Terraform Crash Course: Cloud/AWS Automation 2.5hrs!!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
what's going on guys so I decided to make a quick crash course on terraform and if you don't know what terraform is it's another one of those infrastructure as code tools and so it's really great for modeling your cloud infrastructure through code and so for anyone that actually wants to get more familiarized with terraform or learn another automation tool especially with regards to the cloud you know this crash course is gonna be really helpful for you guys and I'm gonna make sure to start from the absolute beginning so I'm gonna walk you through how to set up an AWS account I'm gonna walk you through how to setup and install terraform and that's gonna be across all operating systems so I'll show you guys how to install it on a Mac on a Windows and a Linux machine I'll even show you how to set up a text editor like vs code which I highly recommend by the way and then you know we'll get started learning the core concepts of terraform and what it has to offer I'll show you guys how to create resources on AWS within terraform I will take a look at how to modify them how to delete them I'll go over how terraform state works and we'll take a look at how we can kind of reference other resources within our code and I even have a like a mini project where we'll get to deploy a web server onto AWS and you know it sounds simple but there's a lot of things that actually have to happen with from a terraform perspective to get all of that to work so I think that'll be a great learning tool and I think after this course or by the time you finish it you guys would have a solid understanding of terraform and at that point you guys can just kind of take it from there and then focus on specific topics that you want and you know I plan to do a lot of a lot more terraform videos so if you guys have a specific topic you want me to cover let me know and I'll be happy to record a video and you know upload it to YouTube but hopefully you guys enjoy this course and you know if you guys have any questions I just leave them in the comments and I'll try my best to answer them to set up an account with AWS just navigate to aws.amazon.com and here we can actually create an account and create a root user so we want to click on this button right here that says create an AWS account and it's going to ask for some basic information like an email address and a password so just fill that in and then you last that I have to provide in a count name so I'm just gonna call this sloppy networks and go ahead and select your account you're probably just gonna select personal if you're just making an account for yourself but you work for an enterprise you may want to select personal professional and it's gonna ask for some basic information like your phone number your country your address and you will need to provide all of this information and to actually create an AWS account you will actually have to provide your a credit or debit card information you know throughout all of these videos that I make we're gonna stay within the free tier so you shouldn't be charged anything as long as you shut down all of your resources when you're done and if you do end up getting charged it'll be at most just a couple of cents but you know AWS does require it so you will need to have a credit card to kind of follow along with everything that I'm doing you and once you finished adding in your credit card for me they will ask you to verify your phone number so it'll send you a voice a voicemail or a text message depending on what you select so just wait for that text message to come in and you can just pass in whatever code they sent you you and we want to make sure that we select the free plan so we're not charged okay and at that point we should have an account set you will receive an email address probably just asking for you to actually confirm that you created that account so we'll just go to your my email just like this and then there should be nope it doesn't look like we need to actually confirm anything so it looks like we're done at this point we can just select this button right here and just go and sign into the console and so we're gonna sign in as the root user at this point because that's all that's been created and so we'll just specify the email address that we sign in with and we're gonna have to pass in the same password alright guys so there you go we've created in AWS account so at this point you should have access to all of the resources within AWS you are logged in as a root user so if you want to create other users you can do that at that point but most of my videos I usually just log in as the root user just for simplicity sake form on a Windows machine there's a couple of steps that we have to perform and the first step is to download the terraform executable file and so to do that all we have to do is just do a quick google search for terraform and we're gonna select that first link it's most likely gonna be the first link but if you want to navigate directly to their website you can just go to WWE reform bio and then just like this downloads button right here and here we can see all of the different operating systems that terraform can run on but we're installing Windows we're gonna focus on that so we want to select the 64-bit machine because that's what my machine is however if you're using 32-bit select 32-bit and this will download a zip folder and so once that's complete you know just right-click and go into show and folder so just navigate to your downloads folder or wherever you store your downloads and this is a zip file a folder so we want to extract it so I'll just right click hit extract all and it's gonna pick a location so this is the default location I usually just leave that be and so we'll hit extract it'll pop up in a new window we can just close that out but you'll see that right next to that zip folder is the new folder that we extracted and so I'm gonna go into there and you'll see that we just have one file in here and that's just a single executable file that terraform needs to run and so what we're gonna do is we're gonna copy this file and we're going to create a new terraform directory where we're gonna store this executable file now where do you create this terraform directory does not matter you can pick whatever location you feel most comfortable with if you want to put in My Documents that's fine if you want to leave it in downloads that's fine the only thing that matters is you remember the exact location of where you're keeping this file so what I'm gonna do is I'm gonna go to my PC and I'm gonna go into my C Drive now I'm just gonna make a new folder here because that's where I want to keep it just gonna call this directory terraform doesn't really matter what you call it and I'm just gonna paste in that executable file okay and like I said before you know the location doesn't matter the only thing that matters does you remember this exact path to this file and so to actually get this exact path go up to this search bar right here well actually this is the search bar whatever this is and just click and you'll see that it'll turn it into the exact it'll transform it to the exact path so I'm just going to I like that copy it okay and now what we want to do is we want to set an environment variable that points to this path so I'm just going to go to whoops not command I want to go to env so just search for those letters and there'll be a button that says edit the system environment variables and then we want to select this button down here this is environment variables okay and we want to focus on system variables so we'll hit edit whoops we actually want to select our specific environment variable and the one we wanted to modify is path okay so we'll hit edit and so you'll see all of our environment variables for the path variable and what I'm gonna do is hit new and I'm just going to paste in what I copied to that path to that folder hit OK and okay and then hit OK we're done okay and so if you have any terminal windows open make sure you close it after you make that change if you didn't have one open then don't worry about that and so now what we want to do is we want to type in CMD we want to open up the command prompt and I did not mean for that to be that big and I'm just going to type in terraform dash V okay and if you see this output that means I basically this command is just going to tell you what version of terraform you have installed so right now I have version 12 26 you may see a different version if you download this in the future the only thing that matters is that we see this output so if you see anything else that means there was an issue with your installation of terraform I Remick I recommend you just repeat the steps that I covered in this video there really shouldn't be any issues that you run into just make sure that once you're done that you see this output and that means you can now start running terraform on a Windows machine now there's a couple of different ways to install terraform on a mac machine however my favorite way is through using a tool called homebrew and if you aren't familiar with what homebrew is it's a package management tool for Mac OS so it can be used to install all sorts of different package it's not just terraform on your Mac so I highly recommend that you you know whether you choose to use this method or not eventually install homebrew it'll make your life a whole lot easier and so to actually install homebrew let's just do a google search for it and it should be the first link so brew dot sh is the link that you want to go to and it's just going to give you this command right here to copy so copy this command and we need to go to our terminal now so I'm gonna go into finder I'm gonna go into my applications and then just look for terminal so I'm just going to do a quick search for that okay and so this is what we want right here if you aren't familiar with the terminal okay and so once the terminal is open just copy and paste that line that you copied hit enter and so this will automatically install homebrew for us you will have to provide your password and then it'll just let you know that you need to hit return to continue such as hit return and this is going to take a little bit of time so I'll pause this video for now and touch base with you guys once that's done all right now they're brew or homebrew is installed we can actually use homebrew to install Tara 4 and with homebrew we'll have access to a whole bunch of new commands mainly the brew install command so anytime you want to install a package using homebrew all you do is type in brew and then install and then the name of the package that you want to install so we want to install a pair of form so we can just do brew install terraform hit enter and it's going to download the terraform package for us and handle everything that we need all right now that the terraform installations complete there's one last thing we need to do and that's verify that the installation went okay without any issues and to do that all we have to do is just type in one command and that's going to be terraformed - V okay and it should if the installation went okay just print out whatever version that was installed and so you can see that I am running version 12.20 six however if you're watching this video in future you'll probably see a different version most likely a higher version number but the only thing that matters is that you see the version getting printed out if you see anything else if you see an error that means that the installation did not go as as planned and so you'll probably have to redo the steps that I covered in this video but you know I don't think you should be running into any issues it's a fairly straightforward process homebrew will set up everything for you so you shouldn't run into any issues to set up terraform on a linux machine the first thing that we have to do is download the terraform package so we can just go do WW terraform yo and on the terraform home page we just want to navigate to that downloads button right here so we'll select that and on this page just select the operating system that you're using so we're using a 64-bit Linux machine if you're using 32-bit and make sure you select 32-bit you're using FreeBSD then you know just select the appropriate package I'm gonna select the 64-bit I want to make sure I save the file and then hit OK so at this point it should be downloaded so I can just you know select this right here it's gonna take us to where we download it and it's a zip file so we will have to extract it and there's two different ways of extracting it and I'll show you how to do it through the GUI and I'll show you how to do it through the command-line depending on whichever method you prefer so I want to extract the zip file that we just downloaded so I can just select that and then hit extract and then we'll hit extract again and then they'll say extractions completed and then we can select show the files and it's gonna show us in our downloads directory the original zip file as well as the unzipped terraform file so this is the file that we really care about however I want to show you guys how to do this through the command line because I think that's an important skill to have so I'm just going to move to trash ok and I'll show you how to do it through the command line so we'll just go to our applications and search for terminal and we want to navigate to where that zip folder is and so I've set up my machine to download all files to the Downloads directory that's usually the default location and so we'll do CD downloads and if I do an LS we should see the zip file and I can just do unzip and then the name of the file however if you don't actually have the unzip utility then you'll have to do a sudo you know app install unzip first so that you can get access to that utility and then once you have access to that utility you can just do an unzip and then terraform okay and you'll see that if you were following along on the the GUI you'll see that it did create the file for us and we can verify with an LS so we've got the original as sorry we get the original zip folder as well as the terraform executable file now we're almost done however there's um there's one thing that we have to do is we want to move this to a location that'll allow us to run the terraform command of regardless of what directory we're in because right now we can only run it when we're in this exact directory and it's kind of a pain to always have to move to our directory to be able to run terraform commands so what I want to do is or what I want you guys to do is type in the command MV so this is gonna move a file to a specific location and then we want to move the terraform file and we want to move it to slash user slash local slash bin okay and it's going to throw an error that says permissions denied so if you see that error just run the same command except put in the word pseudo beforehand so this is going to give us route privilege and you need route privilege to move any folder into this specific directory so hit enter it's going to ask for our password okay and so it looks like it's completed so we'll just move to that directory and just verify that it did actually move it there okay so it's in the user slash local slash bin directory now I want you to move back to your home directory so you can do a CD and then tilde that's gonna take us to our home directory or just move to any directory if you want to move to the root directory you just move out of that folder and now what I want you to do is type in the command terraform - uh v okay and if you see this output it should print out the version of terraform that we downloaded so I'm using version 12.20 6 however if you're watching this video in the future you're probably gonna see a different version that's perfectly okay the only thing that I want to ensure is that you see some version get printed out that means terraform is installed and everything is working properly however if it spits out any other message okay if it shows you anything else like you know Tara forms out of command or anything like that that means there was an issue with your installation and I recommend you just you know repeat all the steps that I performed and and hopefully that fixes any issues that you may run into um but at this point you're good to go you can start using Tara form and so you know in the next videos we'll get started on you know actually playing around with there okay so there's one last step to setting up terraform and this is technically an optional step but I highly recommend it and so what we're gonna do is we're going to install a very powerful text editor now you can use any text editor of your choice it's not going to make it difference so if you prefer something like sublime feel free to use that however I'm going to be using one that's called Visual Studio code I and so this is a free text editor that's provided by Microsoft it's supported across all operating systems and that includes Windows Mac Linux and it really is one of the best text editors out there there's a lot of people that use it and I highly recommend you guys use this if you want to follow along with my videos because I'm gonna provide a lot of tips within vs code that'll help make your life a little bit easier when you're trying to work with terraform so if you want to follow along and get v/s code as well just go to code version studio comm and the website should automatically detect what operating system you're on and so you should just be able to hit this button so you can see here it detected I'm using Windows but if you're on a Mac it should say you know download for Mac so just download that and you know moving forward that's what I'm gonna be using but you know once again if you want to use something else feel free to do that but anyways once you've got v/s code installed I do recommend that you install an extension so if you aren't familiar with the extensions extensions within vs code just give you some extra functionality so to actually see your extensions you know once you open up vs code it looks like I already had it open but you want to navigate to this button right here so this is gonna manage all of your extensions and just search for terraform okay so once you search for terraform the first one should be the one that you want but just to double check make sure it's the one by Hashi Corp who's the company that makes terraform and just do an install and so this extensions gonna provide us a lot of features that make our life easier so you can take a look at them but obviously auto-completion is great syntax highlighting Auto formatting you know all of these are gonna make your life a lot easier when you're writing terraform code but you know once you had that done at this point vs code setup that's all you really need to do it's just gonna behave like any other text editor so you can create and delete and modify files within here so it's kind of like an IDE but we're gonna use it for a terraform now that we've got terraform installed in our environment for the most part set up the last thing I want to do is just create a directory that we can store all of our code in and so within My Documents I've created a folder called a terraform project and then within this folder I've created a folder called project one so this is going to be where we're gonna store our code for our first project and so you know feel free to make it directory whatever you want if you want to keep it in downloads if you want to keep it on your desktop I just pick a location I and once you have that location set to actually open a folder in vs code we can just open up vs code go to file go to open folder and then navigate to wherever that folder is select it and then we can open it up alright and so at this point it's gonna give us a welcome page which we don't care about so just close it out and you'll see that we've opened a project one within our root directory and there's no files or folders within there now terraform is written in a language called hash e Corp configuration language in a file that has a dot TF extension so all of our terraform code is going to be stored in a file with a dot TF extension so we're gonna do is we're just gonna do new file if you right-click here and just do a new file I'm just gonna call this main TF and the dad TF just signifies that this is a terraform file and you'll see a couple of pop ups if you install the extension just ignore those for now but keep in mind that you don't actually have to call this main you can call this you know file one you can call it first project TF just make sure it has a dot TF extension now in this file the first thing that you have to do is define a provider and in terraform we have this concept of riders which basically just allow us or it's a plugin that allows us to talk to a specific set of api's and if you go to their documentation page so if you just go to terraform io / doc slash providers / index at the HTML it's going to show a list of all of the providers that terraform supports so if we download you know let's say the AWS provider right where is aw set provider that's going to make sure that terraform downloads all of the necessary code to talk to the AWS api so that we can actually create resources within our AWS environment but you can see that you know terraform even though it's really synonymous with you know cloud automation you can see that it's got a ton of providers outside of the cloud space it obviously does support you know all the major cloud providers as well as some of the smaller cloud providers but it also supports kubernetes it supports vmware it supports you know like digitalocean dns so it's got a lot of support for a lot of different platforms just keep in mind though anytime you want to in work with any of these platforms in terraform you will have to install the necessary plugins so that we can talk to those providers and you might be wondering well you know we downloaded terraform you know shouldn't that come with all the code to talk to all these guys well think about this guys you know for the most part are you guys going to be working with all of these providers no each customer or each user is going to have a predefined set of providers that they're going to work with and there's no point in terraform shipping out all of the code for all of these providers in the installation package so instead on a per user basis or per project basis terraform will figure out which plugins need to be installed based off of the provider configuration in your terraform file and so we want to use the AWS provider because that's what we're gonna be working with so let's just click this and it's going to give us an example on how to actually set that up and so you can see that this is the configuration for a provider and hopefully this is big enough for you guys um I'll just do a control let me see if I can make this a little bigger we'll zoom in hundred and ten percent I think that should be good enough for you guys but yeah this is all we really need so we can just copy this actually the version is optional so we can just leave that out I'll just do copy and I'll just paste that in here and I'm just going to delete the version and now we're hard-coding the region to be us east one and you know before I do that I kind of want to explain exactly you know what our regions if you're new to AWS basically a region is just a location where Amazon or AWS is a data center and so there's a whole bunch of different regions and we can actually take a look at all the different regions that amazon has if we just search for AWS and log into our console and so let's say my account we want to go to AWS management console to log back in and I'm gonna be logging in as my root user so we'll do okay so this is our management console and if you just select this button right here so right now mine says Northern Virginia but yours may say something else you can see all of the different regions or data centers that the that AWS has and so it's going to default and use whichever data center is geographically closest to you so I'm on the East Coast in the US so it defaults to using the Northern Virginia data center or what's referred to as US East one however if you're in like California it's gonna default to probably us west one and so what I would recommend that you guys do is that following along with me I would recommend that you just use US East one like I am it's going to it's going to help prevent any weird issues with like a Mis because for some reason like if you want to deploy in a bun - am i in one region like us east one and one region in like US west one they'll have different names or IDs I don't know why AWS decided to do that but it can lead to issues because if you're copying my code the ami instances might be called something else so just set it to u.s. East one and in AWS or sorry in terraform set it to u.s. East one and so that way you know my resources as well as your resources will get deployed in the same exact region and we should hopefully avoid running into any weird issues all right and so now that we've got the provider set up if we go back to the code it's going to keep walking us through how to set things up and so the next thing that we have to do is set up authentication now authentication can be a bit tricky with terraform and what I'm gonna do is I'm gonna start off doing it the wrong way I we're gonna just hard code our static credentials into our terraform file which is not recommended because obviously if you're restoring your actual access Keys within this terraform file if you decide to eventually publish your code onto you know github or something like that well then now all of your your your credentials are being stored in github and so that can be a security vulnerability however I want to start off doing it like that because one I want to show you guys how to do it every possible way but also just to keep things simple for now I promise we'll have some sections later on that covers how to do this in a more secure manner but let's start off just by you know do the bare minimum so that we can focus on learning terraform before we start working worrying about security or anything like that and so basically all we have to do is get our access key and our speaker key and pass it into the provider a config and so to do that let's go back to our AWS management console and you want to just select your profile name and then just go to my security credentials and then here you want to select this access key tab and you want to select create new access key okay and if you do show access key these this is my access key and this is my secret access key but this is what I'm going to paste in to terraform all right so I'm going to copy this right here paste it into my code and then go back to here and then copy my access key to here you all right so we've got our access key set up in terraform now when you actually create security credentials within AWS you can only see these values once okay so once once you see these you won't be able to get them again so make sure you store them in a safe place you can actually hit this download key file and it's gonna download a CSV file with all of that information so we can just click on that and it'll by default open up in Excel but you can see here this is where my access keys are stored so just keep that in mind because once you hit close if you try to look at your access Keys you'll see that we can see the key ID but we can't see the secret key anywhere and Amazon does that for security purposes so make sure you write that down however if you lose it for some other reason just delete your old one and then just create a new access key and then you should be good to go okay so now that we have our provider set up in our access key setup the next thing to do is let's try and figure out how we actually create or provision a resource within AWS and within terraform the syntax is actually really simple and this is probably one of the nicest parts of terraforming is really the main selling point of terraform is that regardless of what provider you're using so whether you're trying to create in resource within AWS or a resource within Azure or GCP it's gonna use the same exact syntax from a terraform side so that you don't actually have to learn the underlying API from you know asher or AWS or GCP and the main syntax is going to be you type in the word resource and then in quotations you're going to first provide the provider name right and so in our case we would pass in AWS then you do underscore and then you do a resource type right whatever type of resource you're trying to deploy and then you have to give it a name then we're gonna do curly braces and then within the curly braces we provide in all of our config options and these are gonna be basic key value pairs so key equals and then you know some value right and then key too you know another value so that's the basic structure of how to create resources within a provider and so I'm just gonna comment that out for now and I'm gonna walk you through how to deploy an ec2 instance within AWS and if you don't know what ec2 instance are it's basically just a virtual machine with in AWS so if you wanna if you want a Windows Server deployed in AWS you're gonna be doing it in ec2 but you know you can obviously deploy any type of machine that you want if you want to deploy Linux if you want to deploy a database you can all do that in within ec2 and so before we actually deploy that within terraform I want to kind of walk you through how to do it within the AWS console because I think it's important to see you know how to do it in the console and then how a kind of maps to in terraform but obviously if you guys are already familiar with AWS and the console this is gonna be really trivial so you may just want to fast for the video this is more from people that are also kind of learning about the cloud while also learning terraform at the same time and we can just go to our services tab at the top select ec2 and then select instances and you'll see that I have one instance terminated and one instance running if you just created an account you shouldn't see any instances I'm actually going to just delete this for now going to terminate that and I'm going to just deploy a new instance I'm just gonna hit launch instance and here we've got all the different a.m. is that Amazon support those millions of different a.m. eyes and you can even create your own however I want to deploy just a simple a bun to AMI and if you guys don't know what an ami is it's really just an image okay so there's going to be an ami for a bun - there's gonna be an ami for Windows there's gonna be an ami for a redhead one for Fedora and I'm going to search for a bun - and we're gonna select the 18.04 LTS and you can see here this is the actual ami ID that's associated with this a bun - server so we can hit select here we specify the the instance type the ec2 instance type and so you know obviously there's different you know sizes and speeds so some have more CPU some have more memory so obviously if you want a really high performing server you want to go down to one of the ones at the bottom but obviously the more high power they are the more expensive they are so for demonstration purposes and for just learning stick to T - micro because as part of the free tier so you shouldn't be charged as long as you shut it down accordingly so we'll just hit review and launch and you'll get this page we'll just launch that and it's gonna ask you to provide a key pair for now just ignore that so we can just say proceed without creating a key pair watch that instance and if we select this view instances button that's gonna take us back to the AWS console and you can see that it's now creating this new instance so it's in a pending state at the moment but if you give it a few minutes it'll eventually turn into a it'll get colored green which means that it'll have been fully deployed and then at that point you can actually start using it but that's how we create in a ec2 instance with in AWS using the console let's go ahead and create it using terraform now so that I can really show you how quick it is to do it through terraform versus just using it the console and so like I said the syntax is going to be just like this so we're going to do resource and then our provider is going to be AWS right it's just based off of what's provided here then we want to do underscore and then the resource type and you might be wondering well what is the resource type well this is something that you actually have to refer back to the documentation so let's go to the documentation I'm already on the AWS provider page and we're just going to do a ctrl F for ec2 you just keep going down not what I wanted search ec2 on the left side so just open that drop-down menu and we can just unexpanded a sources we don't care about that we care about the resources section and so what we wanted to do is look for AWS underscore instance so this is how we deploy an ec2 instance within AWS and it's gonna give you an example and this is what I love about their documentation their examples are super helpful but basically ignore the data once again we want to focus on just a resource so this is pretty much like the bare minimum of what we need we have to specify an ami I don't worry about this goofy syntax you know he's using variables and things like that which we're not gonna cover yet instead what we're gonna do is we're gonna hard code the ami value in the instance type for now we'll ignore the tag so I'm just going to copy this I didn't delete what I had started already and so you'll see that remember the syntax is the provider underscore and then the name of the resource type so the in this case is just instance and then we have to give it a name so this is a name that's not going to be you know set in AWS this is a name so that we can reference this resource within terraform so this name is just going to be scoped to just terraform it has AWS will not be aware of this name so I'm just going to give this name of my first server but you can call it whatever you want okay and so the AMI we're gonna delete that and to get the ami we're going to deploy another AB unto server and we'll do a launch instance and then if we search for that up unto server again I want to go here and just copy this ami and I recommend you follow these exact steps and not just copy what's on my screen because Amazon has a tendency to kind of change up the ami IDs and so you may end up copying this one which may get changed in the future so you know go to here search for it and then just grab the AMI in quotations so we just paste the ami in there and then the instance type we want it to be t2 Micro just like we selected within the console and we'll delete the tag and before I actually run that code let me go back to services and ec2 and let's just verify what we have running right now so I've got two terminated and one running so once this gets deployed we should see two running so make sure you save your configs now what we need to do is open up our terminal and so you know if you're on Windows you can just hit the search button and just search for a CMD to open up the command line or you know do whatever the necessary steps are for a Windows or a Mac and then you want to navigate to wherever this project is okay so for me that's going to be in documents then I think it's called terraform and at that one era form - projects if I do a dir okay so then we want to navigate to this project 1 and here we're gonna run our terraform commands however it's kind of a pain to have to open up the command line and then navigate to that folder instead what you can do is move this off to the side for now we can go to our vs code and this is why I absolutely love vs code we can go to new terminal and it's going to open up a terminal and if it's a if it's a Windows machine is gonna win open up a Windows terminal if you're on a a Mac it's gonna open up a Mac gem up here on Linux it's gonna open on Linux terminal and it's gonna automatically take you to the project directory so you can see it's already navigated to project 1 which is the root of our directory and so here we can actually run our terraform code instead of having to kind of flip back and forth between our code and in this command line right here so I'm just gonna close this out because we don't need that I'm just gonna use vs code moving forward okay and the first terraform command that you need to learn is terraform in it okay and so what terraform in it is going to do is it's going to look at our config in all of our terraform files which are anything that starts to the TF and it's going to look for all of the providers that we have defined so right now we just have one provider and so it's going to see that we just have provider AWS and it's going to download the necessary plugins to interact with the AWS api let's do that we'll do a terraform in it and let's actually take a look at what the output is doing so you can see here it's initializing the back end and it's now initializing the different provider plugins and then it's downloading the plug-in for AWS if we decided to add in a separate provider if we did like provider and then maybe one for Azure well then it would not only download the code for AWS it would also download it for a sure okay but you should see that terraform is successfully and initialized if you see some other kind of error then you may have to do a little bit of troubleshooting but just make sure you see that you know nice shiny green output okay and so we've got that set up the next step we want to do is I want to show you the terraform plan command and the terraform plan command what this does is it kind of does a dry run of your code so you can see all the changes that will take place it'll kind of show you you know if it's going to delete any instances if it's going to create new instances if it's going to modify instances so it'll just do a dry run so that you can make sure that you're not accidentally about to break your production Network or something like that so I always highly recommend you run a terraform plan even though it is completely optional it'll just be like a quick sanity check so that you can just class over the changes that will be made then you can just make sure that you're not going to break anything if you do terraform plan and this may take a little while depending on how much code you've written but we just have one instance so you should see that it should be minimal output and it should be fairly quick but if we kind of scroll up a bit and just take a look at what's happening I you'll see that it's going to color code things depending on the action so if you see a plus that means it's going to create a resource if you see a minus and it's usually colored red I think I mean it's gonna delete a resource and then if you see something that's orange with a tilde that means that it's going to modify a pre-existing resource you and so if we scroll down a bit you'll see that right now we're going to be creating an AWS instance an ec2 instance and you'll see that we're using this ami and then you'll see a lot of details are not known at this point so it'll be it'll be known only once we actually deploy it to two AWS cuz we won't know the ID that AWS gives it until we actually deploy it so you'll see that most of these fields are unknown but except for the ones that we've actually specified like the instance type source test check default to true so some of the defaults will automatically get applied but this is just letting you know everything that's going to get changed so it's going to be creating a whole bunch of things for this one instance and so now that we've run the terraform plan we can now run the terraform apply to actually run our code so do terraform apply and you'll see that terraform apply we'll do something similar to terraform plan where it'll actually take a look at your code and then figure out the changes that'll take place and so this is just another security check so you can just verify that you're not going to break anything it's going to ask you you know do you want to make these changes so to approve them hit yes and it's going to run our code now and hopefully you know we don't break anything and everything passes but you can see here it's creating our first server aiya right now as we speak so we'll let that run it's gonna take some time usually creating instances can take a little while sometimes up to like I have 10 minutes depending on what kind of instance you're deploying especially if you're on something like Asher I think Azure takes a little while for some reason well actually that's pretty quick but you can see that it completed and it'll give you kind of like a quick overview of the total number of changes that were made so we can see one resource was added zero were changed and zero were destroyed and you know as usual you know just because terraform says it finished and completed we want to double-check with in AWS to see if that instance actually got created so you can see that this was the state before we were in terraform so we've got two in a terminated state and one in a running state so if I hit this little refresh button it's going to just refresh it and you can see now we have two in a running state and this instance right here is the one that it got deployed by terraform because you can still see that it's an initializing state um but if we click on this and just kind of take a look at the details you can see that it's a t2 micro instance like we specified and you can see the AMI so this is the ami which is using Ubuntu 18.04 and so there you have it guys you've successfully deployed your first ec2 instance using terraform and hopefully you can really start to see the power of terraform just from this simple example because I mean what if we wanted to deploy 50 different instances right would you want to manually have to click through these windows 50 different times or would you want to just copy and paste a couple of you know instances right here and then you're good to go okay so we've successfully deployed our first ec2 instance using terraform and what I want to do now is I want you guys to try and guess what will happen if we do another terraform apply I don't actually run this just try to figure out what would happen and I can pretty much guarantee you that your guess is going to be incorrect I'm assuming most of you guys that are watching are probably going to assume that well terraform is gonna run this code again and it's going to create another ec2 instance so we would end up with two ec2 instances and I'm gonna tell you that that is incorrect in fact and the reason for that is that terraform is written in a decorative manner and what that means is that we're not actually giving terraform a bunch of steps to carry out like like a normal program would right so it's not gonna go through this code and just run through each one step by step right so if we wrote if we pasted this one you know it's not going to go and say okay we want to deploy one resource and then we want to deploy another resource instead what's actually happening is that we're telling terraform what we want our infrastructure to look like in the end so we're giving it the exact blueprint of what our infrastructure should look like and so if we look at our terraform file here it says that we should have just one AWS instance in our infrastructure and that is it so no matter how many times we apply terraform or run terraform apply we should always just have one AWS instance and that's this specific instance right so that's why in terraform we're not giving any set of instructions to carry out we're trying to define what our entire infrastructure should look like and then terraform will go in and then figure out exactly what needs to get deployed what needs to you know remain the same what needs to get deleted and so that our actual state in AWS matches what's being defined in our terraform code so if we do terraform well before we do apply i always recommend you do a terraform plan so if we do a terraform plan again it's gonna tell us what the changes that will day take place and you'll see that it's actually refreshing the state so if we look here it's reference it's refreshing the state of our aw senses that we actually deployed just to make sure it's still there and there aren't any issues with it and that it matches what's here and then you can see here it's telling us that oh look no changes were made or no changes need to be made infrastructure is already up-to-date and matches what's defined in our terraform file if I do a terraform apply hit enter it's going to once again refresh the state of our AWS instance so it's just basically talking to the AWS server just making sure that instance is still alive and working and then once again when we run the terraform apply it figured out that look nothing needs it to get added changed or destroyed okay and this is an important concept I think it's a it's a little bit challenging at first but just know that once again it's everything's being defined in a decorative manner which is a little different than a lot of other automation tools but you know keeping that in mind I want to make a few changes just to show you guys you know what terraform will do when we start adding you know extra properties to this ec2 instance so the simplest change we can make is adding a tag it's if you aren't familiar with tags right you can give any AWS instance a specific set of tags to kind of identify them and so that you can actually search for them and filter by those tags so we'll go back to our code and actually let's go back to the documentation to see how we apply a tag so this is all you have to do you just do tags and then you just provided all the tags that you want to give it so we'll copy this and I pasted it in there oops you I'm just gonna change this tag I'm just going to call this call this a bungee server what just call it a bun - so we're gonna give it a tag of a bun - make sure you save the code and we're gonna do a terraform plan now just to see what changes are going to take place so it's gonna refresh the state and now it printed out some changes that gonna take place and so you know you'll see that anytime we're going to change an existing resource you'll see this yellowish orange color with that little tilde and so it's saying that we're going to change something regarding this resource right here that we already deployed that's the my first server resource and if we scroll down a bit you'll see that this is the change that's going to be made so it's going to add in a new tag okay so terraform was smart enough to know that look you know we know what the current state is of our resource that's deployed on Amazon and right now it has no tags but in our code we're telling it to have a tag so then terraform goes in and figures out oh okay I need to add a specific tag to this resource so we'll do a terraform apply now it's going to run that same check we just did and once it's doing that once it's done doing that you can see that it's going to make one change and we're gonna say yes just so we can complete those changes okay and it successfully completed that it's changed one resource we'll go back to the console we always want to make sure that the changes actually took place don't just take Tara forms word for it okay and so you can see right here already the name got populated so that's the special tag for naming a resource but if you click on the resource and just scroll down to tags someplace I forget where it is should be where is it oh here we go yeah I forgot on AWS yeah just like this tag and so you can see here we've got our tag which has a key of name and a value of a bun to and if we remove that or comment it out and then hit save we can do a terraform apply again and terraform is going to talk with AWS api just to get all the information about our server again and it's going to see that it has a tag but we're telling it to not have any tags so then it's going to make the necessary changes and so all we can see here is that look we're going to go from a name of a bun to to null which means we're going to remove that tag so we'll run that and it should remove that tag okay and if we hit refresh you can see that now there are no longer any tags and up to this point you know I showed you guys how to create instances as well as modify instances I think the next logical step is to show you guys how to destroy instances and so if we want to destroy the instance that we created we can do a terraform destroy and once again when we run a terraform destroy it's going to do a refresh of our state and it's gonna show us what are the changes are gonna be made so you can see here anything with that dark bread - means we're going to delete it so we're going to delete that one ec2 instance that we've deployed and we're gonna do everything kind of associated with that and so when we hit yes it should run that and it should remove it from AWS all right so it successfully destroyed our resource go back to the AWS console you can see if we'd hit a refresh this guy should get removed and so you can see it's now in a terminated state and then I forget how long it normally takes me like two more hours and then they'll get completely removed from the AWS console but that's how you destroy your all the instances that were deployed using terraform keep in mind though you know if we had like I don't know 10 10 of these resources what's going to happen is when you do a terraform destroy it's going to destroy every single resource that was created by terraform so keep in mind you know if you want to destroy a single resource there are some parameters that you have to pass in to actually make that work by default the terraform destroy will destroy your entire infrastructure so you probably won't be actually running that very often within within a production environment usually usually you're just you know doing terraform applies and then you know making changes and then applying those changes however I do want to show you another thing that we can easily do so first of all let's actually deploy this once again so I'm just gonna do a terraform apply we're gonna have to wait for this to get deployed again okay and once it's deployed let's just quickly double check that it's been created so this is the new instance that's been created and what I want to show you is is really the power of that that declarative style of writing code that I mentioned earlier so instead of doing a terraform destroy to destroy a specific instance what we can do is just we can just delete this code right here all right and so instead of deleting it I'm just going to comment it out for now which is doing the same thing as essentially removing that code altogether if we hit save terraform we'll see that look at this and within our code there's no resources being defined and so terraform will see that it'll check the state and it'll see that there's actually an ec2 instance deployed by terraform and I'll say hey wait a minute that doesn't match you know we should not have any resources deployed based off of this terraform file so let me go ahead and delete that one resource that we've deployed if I do a terraform apply it's going to refresh the state like it did before so it's is refreshing that instance that we created and it's saying whoa whoa whoa wait a minute right based off our code there should not be an AWS instance deployed at all so let me go ahead and destroy this sucker though if we hit yes he's going to end up destroying it and so that's just another example of that declarative nature of terraform and so you can use that as a tool to you know delete instances or delete any resource with an AWS as long as you just delete it from your terraform file and then run apply terraform is gonna figure out what you want and what you don't want so you don't actually have to delete it from AWS or do a terraform destroy so it looks like it's destroyed it let's just go back to the console double-check and so it looks like it's already terminated it so it refreshed it for us and so there you have it guys so that's how you delete resources within terraform I you know you can do through the terraform destroy or you can just remove it from your code and do a terraform apply and terraform will figure out what it needs to delete till now we've till now all we've done was deploy an AWS instance but obviously anything you can do with the AWS console we can do it in terraform so I want to start taking advantage of some of the other things that terraform can do and I want to start playing around with other resources within AWS so if you're already if you haven't already done so I'll go ahead and destroy the AWS instance that you created you want to do it through terraform of course I don't do through the console also either do a terraform destroy or just delete this resource and then run a terraform apply to get that resource removed and once you have it removed what I want to do now is I want to explore how to create a V PC and I want to explore how to create a subnet within that new V PC okay and so if you don't know what a V PC is it just stands for a virtual private cloud so it's just a a private isolated network within your AWS environments that you can create as many v pcs as you want or there may be a limit but you can have a lot of V pcs and then each one of these V pcs by default is going to be isolated from one another and so to create a V PC the first thing that we want to do is always just navigate towards the documentation so we just search for a resource AWS underscore V PC that's gonna show you how to create a V PC and you'll see that the configuration is dead simple right all you have to do is just provide a side or block and so this just means that for our V PC the 10.0 slash 16 is going to be the network that's going to be used for that V PC so let's just copy this and we'll paste it in here to create a V PC and uh I'm gonna change this name so we can give this any name that we want so I'll just call this my first B PC and keep in mind that this is just the name that's going to be used within our terraform so anytime we want to reference this resource we can just reference first - V PC and if we want to give the name within AWS we can provide it a tag and so you can take a look at the configs here and then this is how you do it so there's a specific tag for naming things and that's called name with the capital N and we'll call this we'll call this our production V PC okay and so this once we run this we'll create a V PC however what I want to do now is I want to create a subnet within that VPC and this is going to be a little bit more challenging and I'm gonna show you why in a second but if we navigate to the AWS subnet resource and if you don't know how to find it the first thing I always do is just do terraform and then you know AWS and then whatever resource you're trying to configure so if you want to see a subnet just search for subnet and it's usually going to be either the first two the second one so we want AWS on the shore subnet so that's going to be the second link in this case and you can see how to configure it it's pretty easy all right so we just specify resource AWS subnet then the name and then we have to specify a VPC ID we also have to specify a site or block so what's up in it do we want to use for that subnet that makes sense and then any necessary tags so let's copy this and let's paste it down here and so I we're gonna change up a few things I'm gonna change this to I'm gonna call this subnet one and the cider block ten dot zero dot one dot 0/24 that's fine just make sure it falls within this range and then for tags I'm going to call this prod subnet okay and here we have to specify the VP CID and you're probably thinking well you know we haven't deployed this VP see how do we get the VP CID right I can't go into the console and get it because we haven't actually created that VP see oh this is where the power of terraform comes in right we can reference other resources that are being defined within our code so we want to reference that this VP see that we're creating and passing the ID down to this field and the way to do that is pretty simple all right all we have to do is we have to specify the resource name so we'll do AWS underscore VPC just like it is up here and we do a dot then we have to take the name of it so we'll take this name and so that's why the naming is important paste it here and then we have to get a specific property off that resource and so every property has an ID I sorry every resource has an ID property that we can access so this value right here is going to get the ID of this VPC that gets created from the line above okay and so that's how we can reference other resources that are being defined in our code right so you just the what I do is for simplicity sake I usually just copy this whatever is between the quotations and I just removed these two quotes put in a dot and then put it in a dot ID that's my little shortcut okay so I think we're good to go let's try to run this and deploy it so we'll do a terraform apply actually let's do a terraform yeah let's do a terraform apply and so we'll see all the changes that are being made and let's scroll up a bit and so you'll see that we're creating a subnet and we're also gonna be creating our V PC and you'll see all the details that are being passed into it so we can hit yes at this point and it's going to deploy that V PC as well as that subnet okay it looks like it's already done that was super quick I guess it's really just ec2 instances that take a long time but if we go back to our dashboard what is this banner who cares anyways let's go to services search for B PC and let's take a look and so you can see by default there's a default VPC for every user so this is the default VPC that gets created so we don't we can ignore that I just wanted to make sure you guys understood that if you were confused as to why there's two V pcs but this is the V PC that we created from terraform and if we take a look at the details we've got the cider block that we assigned to it and then the tags obviously the name being production and if we go to our subnets so there's gonna be a whole bunch of subnets here but once again these are all part of the default V PC that gets created and we want to just take a look at the one we created which is prod - subnet and so if we go here we'll see that the VP see that this subnet resides in is this V PC which is prod which is going to be the V PC that we created within terraform and then we also have the cider block which the 10.0 dot one dot 0/24 and so that's pretty much it obviously there's a tag which is the name which we can see right up there now there's one thing I want to point out you're probably thinking well since when we create the subnet and we're referencing the V PC the V PC resource has to get declared first and what may be shocking is it actually does not need to be defined first and I'm gonna I'm gonna prove that to you I'm gonna do a terraform destroy I'm gonna let that get destroyed real quick you okay so it's been destroyed let's just double check and make sure that's gone and what I'm gonna do is just to prove my point I'm gonna copy this or cut it I got paste it right above the epc so now within our code we're defining the subnet and we're referencing the VPC even though the VPC is defined beneath it and once again guys this is just to show you guys that the order in which you place your code does not matter within terraform which is a little confusing right if you're in you're familiar with programming right it always follows a sequential order starting from the top and working to the bottom well let's make sure we save everything and let's do a terraform apply and guys if you get tired of having to hit yes whenever you want to destroy or create something you can always do the dash dash Auto approve and that's gonna skip that step so that way you can just run it I step away from your seat though grab something to eat and then just come back when it's done and so you can see here even though the subnet was declared first you can see that terraform actually I realized that this window is probably not that big for you guys and so I'm gonna make this a little bigger for you guys let's see your way to do that maybe if I to do a ctrl + there we go but if you take a look at the order in which things are created you'll see that we create the VPC first they create an it took three seconds to complete and then we created the subnet so terraform does not care which order the order in which you define things because terraform is intelligent enough to figure out what needs to get created first so terraform knows that a subnet belongs in a V PC and since this subnet is represent is referencing the V PC are creating it knows to create the V PC first and then create the subnet okay so terraform is very intelligent it can figure out what needs to get created so you don't have to worry about any of that nonsense it'll figure out what needs to be done however I will say this there are certain instances where it can't however I if you look at the documentation it'll always tell you whenever terraform can't figure out what order to create things and it'll give you a workaround so like usually you'll have to pass in an extra flag that says one resource depends on another but for the most part terraform will figure out everything for you now if you guys have been following along you may have noticed that there's a couple of extra files that gets created on the left side and so you may be wondering what those mean and you know that's what I want to cover in this section so we'll start off with this dot terraform folder so this folder gets created whenever we initialize any plugins so when we did a terraform in it right did a tariff or a minute it's going to create that directory and then it's going to install all of the necessary plugins for our code to run in this folder so since we have just one provider all of the code for the the AWS provider is going to get installed into there and just to prove that to you guys I'm going to delete this real quick gonna break our code uh it looks like you just deleted one of those folders I want to delete all of them all right okay so they're all deleted and if I try to do a terraform apply it's going to throw an error saying look at this we don't have a a w s provider and so what we have to do is we have to initialize it again so if I do a terraform in it it's gonna do that initialization process and when it does that it's going to create that folder that we just deleted and there you go so we see the dot terraform folder and it's got the configs for AWS right here now moving on to the second folder or sorry the second file that you may be wondering out that's going to be the terraform TF state so what this file is is that it represents all of the state for terraform and basically anytime we create a resource within AWS or any cloud provider we need a way for terraform to keep track of everything it's created right because that way if we go to modify a parameter like added an extra tag or maybe change the instance type to from like a tea to micro to another size it needs to be able to check you know what is the current status of that resource you know what are its configurations and compare to what's in the code and the way it does that is it just creates a simple text file and so we've got this terraformed at TF state and it looks like it's in a JSON or mat I can't remember if it is fully JSON it may not be you know don't quote me on that but we can basically store all of the resources that we create win this state file so you can see we've got the AWS provider and if we just kind of look through it real quick we can see all the resources it's created so we've got the first VPC that we created and so you can see all the details about that VPC and then I think someplace there's going to be a subnet so this is the one that covers the subnet and this is gonna have all of the information regarding the subnet so this file is very important so for some reason you ever go into this and start deleting things you will break terraform I and so terraform will have a mismatched state from what's actually being deployed into AWS so never mess around with the TF state file it's a very important file and we it's absolutely crucial to the overall functionality of terraform and just to kind of show you how this state file gets updated I'm just going to create another VPC you're gonna take this copy this and we'll just paste it down here and I'm gonna call this we'll call the second V PC change the cider block and we'll change this name to say dev and might as well just create a new subnet for that guy as well I'll call this subnet to and for the VP CID I'm going to represent this V PC so whoops at the typo and we just change this to second - V PC I'm going to change the subnet to make sure that this subnet resides within this cider block and we'll call this dev subnet now if I do a terraform apply you and I do a - - Auto proof and once again typos all over the place you now if we go back to our TF state file we can take a look at it we'll see that there we had subnet one already I was already in there and then we've got you knows now we have subnet too all right so you can see that anytime we create an instance or modify an instance within AWS we're going to update our state file so that we can keep track of all of that information all right guys so that's all I wanted to cover in this video till now we've only been doing very simple tasks like creating an ec2 instance or creating a V PC or a subnet and we haven't even been able to log into that ec2 instance and so what I wanted to do was you know with everything that we've learned so far in terraform I want to walk you through how to create an ec2 instance deployed on a custom V PC on a custom subnet and assign it a public IP address so that not only can we ssh to it and connect to it and make changes on it we can also automatically set up a web server to run on it so that we can handle web traffic and you know this task it seems like a very simple task with a couple of steps but it's actually a little more complicated than you think but luckily we don't actually have to do anything from a terraform perspective that we don't already know how to do and so I'm gonna walk you through that and I've actually outlined all the steps that are necessary to do this so there's nine total steps technically 10 we're gonna have to do one step outside of terraform just to keep things a little simple we could do it through terraform but that would get a little more complicated um but just to walk you through with these steps we're going to create a custom V PC I'm in within that V PC we're gonna designate a internet gateway and the reason we need to have an internet gateway is so that we can actually send traffic out to the internet because we do want to be able to assign a public IP address to the server so that anybody in the world can reach it then the next thing that we need to do is we want to create a custom route table technically this would have been optional but I thought it would be cool to show you guys because these are all things that you need to be able to do so I wanted to make sure I walk you through that we're going to then create a subnet in step four and then anytime you create a subnet we have to assign it to a route table or then they'll get assigned to a the default route table for your V PC and so this will just associate the two together then we're gonna create a security group and the security group is just responsible for determining what kind of traffic is allowed to get to any one of your ec2 instances so since this is a web server we're going to allow port 80 and port 443 for HTTPS traffic we're also going to allow port 22 so that we can SSH to it and you know obviously connect to it and make change to it we're going to create a custom interface and that's going to be assigned to the subnet that was created in step 4 and we'll assign an elastic IP so an elastic IP in Amazon world is just a public IP address that's routable on the Internet and then we're going to assign that to the network interface we created in step 7 and then finally we're going to create an Ubuntu server we're gonna automatically through terraform install and enable apache and then we're going to assign that IP address or that network interface that we created in step 7 to that a punto server and at that point we should have a live running web server and we should be able to connect to it and you know do whatever we want with it all right guys so you know before we get started the first thing that we need to do actually is create a key pair within AWS and the key pair is just going to allow us to connect to these devices so AWS requires us to set up set up access keys so that we can connect to these devices so to set up the keys we need to go to the ec2 section and then there's a section within here called key pairs here we go and so you can see I have one key pair here already but I'll walk you through how to create a new one so we'll just do create new key pair and here we'll just give it a name okay so we'll call this oops we'll just call this access key I you want to give it a better name than this I just couldn't think of one okay how about this we'll call this main key main - key so there's two different file formats that you can use go ahead and download the PEM format for now I'll show you how to actually convert this to a PP k if you want to use putty so you know moving forward though if you were mainly a Windows user download the PPK so that you can use with putty if you're using Mac or Linux you're gonna want the PEM file so you know download that but you know for now even if you are using a Windows machine download the Pam and I'll show you how to convert it to a PPK so we'll create this key pair and it's going to automatically download this for you so I just remember where it's getting safety so it's pobably gonna get saved in your downloads folder and just keep that in mind okay so now that we have our keeper set this is going to this key is gonna allow us to actually connect to our server once we've deploy it but you know let's go through this step by step and tackle each step and you'll see that just how easy it is to create all these resources and I'll obviously point you to all the necessary documentation so that if you guys want to read up further on it you can and so the first step creative EPC you know you guys have already done this but you know I'll walk you through that so obviously I already have forgot how to actually configure one so just search for terraform AWS VPC this is all I do guys you know just google it and Google will tell you what to do and so here we're going to define a resource a VPC resource so I'm just gonna copy and paste that I'm gonna keep this as this the same sided block it doesn't really matter for the purpose of this project now we need to create an Internet gateway so this is something new but once again the power of Google will do terraform AWS and then what was it called Internet gateway okay so there's a couple of things really the only thing you have to pass in is the VP CID so we'll just copy this and I'm gonna just go in here paste that in there don't really care about tags for now and we need to pass it the VP CID so remember we can reference another resource within our terraform code and so we'll just reference this VP C so we do AWS underscore V PC then dot well let me give this a more descriptive name I don't like main will call this prod V PC actually let's give this a tag as well why not and we'll just call this a production and so will to reference this will do AWS underscore vp c then dot then the name so prod - VPC and then we have to do a dot and an ID because we always want the ID property of this resource we don't want the resource itself and don't worry about giving us a tag so that's all we need to do now we have to create a custom route table so this is something that's new again so we'll just search for that terraform AWS route table and you know obviously we already have this open so we could just kind of navigate to wherever it is but there's just so many resources it just takes forever to find what you're looking for so I always just google it so here we want the AWS route table and it's gonna give us an example so just copy this I'll take you I'll explain step-by-step what each line is doing and I'm gonna give this a name we'll call this prod route table and we have to reference the VPC ID so we can just copy what we did with the internet gateway you and we don't really need a tag for this route let's give it a name I think we'll just call this pride as well okay and then now here this is where we define the routes for this route table so if you look at this what this is saying is that for the submit the 10.0 dot one dot 0/24 we're gonna send it to the internet gateway however what i want to do is i just want to set up a default route which means all traffic is going to get sent to the internet gateway so to do a default route if you guys aren't familiar with networking you just do the 0.02 at 0 slash 0 and this is going to send all traffic while I pee all ipv4 traffic wherever this route points and this is the old syntax of referencing other resources but remember we're just going to do it the same way we did for the V PC so let's find the internet the AWS Internet gateway and so we just do AWS underscore internet underscore gateway then you do dot and then we just referenced the name so we just gave it a name or GW and then we want the ID property okay and so that's all we have to do to create a default route and we can also create an ipv6 default route I'm not using ipv6 but you know we might as well go put it in and so for an ipv6 default route it's already been provided so you just do colon colon slash zero it's the equivalent of this but for ipv6 and we can delete this and just point it to the same internet gateway and you know once again this is just going to make it so that our traffic in the in from the subnet that we're going to create can get out to the Internet all right now we have to create a subnet where our web server is going to reside on and this we don't need to kind of search how to do because we've already done this before so resource AWS underscore subnet and then let's give it a name I'm just gonna call it subnet - one P CID let's just grab what we did here for the internet gateway and just copy that copying and pasting here guys and then we have to give it the subnet we're going to use those eSATA block and so I'm going to use the ten dot zero dot one dot 0/24 subnet and there's also another optional property so we can actually specify what availability zone we want to use and if you don't know what an availability zone is within a region we it's not that just it's not that AWS just has one data center within each region they actually have a couple of data centers I'm not really sure how many maybe it's like three to five and so that way if one of their data centers goes down in a region the whole region doesn't go down so they have redundancy and so you can actually deploy resources to a specific availability zone and we can pass that in by passing in the availability zone property and then just specifying the name so we'll just do a US - East - one a and so there's gonna be us East - 1a 1b 1c and so on but we're just gonna set it into 1a and then we can give this a tag as well so we'll set the name to broad underscores or - subnet and so now we've created a subnet we've created a route table but we actually have to assign this subnet to this route table and so there's another a resource resource type within terraform that's called route table Association and we'll just let me pull up the documentation so you guys don't get confused so we'll do terraform AWS route table Association and all this does is just it just associate the subnet with a route table and so you can see here we have to pass in the subnet ID as well as the route table ID so we'll copy this and then we just need to update the subnet and the route table so we can remove that and pass in our subnet so AWS underscore subnet dot subnet - 1 dot ID and then let's grab the route table so I'll just copy this pace that in there remove the quotations oops and then just join him together but they dot and then we want to grab the ID and that's all we have to do for the roundtable Association we could just leave it as the name of a because we're not gonna reference that anyways so the next thing we need to do is create a security group this is something new again and so it's always good to make sure that you have a security policy that's really clamp down on only the protocols that you need and so we'll just search for that you and I'm just gonna copy this example and walk you through what's happening so let's give this a name we're gonna call this allow web traffic Changez too underscore web so this security group is really just going to be there to allow just web traffic so we just want port 22 port 80 and port 443 and description we can just change this to allow web traffic and we have to point to our V PC so there's weird you know how to do that we can just copy the one from the subnet now this is where we actually apply the different rules so we have ingress policy as well as egress policy so in this example what this is saying is that we are going to allow TCP traffic on port 443 right so the front port and the two port just means it allows us to specify a range of ports so if I did 4 4 3 2 4 4 7 that means we would allow ports 443 through 4 4 7 so when you just do the same number it means we're allowing just that port and then this is the protocol so you have TCP you have UDP and so on and then you have we can actually clamp down on what subnets can actually reach this box so we can actually put it in like our own IP address of our of our work computer something so that only certain devices can actually reach this and so sometimes it's best not to open it up to the Internet but since we're creating a web server that's meant to be used by anyone we want we want to allow it so that anyone can use it so we'll change this to zero zero zero that default that means any IP address can access it but if you just wanted like one specific IP you could just do like one dot one dot one you know / 32 and then this would mean that you know just that IP address I can access it but we want everyone to be able to access it so we'll do that and we can have as many ingress and egress policies as we want and so this is actually technically for HTTP traffic so HTTP traffic going to call it that and what we want is not just HTTP but we want port 80 in port 22 so we can just copy this ingress rule and paste it a couple of times save just so it formats it and this is going to be HTTP and HTTP resign port 80 TCP once again so all web traffic TCP and then we want it from any IP address and then finally we want one for SSH so this is going to be port 22 TCP and then yes any IP address and if you look at the example for the egress this is just saying that you know we're allowing all ports in the egress direction and when you put it in minus one for the protocol it means any protocol and for the cider block it means any IP address so this is exactly what we want for the egress policy what's more concerning is always setting up the ingress policy and well you can change the tag to allow call it allow web alright now we want to create a network interface so let's go to documentation for that so terraform AWS network interface you and so I'm gonna copy this we're going to change the name I'm going to call this some web server Nik and so we need to assign this Nick to the subnet that we created subnet where to go here we go you you and don't forget to grab just the ID and here we need to specify an IP so what IP do we want to give the server we can pick any IP address within the subnet well not technically any IP address you know AWS is going to reserve a couple of addresses like the dot one and a couple of other ones so I'm just going to do ten zero dot one dot fifty so ten dot zero dot one dot fifty and then finally we have to pass in a list of security groups and so let's pass in the security group that we just created in the step above you and we can actually attach it to a device now but we're going to skip that and we can actually specify what Nick we want to use when we actually go to the provisioning section for an ec2 instance so we're gonna delete that part and we don't need that for now and then now so this created the private IP address for the host but we also want to assign it a public IP address so that you know anybody on the internet can access it and to do that we need to create an AWS elastic IP so if we search for terraform AWS VIP all we have to do is just we can do as an example so VP sequel it's true I can't I forget what that actually does we can take a look at the document so this just means boolean if the EIP isn't a V PC or not so it isn't a V PC so we have to set it to true and then network interface so we can specify what network interface we want to assign it to which is the one we created in step seven so we can copy this you and then when it says associate with private IP it's gonna be the private IP that we gave right here and also I guess I forgot to point out that you know here we're passing in a list of IP so technically we could have given more than one but we're just going to assign one here and then we can just reference that ear go to ten dot zero dot one dot fifty and now you know I told you guys that terraform you know does not care about the order and it will figure out the order at which things need to be deployed so that everything works however there are certain gotchas and this is one of the gotchas right here is that the AWS CIP relies on the deployment of the internet gateway which is created up here and so if you try to do this through the console and you try to create an elastic IP and assign it to a device that's you know on a subnet that or in a V PC that doesn't have an Internet gateway it'll throw an error cuz um you know for for you to have a public IP address you need to have an internet gateway so deploying an elastic IP requires the Internet gateway to be deployed first before the actual elastic IP gets deployed and I guess terraform by default can't figure that on its own and if you actually take a look at the documentation it even lets you know that so it says elastic IPS may require internet gateway to exist prior to Association so you can use the depends on to set an explicit dependency on the internet gateway so what we can do is exactly what it told us to do we can set a depends on flag and set that equal to the the internet gateway that we created you and here we actually don't need to specify the dot ID we want to actually reference the whole object and not just the ID alright guys we're almost done we just got one last step and that's to create our bunchy server and here we're going to do resource AWS underscore instance and then we'll call this a web - server - instance the ami so let's grab the ami from our console again if we do launch since we'll just search for a bun - and we'll grab the first am i right here the instance type we're gonna do to the t2 micro again because it's free and here we can also set an availability zone and I'm going to make sure this is very important to actually set this to the same one that we used for our subnet and so if you remember we go all the way back to the top where is it where's our subnet here we go our subnet we passed in this availability zone the - one a and there's a reason why I hard-coded the availability zone because if you don't hard-code it Amazon will will pick a random availability zone to deploy that and I've had a couple of times where where the subnet would get deployed in one availability zone and then my interface would get up report in another availability zone and then I couldn't like combine the two because they're essentially in two different data centers so whenever you get an option make sure you to hard-code the availability zone or then you could lead to issues where it says like oh you know you can't have your server and you know one availability zone and then your some another one it just creates all sorts of issues so anytime in the documentation it gives you an option to pass it in go ahead and pass it in now if you remember the key pair that we created we need to reference that that we can actually access our device and so let me go back to the key pair what did I call it main - key main - key and now we can specify the network interface we do network underscore interface and if you're wondering where I'm getting all of this it's all in the documentation so if I pull up AWS terraform instance it's going to walk us through how to do all of this but what we want to do is we want to scroll down look for network interface so there's a network interface section within what did it actually it didn't take me to the right section here we go if there's a network interface section so we have to define a network interface block I and this is what a block looks like so you can actually create another block within our resource to define a few extra parameters and so the first thing that we have to do is provide a device index and all this is doing is that you know for a me any ec2 instance that we deploy we can give it a ton of different interfaces right we don't have to just give it one so we have to tell it which interface you want it to be right because you know it's going to get labeled like Ethernet one Ethernet two Ethernet three and so on so we're gonna make sure that this is his first interface and you can do that by specifying the device index and setting it to zero and we want to set that to zero cuz uh you know it's kind of like it's kind of like you know like in any programming language the first number you start with is a zero instead of one so this is going to mean that this is the first network interface associated with this device and we have to specify the network interface ID so we just have to reference that this network interface so we'll copy that you and now guys this is where the actual magic happens here so what we're gonna do is we're gonna tell terraform to on deployment of this server to actually run a few commands on the server so that we can automatically install Apache and the way to do that is to use the user underscore data block and what we have to do is we have to pass in is gonna look a little goofy I'm but we just say - Det EOF and I forget what this stands for um but you just put that in there and now we just type in all of the commands we want to run so just like with any batch script we want to start off with the with this goofy header that you always need and now we just specify all of the commands that we want to run so we'll do a sudo apt update - why we'll do a sudo apt install apache2 - why and then we'll do a sudo systemctl start apache - and then finally this last one is kind of optional but what I'm gonna do is I'm gonna copy some text to the index.html file that gets served by the web server so that we can confirm that you know all of these commands actually worked and I'm just going to say we'll say echo and then we want to send a string of text we'll just say your very first web server and we want to redirect that to /var flash wwhd ml / index.html and hopefully I wrote all of that without a typo and then you know obviously you guys can run any command that you want so you can put in whatever command so you can stall you can install any package you know you can modify and configure files all from here but once you're done entering and all your commands you just do a Oh F so yo F at the top starts all of the configs and then the e f at the bottom basically tells terraform that we're done and then lastly let's give it some tags name equals we'll just call this web server let's hit save and now we're gonna do a terraform fly and it looks like I messed something up so let's see I depends on what happened here a static list expression is required okay I already know my mistake so when you use the depends on parameter you actually have to pass it in as a list and so the reason we pass it in as a list is because we can actually specify multiple things that we need to wait on before we actually run the elastic IP so if we wanted to make sure that you know the the VPC got created we can specify that as well as the subnet and so on so you can put in as many criteria as you want so that's why we have to pass it in as a list again hopefully he goes through this time looks like it's good so far will do yes and let's just uh now it's time to start praying you and it looks like we got another error on line 25 let's see what happened here yep and I already figured out the mistake this should be under the aw out table this should not be Agresso a gateway ID this should just be gateway ID like it is up here and that was just because I copied and pasted it I forgot to change it but you know just to make sure you guys understand what's happening here all we're really doing is we're just saying that our default route for ipv4 ipv6 is going to go towards the internet gateway so that we can get out to the Internet you you alright it looks like it's done guys so let's just take a look um let's just verify in the console that everything is okay and so we'll go to you let's go to our ec2 instance let's see if it got created and so we've got one that's initializing right now and that's our web server you got the previous one obviously I did a dry run before this video although I still messed up a whole bunch of things um but this is our ec2 instance I think things look good obviously we can go through each and everything you know make sure our VP sees good make sure our subnets good make sure our round tables good but that's just a waste of time because I already know they're okay instead what I want to do is I want to actually show you how we can connect to this device or actually let's wait till this is finished initializing and once it's initialized let's just navigate to this IP address and see what happens so I think it's probably at this point already running so let's just go to that and then we'll just go to the IP address so copy the IP address and your web browser go to that and you can see your very first web browser so this just confirms that we installed Apache on our server and we copied that text to the index out HTML file that gets served to all the users and so that just confirms that everything is working okay however now what I want to do is I want to show you guys how to actually connect to that device since it has a public IP we can actually SSH to it and the way to do that it's going to vary depending on what operating system you're on so if you're on Windows I'm gonna walk you through that now and then in a second I'll show you guys how to do that in on a Linux or or a Mac machine so if you're on Windows the first thing that you need to do is download a software called putty it's a little annoying that we need to use putty but just search for putty and then let's see if I can so just download it here like this button and then you can just download the Installer so get the 64-bit if you're using 64-bit or get the thirty two-bit if you're using the 32-bit so after you install it just go to your search bar and just search for putty and you'll see that there's two applications that actually got install this putty and puttygen and the first thing that we need to do is we actually need to open up puttygen and the reason we need to do this is because this is a PEM file and I told you guys that I'm you know there's the there's the PPK file or pkk I forget which one it is I think it's PPK and then there's the PEM file so Linux machines like to use the PEM file however putty likes to use the pkk file or the PPK file whatever it is I can't remember and so we have to convert this PEM file to the right format to be able to use it on a Windows machine so the way to do that is open up the puttygen application like I just showed you and hit this load button and here select all files and we've got this main - keep em so hit open and its import this and then all we need to do is select save private key and it's going to give you this warning go ahead and ignore and just hit yes then give it a name so I'm just gonna call this main - key again and it's gonna save it as a PPK file so I'll have a PEM version as well as a PPK version I can use it on either machine and I think it should have created it so we can just double-check and let me go to my downloads folder real quick and if I move that over here yeah you can see that now we have the main - key PPK file as well as the PEM file so now what we need to do is we'll close out this puttygen and we're gonna open up the regular putty device or the putty application and keep opening up on the other window it's just kind of a pain and now let's go back to our console and the way to connect to one of these devices hit this connect button right here and it's gonna give you all the information on how to connect to this device and so you'll see that the user for this device is a bun - and then you know it's gonna also give us the IP address but we can actually confirm the IP address here the important thing is we know that we need to login using the user as a bun - so we'll do a bun - and then to specify the IP address you do at and then the IP address so let's copy this IP address paste it in now we have to login using that PPK file and to tell putty to use that go into this SSH right here and I know this text is a little small for you guys I don't know how to make this bigger unfortunately so you're just gonna have to bear with me hit the off button and then there's a section that says private key file for our thick chin so hit browse and then just find that main key PPK file it open it open again and once again this opened up in another window and it looks like I'm running into some issues so I'm not sure what happened here let me close this out I'm gonna open up my terminal I should be able to paying 3 2 2 8 @ 2 4 8 2 5 2 or maybe not the problem oh we know we didn't allow pings let's just make sure this works again okay so that's good now why is it that we cannot reach this device so let's check our security group let's view inbound rules oh look at this guys I messed this up you see or allowing port to and we don't care about part two we want port 22 so let's go back to our terraform file let's see where as what I messed that up here we go this is where I mess it up so this should be port 22 we hit save and then do a terraform apply it should fly this on the fly real quick for us been done let's just double-check here so we'll go to view inbound rules now it says port 22 and let's open up putty again and just perform the same exact steps I go to a bun 2 at and then copy this IP address H go to our authentication browse find our main key PPK file it open and it should pop up with the security alert so just hit yes and at this point you should be logged in using putty so you know we're on a linux machine you can run any command you want but you know if we want to verify Apaches running let's just do a system CTL status Apache to wrong and so and so it's running and so that's how we um you know connect to one of these boxes on a Windows machine let me show you how to do it on a Mac machine and let me just copy this PEM file to UM to my Mac machine real quick and so remember we want the PEM file on a Mac and on a Windows we want the PPK guys to connect to our web server or an ec2 instance from a Mac or Linux machine steps are gonna be identical the first thing that I want you to do is go to your web browser and just go to AWS and log into your console because it actually kind of walks you through how to do it step by step it's actually really easy so if we go to our ec2 section and go to running instances I'll go to your web server and then just hit connect and so these steps are all you have to do if we have to do chmod 400 and then the name of that PEM file that we downloaded and that's just going to set the permissions to the correct values and then we have to connect to it so the way to connect to is you go to your command line you do SSH - I then the name and location of your PEM file and then we want to connect to it doing a bun - at and then the IP address so that's all you have to do let's go to our terminal and let's find that PEM file so I saved into my downloads folder main - key - Pam so we'll do a chmod 400 main - keep em and now to actually connect to the server we do SSH - I and then the name of the file so main - G - Prem and then now we do a bun to at and then we need to get the IP address so let's go back here let's copy the IP address and then paste it in we hit enter and we should get this same warning that we got on the Windows machine so we'll hit yes and there you go you're now connected to the device and you can run any commands so that's all I wanted to show you guys in this video hopefully you learned a lot you know I showed you guys how to create a lot of different resources these are all things that you're gonna need to know how to do and hopefully at this point you guys should feel relatively comfortable with navigating around terraform and creating and deleting resources definitely go ahead and you know once you're done with this project I do a terraform destroy because we did deploy a lot of things and I don't want you guys to get any kind of unexpected bills even though we are in the free gear so just do a terraform destroy and then we can just do a dash dash Auto proof but you know what happened here terraform and do not the story but you know we still have a lot of things to cover when it comes to terraform you know you know I get a chance to cover variables or or modules or things like that so there's still a lot to cover with terraform I think that's gonna wrap it up probably for this video I'll make some follow-up videos if there's any topics you guys want me to cover let me know and I'm happy to do it you know terraform has been something that I really enjoy working with so if you guys want me to do more terraforming videos also let me know and I'll be happy to do any videos or any topics that you guys want in this video I'm gonna go over a few extra terraform commands that I think are helpful and if you've already destroyed the the project that we created in the last video go ahead and deploy it again or at least just deploy a few resources we need a few resources deployed so that we can actually take a look at the output and so I've already done that so I've already you know run this terraform config and so we have a several different resources deployed and the first command that I want to show you guys is terraform state list and by the way guys if you don't know what commands to run I always just start off with terraform and hit enter and you'll see that the command line will kind of help you you know with the different commands that are available so these are all the options that we have and so right now I want to focus on the state sub command so where is this I think it's terraform I was down here so the terraform state sub commands if we do terraform state and then hit enter you can see all of the commands that we have at our disposal so we've got lists this is the main one that I'm confirm concerned with so if we do a terraform state list this is going to list out all of the resources that we have State for so any resource that I've created in my topology you know we're gonna have an entry in this output and so you can see we have the elastic IP that I created we've got the web server that I created as well as the internet gateway the network interface the route table the route table Association the security group the subnet and the VPC and if you actually want to see detail regarding any one of these resources you can do a terraform state show and then just copy one of the one of these items so if I want to see detailed output for the elastic IP I can copy that a sit-in oops it looks like I didn't copy it hold on terraform state list and it just copy that and sigh we need terraform state show all right and so you can see it's gonna give us a detailed output regarding that state and should include a lot of information that would normally only be stored in the AWS console so we can see the IP address we can see the Association ID we can actually see the actual ID of the resource that gets created in AWS then we can see the ID of the instance this elastic IP is assigned to as well as the network interface and we can even see the public IP and this is super helpful because there's gonna be a lot of times when you deploy something and you want to know what the IP address is especially the public IP and normally you'd have to do it through the AWS console but you know we have this command so that we can just verify it from the command line really quickly without having to login and we can do this with you know really any one of the resources that we've deployed so if we want to see more detail regarding the web server that we deployed we can copy this and just take a look at that and just do a terraform state show and you're gonna see all the information that we have regarding that server that we deployed so we can see the ID we can see you know the ami that was used what availability zone it was deployed on we can see its public IP here as well and you know a couple of other details that would once again normally only be available in the AWS console so you know those are the two commands keep those in mind so remember terraform state list and then terraform states show those are going to be the two big ones in the last video I showed you guys how to verify the state information for resources that we've deployed using the terraform state show command and the terraform state list command and those will allow you to see information like the resource ID it'll allow us to see information about you know like what's the public and private IP of a ec2 instance so we can see a lot of detail about these resources that we've deployed ourselves and it's super helpful super handy but I want to show you another thing that we can do to actually see that information right because you know after you deploy something you know we can always do a terraform State date list and then whoops terraform state list and so if we wanted to extract the public IP of the elastic IP that we created you know we can always do a terraform state show and then just copy that and you can see here that we can actually see the public IP under the public IP property of this resource that we created but there's gonna be times where you know it's kind of a little inconvenient to have to always do a terraform state list and then terraform states show for all of the details that we want you know what if we could get terraformed to automatically print that out when we run a terraform apply and well guys there is a way to do that and that's by using the terraform output commands though you know any one of these properties that we can see by doing a terraform state show on any one of these resources we can tell terraform to automatically print those out when the resources are created and we can do that using the terraform output command I'm going to show you just how simple it is so as I said before you know one of the main use cases is extracting the public IP that's going to get assigned to an elastic IP or a ec2 instance that gets created so we can just do a terraform oops not terraform we can do the output and then we have to define an output for this so I'm just gonna call this my server underscore public underscore IP and then here we just assign it a value so we get the value from from this right here from this terraform state show so to get the value what we have to do is we have to pass in the name of our resource which is AWS underscore AIP underscore or dot one and if we want to grab the public IP property okay and so we can go down here and we just say value equals AWS underscore AIP dot one dot public underscore IP okay and so that will get this property and it'll print it out into the console when we run a terraform apply so let me save this and we'll do a terraform apply and then - - auto approve and let's just wait for that to run and I want you to notice what happens at the end alright look at that so the output that we created it's going to print out our server public IP so that we don't have to go into the terraform state and verify it ourselves and so this can come in handy because you know we can print out all the details that we are concerned with without having to actually go in and check the states ourselves and we could obviously you know grab any other property so as an example let's say let's see what other properties we can grab that I think would be cool let's do a terraform state list and then terraform state show and then let's check our our web server instance so let's say we want to grab the private IP of our server as well as the ami that's being used or no I think the ID would be cool because we we're hard coding the ami so who really cares about that we already know what it is and so we can just define another terraform output so we'll do output then we have to give it a name so just give it any name you want I'm just gonna say server all this I don't know server private IP and I'm going to do value and then remember we have to set this equal to our resource so we'll copy our resource name you and remember we need to get our property name so this is going to be called private underscore IP and I can't remember if we can put two values in here but let's just give that a shot and so let's see if I just copy this and let's print out the ID terraform apply again you yep so it looks like we can only set it once so we'll have to create another output some server ID just gonna move this down here all right so now when we do a terraform apply we should see three different output you and there you guys there you go guys so you can see the three different outputs that we've defined we've got the server ID we've got the private IP as well as the public IP and you know you can always verify the outputs by doing a terraform output and it's going to print out all the outputs for us however if you decide to add another output you know into your config but you don't want to do a terraform apply because technically terraform apply could potentially make changes to your network and if you're in a production network you don't want to accidentally deploy or delete something just to see what the output is so you know if you're in that situation you can always do a terraform refresh and this should you know just refresh all of your state and it will run the outputs again so that you can verify them without actually you know deploying anything or doing an actual apply with the decorative nature of terraform it's kind of an all-or-nothing situation when you want to deploy your terraform config or destroy it so you can either spin up everything that's been configured in your terraform file or destroy all of it however terraform does understand that you know there's going to be instances where you want to just delete an individual resource or if you're just trying to roll out with the deployment to do stage deployments of our only certain resources are to play it deployed one day and then the next day another set of resources are deployed and so we can target individual resources within our configs to either apply or destroy them by passing in the - target flag and so i've got a whole bunch of resources deployed and let's say that i just want to delete this web server right here well we can do a terraform destroy and if we can pass the - target flag and then i'm just going to provide the name of the resource so we'll do AWS underscore instance dot web - server - instance and so this should leave everything else in my configs untouched so all of these you know the route tables the subnets all of that should remain untouched and terraform should just delete this one easy - instance let's give that a shot and let's see what happens all right and so if we go up here just to see what's going to change you can see that we're going to be destroying just one resource and that's that web server that we targeted and so you can see here only one resource can get destroyed so if I hit yes it should Jen delete just that server all right so it successfully destroyed just that one resource and if we want to do the exact opposite thing and deploy just this one resource we can use the - target flag once again to accomplish that then terraform apply what - target and the name of the resource that we want to deploy so in this case we're just deploying just that web server that we just deleted you and I'm gonna move the apply to here you all right and if we take a look at the summary of the changes that will take place we can see that it's going to add one resource which is exactly what we want we'll hit yes and let's just double check that everything works okay and there you have it guys we've deployed just one individual resource from my terraform config alright so this was just a short video I just wanted to make sure that you guys understood how to target in an individual resource or individual resources if you want to deploy just a couple and so that just hopefully gives you a little bit more flexibility on maintaining your infrastructure easing terraform now just like any other programming language terraform does allow us to make use of variables so that we can reuse values throughout our code without having to repeat ourselves and right now inside this example configuration file I've got just a V PC being defined so we're gonna create a V PC and then we're gonna create a subnet within that V PC so nothing new up to this point you guys should already be familiar with how to do this but what I want to do is I want to take this site or block definition for subnet 1 and store this value right here the ten dot zero dot one dot 0/24 subnet in a variable and to define a variable in terraform it's very easy all used to do is just type in variable and then the name of the variable so we can give it any other name so I'm just gonna call this subnet underscore prefix okay and within this variable definition we can pass in three arguments or three parameters and all three of them are completely optional so we can technically leave this empty but the three options are we can give it a description we can also give it a a default value as well as a type okay and so once again all three of these are optional but a description is exactly what it sounds you can like you can just give it a description so we'll stuff a this going to represent the cider block subnet the default value so the default value is just going to be what terraform is going to give this variable if we don't actually pass in a value for this variable so I'm going to leave this blank for now and just comment that out we don't need it and then the type so we can actually perform type constraints on variables so that when a user enters in a value we can make sure that they enter in the proper type for this variable so if we're expecting a string you know we can say type equals string a couple of different types that terraform supports so you know it supports strings that supports numbers of boolean's lists maps sets objects tuples and if you're not sure what type you're gonna use that and if you're not really sure what type needs to be passed in you can always just pass in the any argument to say that we support any type but you know we can just leave this blank for now and we'll come back to using type constraints so for now all we're gonna do is just provide a description and I'm gonna hit save and let's see what happens when we actually run our code now well actually one more thing we actually have to you know use that variable someplace right so to actually reference a variable in our code is very simple so I'm gonna delete this subnet right here and to reference a variable we just type in a var and then dot and then the name of the variable so that's going to be subnet underscore prefix and so you can see that nowhere in our code so far have we actually defined a value of subnet prefix we just provided a description so if we do a terraform apply let's see what happens and look at that so any variable that isn't assigned a value terraform will actually prompt the user to enter in a value for that I'm going to give this a value of 10 dot zero dot one dot 0 slash 24 and so this value that I'm passing in is going to get assigned to subnet prefix and so once the AWS subnet resource runs it's going to pull that value and store it for the site or block so let's hit enter let's wait for that to run okay so the resource has been added let's take a look at the AWS console just to see if that actually worked so I'm gonna go to this prod subnet and so you can see here that it got passed in a 10.0 dot 1.0 / 24 prefix and so that just confirms that our variable is working now it's kind of a pain to have to get prompted for what the value of a variable should be so there's other ways of passing in values or assigning values to a variable and one of those is through a command-line argument and so what we can do is I can do a terraform well first let's do a terraform destroy so we can delete those resources and it looks like I spelled something wrong yep Troy and you'll see that when it needs to get destroyed it's gonna ask you for a value for that that variable that we defined but for destroying it doesn't actually matter so you can just technically just leave it blank and it should be able to destroy things just fine we only really care about passing in the proper value when we're doing an apply all right so we've destroyed the resources now let me show you guys how to assign a value to a variable through a command line argument so if we're gonna do a terraform apply we can also do a dash of our and then set a value for a variable so we're gonna reference this subnet underscore prefix variable so we'll do subnet underscore prefix and then we could set it to whatever value we want so I'm gonna do the ten dot zero dot this to 100 dad 0/24 well-hit yes and now let's double check in the console to make sure that this new value got assigned and so you can see here we've now got our 10.0 dot 100 zero so the variable assignment that got assigned on the command line argument worked now this is cool and all but you know in reality I don't think we're gonna use either one of these methods to assign variables very often the best way to do it is actually creating a separate file to assign variables and terraform automatically looks for a file called terraform TFRs for variable assignments so we can just create that file now and we'll do terraform TF bars and here we can define a value for that variable so I'm going to go back what was it called subnet prefix and so we'll do subnet underscore prefix equals and then let's give it the value that we want so we'll do 10 dot 0 dot 200 that's 0 to show that something has changed and so I'm gonna do an apply without passing in an argument it looks like it's still looking for it's still asking for assignment so let me cancel that I I messed something up I forgot to hit save probably yep well let's sleep for that to finish okay I cancelled out it so hit save all and so now because we've actually defined this variable here it should not prompt us for for a value for that variable you okay and so let's hit refresh and let's take a look at the value and so now it's set to the 10.0 at 200.000 really they're three different methods for assigning variables technically we can also use environment variables from your operating system I'm gonna hold off on using that as an example or giving you an example of how to do that because that's gonna come into play when we worry about how we're going to store our credentials for terraform instead of just hard coding it into our terraform file so in that scenario it's really good to use environment variable so I'm gonna hold off on doing a demo of that for now now the next thing I want to cover is well first of all let's say that we didn't want to use a file called terraformed at TFRs let's say we wanted to call it something else or let's say we had multiple files for multiple variables which is very common especially when you're terraform config starts to grow you know you don't want to store everything in just one file well we can tell terraform to actually look for a specific file name so if I rename this actually before I can do a terraform destroy you all right and so now I'm going to rename this - let's just say example that CFR's okay and now for terraform to actually look for that file we have to explicitly tell it to look for that file and we can do that by passing in a simple flag so I'm going to do terraform apply and we can pass in the flag - of our - file give it the name of the file so two example TF bars you and so you can see that we didn't get prompted to you know enter value for that variable because terraform was able to look at this example TFRs file and find this value now in the earlier parts of this video I did mention that one of the options to pass into a variable assignment is a default value and so this default value can be used if the user doesn't input a specific value and we can do an example of that just by deleting this right here I'll save that file and let's just assign a default value so we'll say default equals 10 and 0.66 dot 0 slash 24 so if the user doesn't input a variable assignment then terraform will automatically assign this variable at this value so once we save that we can then do a terraform apply you and there you go so even without having a value assigned to that variable you can see that it still ran and if we go to the two AWS console take a look at that you can see a guy assigned a value of 10.0 that's 50 6.0 so this is a way to apply a default value for a variable I'm gonna remove this for now just so I can do a few more demonstrations using variables within terraform I'm also gonna rename this so I don't have to keep passing in a input argument now I'm gonna show you guys how to actually perform a type constraint on a variable so in this case the subnet or the site or block needs to be a string that holds the value of our subnet and so we don't want to receive a variable of any other type other than a string and so what we can do is we can say I type equals string so now if I go to my terraformed ITF bars and do a subnet underscore prefix equals and instead of a you know assigning you know ten dot you know zero to zero slash 24 or something as a string let's say I try to put in a list and I try to assign this value all right let's see what happens now when we try to run that oops it looks like strings on a valid type specification so it must be a lower s a lowercase s see and so now it throws an error saying the given value is not a valid is not valid for a variable subnet prefix because it it checks to see if it's a string and it sees that it's not a string so it throws an error so this is just another way to make sure that you know especially when you're working on large code bases and you're sharing the your code with you know colleagues this will just make sure that your colleagues don't accidentally you know input a wrong variable type into a variable and then you know potentially see an error when they run the config so it's just a another sanity check that you can do you now while this is set to a list I want to show you guys how to actually use a list as a variable and so what I'm gonna do is I'm going to I've removed that type constraint and I'm going to create a second subnet we'll just call this a dev subnet and we'll call this subnet 2 and here we're going to specify the site or block for both of those subnets so I'll do ten dot 0.10 and then for the second one we can pass in a value of 10.0 2.0 laughs 24 we've got a list and now to reference the list all we have to do is just change this up a bit so this is going to be the first object in that list so when you're working with lists the first object can be referenced with a zero then the second one will be referenced with a value of 1 and so on so it's just like any other programming language at that - one and let's give this a shot and see if it works you and so now we've got our two different subnets the prod subnet should be a 10.0 at 1.0 and the dev subnet should be a 10.0 at 2.0 all right and there's one more thing I want to show you guys with variables I and I want to show you how to use objects within variables so right now we just have a list of strings but we can also have a list of objects too and so what I'm gonna do is I'm gonna change up the way I assign the tag so instead of assigning you know the tag or hard-coding it what I want to do is I want to have a variable it's going to look like this we're gonna have an object and we'll have two properties will have the Sider block and then we'll also have a name property and so that way the site or block will get assigned to the site or block and the name will get assigned it to the name and so we'll remove that we'll go back to our terraform TFRs file and let's see how we can actually do that so here we'll create an object and we'll assign it a cider underscore block equal that's gonna be the ten dot zero dot one dot zero slash 24 and then the neck and then we have to specify a name so would you give it a name and this is going to be broad underscore subnet that's going to be for subnet one and then for subnet two we'll do the same thing so I'll assign a property of site or underscore block and we'll set that equal to 10.0 tattooed 0/24 and then the second property is going to be the name that's gonna be set to dev underscore subnet and so we're gonna have to update a few things here and so under the cider block we want to grab the cider block property and now for the name we're going to have to reference that variable of our dot subnet prefix want to grab the first item and we'll do dot name and I'll copy this and just paste it down here just make sure to update it so it's the second object you yep and there you have it guys we were able to now use a variable which is a list of objects to assign values within our terraform configuration file so there's a lot of flexibility with variables you definitely want to make use of them for as much as possible so that you're not retyping the same thing over and over across large configs and so just keep in mind I it was a little confusing at first for me especially because we have to you know define the variable but we don't assign it here we have to assign it in the TF VARs file so just keep that in mind and the TF files you define a variable and then TF bars you actually assign it a value
Info
Channel: Sanjeev Thiyagarajan
Views: 4,833
Rating: undefined out of 5
Keywords: terraform, aws, cloud, automation, hashicorp, azure, gcp, crash, course
Id: b1P2AH9bjpI
Channel Id: undefined
Length: 140min 58sec (8458 seconds)
Published: Mon Jun 08 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.