Terraform: Helps to build your cloud infrastructure without GUI but with configurable and reusable infrastructure code !

Installation: wget https://www.terraform.io/downloads.html

Terraform extensions:
-.tfvars: To set the environment variables used in terraform modules.
-.tf: root file. Can have many .tf files in a directory and reference it as child modules.
-terraform.tfstate: created after building the infrastructure displaying every details. Be alert when pushing it into github it has sensitive informations such as secret key and access, other passwords. If it is pushed, you are just asking people to come and hack you!
-terraform.tfstate.backup: created as backup file after destroying infrastructure.

Terraform commands:
-terraform init: initializ the requiremnets based upon the code.
-terraform plan: displays, what it is going to create based upon the code
-terraform apply: to start actually creating THE Plan! For every code change run this command.
-terraform destroy: To delete built infratsructure.
-terraform output: To list all outputs
-terraform refresh:

Terraform keywords and formats:

  • providers: Tells which service provider to use.
    Terraforms can create infrastructures on many platforms such as AWS, Azure, Google Cloud, DigitalOcean... etc.
    region: to specify where to build infrastructure.
 provider "aws" {
  region = "us-east-2"
  • resource: AWS provides different kinds of resources such as VPC, security group, instances.. etc. Hence resource will tell what kind of resource we want to use from providers and give a name followed by configuring neccessary inputs related to it.
    syntax: resource "<PROVIDER>_<TYPE>" "<NAME>" { [CONFIG …] }
resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"

-variables: To be used anywhere, anytime and configured according to needs. Hence, define the variables in file.
Assign the variable value prior to the execution or take the inputs from the user. Can also put type constraints on user's input.
syntax: variable "NAME" { [CONFIG ...] }

 variable "aws_access_key" {}
 variable "aws_secret_key" {}

 variable "aws_region" {
    description = "EC2 Region for the VPC"
    default = "ap-south-1"

-output: Give a name to an output variable, mention what outputs of terraform want to be seen. Configuration contains description to describe what it is displaying and sensitive option when set to true hides all delicate information..such as passwords.
syntax:output "<NAME>" { value = <VALUE> [CONFIG ...] }
-Provisioner: Once the resource is created at the destination, Provisioner can execute a local command..such as running an ansible script.
a. local-exec: To run a script on instance where we are running our terraform code, not on the resource we are creating.
b. remote-exec: To invoke a script on the remote resource once it is created

  • reference: Mostly used concept for ease i.e. To access values from other parts of your code.
    To create security group prior to EC2, we would just call the security group code written to be created inside the instance as shown in example.
    we would say aws is the provider, and we are calling security_group owning the name ingress-all-test as id attribute.
 resource "aws_security_group" "ingress-all-test" {
 name = "allow-all-sg"
 vpc_id = "${aws_vpc.vnetwork.id}"
 ingress {
    cidr_blocks = [

 resource "aws_instance" "test-ec2-instance" {
  ami = "${var.ami_id}"
  instance_type = "t2.micro"
  security_groups = ["${aws_security_group.ingress-all-test.id}"] #calling.
  tags = {

PS: More to be updated for quick start !