Now, the next thing I want to cover is, well,
first of all, let's say that we didn't want to use a file called terraform. That TFR let's
say we wanted to call it something else. Or let's say we had multiple files for multiple
variables, which is very common, especially when your terraform config start to grow. You know, you
don't want to store everything in just one file. Well, we can tell terraform to actually look
for a specific file name. So if I rename this, actually, before I do that, enter your terraform
destroy. And so now I'm going to rename this. I'm going to rename this to let's
just say, for example, that TFR, okay. And now for terraform, to actually look for that
file, we have to explicitly tell it to look for that file. And we can do that by passing in a
simple flag. So I'm going to do terraform apply. And we can pass in the flag dash var dash file. And then we give it the name of
the file. So we'll do example.tf bars. And so you can see that we didn't get prompted to,
you know, enter value for that variable, because terraform was able to look at this example dot
tfrs file and find this value. Now in the earlier parts of this video, I did mention that one of
the options to pass into a variable assignment is a default value. And so this default value can be
used if the user doesn't input a specific value. And we can do an example of that just by
deleting this right here, we'll save that file, and let's just assign a default value. So we'll
say default equals 10.0 dot 66.0, slash 24. So if the user doesn't input a variable assignment, then
terraform will automatically assign this variable this value. So once we save that,
we can then do a terraform apply. There you go. So even without having a value
assigned to that variable, you can see that it's still ran. And if we go to the to AWS console,
take a look at that, you can see I have assigned a value of 10 dots here, that's six dots zero.
So this is a way to apply a default value for a variable. I'm going to remove this for now just so
I can do a few more demonstrations using variables within terraform. I'm also going to rename this so
I don't have to keep passing in a input argument. Now I'm going to show you guys how to actually
perform a type constraint on a variable. So in this case, the subnet or the cider block needs
to be a string that holds the value of our subnet. And so we don't want to receive a variable of any
other type other than a string. And so what we can do is we can say, type equals string and so Now,
if I go to my terraform, read tfrs and do a subnet underscore prefix equals, and instead of a,
you know, assigning, you know 10 dot, you know, zero to zero slash 24, or something as a
string, let's say I tried to put in a list, try to assign this value. Alright, let's see
what happens. Now, when we try to run that. Oops, it looks like string is not a valid type specification. So it must
be a lower s, lowercase s. c, and so now it throws an error saying the given
value is not a valid is not valid for a variable subnet prefix. Because it, it checks to see if
it's a string, and it sees that it's not a string, so it throws an error. So this is just a
another way to make sure that you know, especially when you're working on large code
bases, and you're sharing the, your code with, you know, colleagues, this will just make
sure that your colleagues don't accidentally, you know, input a wrong variable type into
a variable and then, you know, potentially see an error when they run the config. So it's
just a another sanity check that you can do. Now, while this is set to a list, I want to show
you guys how to actually use a list as a variable. And so what I'm going to do is, I'm going to, I've removed that type constraint, and
I'm going to create a second subnet. And I'm just going to call this, we'll just call
this a dev subnet. And we'll call this subnet two. And here, we're going to specify the cider
block for both of those subnets. So I'll do 10.0 dot 1.0. And then for the second one, we
can pass in a value of 10.0 dot 2.0, slash 24. We've got a list. And now to reference the
list, all we have to do is just change this up a bit. So this is going to be the first object
in that list. So when you're working with lists, the first object can be referenced with a
zero, and the second one will be referenced with a value of one and so on. So it's
just like any other programming language. That to one, and let's give
this a shot and see if it works. So now we've got our two different subnets, the
prod subnet should be a 10.0 dot 1.0. And the dev subnet should be a 10.0 dot 2.0. All
right. And there's one more thing I want to show you guys with variables. And I want to
show you how to use objects within variables. So right now we just have a list of strings.
But we can also have a list of objects too. And so what I'm going to do is I'm going to change up
the way I assign the tag. So instead of assigning, you know, the tag or hard coding it, what I want
to do is I want to have a variable, that's going to look like this where we're going to have an
object and we'll have two properties, we'll have the cider block. And then we'll also have a name
property. And so that way the cider block will get assigned to the cider block and the name will get
assigned it to the name. And so we'll remove that, we'll go back to our terraform tfrs file.
And let's see how we can actually do that. Here we'll create an object and we'll
assign it a cider underscore block should equal that's going to be the
10.0 dot 1.0 slash 24. And then the neck and then we have to specify
a name. So we'll give it a name. And this is going to be prod underscore subnet.
And then that's going to be for subnet one. And then for subnet two, we'll do the same thing
to assign a property of cider underscore block, and we'll set that equal to 10.0 dot 2.0
slash 24. And then the second property is going to be the name. And that's going
to be set to dev underscore subnet. So we're going to have to
update a few things here. And so under the cider block, we want
to grab the cider block property. And after the name, we're going to have to
reference that variable. And we'll do a VAR dot subnet prefix want to grab the first item
and we'll do dot name And we'll copy this and just paste it down here, just make sure
to update it. So it's the second object. And there you have it, guys, we were able to
now use a variable, which is a list of objects to assign values within our terraform
configuration file. So there's a lot of flexibility with variables, you definitely
want to make use of them for as much as possible so that you're not retyping the same
thing over and over, across large configs. So just keep in mind, I it was
a little confusing at first, for me, especially because we have to, you
know, define the variable but we don't assign it here, we have to assign it in the TF
bars file. So just keep that in mind. And the TF files you define a variable and
then TF bars, you actually assign it a value
