DEV Community

Garry Xiao
Garry Xiao

Posted on

Start Terraform from zero

Terraform - Automate Infrastructure on Any Cloud. https://www.terraform.io/

Preparation:
Visual Studio Code + HashiCorp Terraform extension

Provider
Provider for the environment is always in the first position. We take Azure Provider as an example. The Azure Provider can be used to configure infrastructure in Microsoft Azure using the Azure Resource Manager API's. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs. We could create a "provider.tf" to cover the configuration:

# We strongly recommend using the required_providers block to set the
# Azure Provider source and version being used
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">=3.0.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  features {}
}

# Create a resource group
resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

# Create a virtual network within the resource group
resource "azurerm_virtual_network" "example" {
  name                = "example-network"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  address_space       = ["10.0.0.0/16"]
}
Enter fullscreen mode Exit fullscreen mode

Provider Data
How to access current provider data? That's Data Source: azurerm_client_config. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config. Define the data and use it like the code shows.

data "azurerm_client_config" "current" {
}

output "account_id" {
  value = data.azurerm_client_config.current.client_id
}
Enter fullscreen mode Exit fullscreen mode

Resources
Define resources you want, like:

# Resource Group
# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group
resource "azurerm_resource_group" "example" {
  name     = "example"
  location = "West Europe"
}

# Key Vault
resource "azurerm_key_vault" "kv" {
  name                            = "KV"
  location                        = azurerm_resource_group.example.location
  resource_group_name             = azurerm_resource_group.example.name
  enabled_for_disk_encryption     = false
  enabled_for_deployment          = true
  enabled_for_template_deployment = true
  tenant_id                       = data.azurerm_client_config.current.tenant_id

  sku_name = "standard"
  network_acls {
    default_action = "Allow"
    bypass         = "AzureServices"
  }
}

# Service bus namespace
resource "azurerm_servicebus_namespace" "example" {
  name                = "example"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  sku                 = "Standard"
}

# Service bus topic
resource "azurerm_servicebus_topic" "example" {
  name                = "example"
  namespace_id        = azurerm_servicebus_namespace.metro60_namespace.id
  enable_partitioning = true
}
Enter fullscreen mode Exit fullscreen mode

Variables
https://developer.hashicorp.com/terraform/language/values/variables

Each input variable accepted by a module must be declared using a variable block:

variable "image_id" {
  type        = string
  description = "The id of the machine image (AMI) to use for the server."
  default     = "abc"
  validation {
    condition     = length(var.image_id) > 4 && substr(var.image_id, 0, 4) == "ami-"
    error_message = "The image_id value must be a valid AMI id, starting with \"ami-\"."
  }
}

# Local variables within modules
locals {
  image_id_len = length(var.image_id)
}
Enter fullscreen mode Exit fullscreen mode

Then we could use "var.image_id" and "local.image_id_len" for institution in the codes.

Git ignore

# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version 
# control as they are data points which are potentially sensitive and subject 
# to change depending on the environment.
*.tfvars
*.tfvars.json

# Local .terraform directories
**/.terraform/*

# Local .tfstate files
*.tfstate
*.tfstate.*
**/override.tf
*.terraform.lock.hcl
Enter fullscreen mode Exit fullscreen mode

Top comments (0)