TERRAFORM

make one folder projectB projectB : make one file index.html generate key : ssh-kegen  VIM AR.TF   provider "aws" {   region     = "us-east-1"   access_key = "AUGQ"   secret_key = "Kt1aurid" } variable "privatekey" {   default = "dev" } resource "aws_key_pair" "dev" {   key_name   = "dev"   public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhI176Z0ylP2WdWAbI2hrFf5oEHlnZ0zcSm85SGysuwx/lMl0F+muOcke0wS90f5NU+bUAKNL2hWFozx/HxEtaquM77go+eWY9lg1E7q9Ls8nzVv1pddNgtS7Cihgzd7UaXDq0ayhOUBO1y6nMZYobFNy4E63vBuCYyhHwPAT7mheZm2GphKYrkd1Qt4qvcZcJ4CBmjCwQ3VBdwOhk8ZdKc7BdpLNPENNCLkzswhNcpRInRADMAM1ZgPikKt8wEaeMX/Hg2Mrk0MS49mYFnPxc1G5DuSsW7P9L+7IzbGI2pl4RSLM8/IlFef/i1HWgdaDCJpejgxLX4Hux9EUyqtd1 root@ip-172-31-46-6.ap-south-1.compute.internal" } resource "aws_instance" "web" {   ami           = "ami-02e136e904f3da870"   instance_type = "t3.nano"   key_name = "d...

 Apache configration via terraform using provisioner in every instance use key pair  craete one file index.html write anything   here we haven't used security group it will use the default but make sure you will go to inbound rules do it anywhere. now check public IP it will show our index message  if we want to go inside instance  ssh -I developer ec2-user@publickey ==================================================== VI AWS.TF provider "aws" {   region     = "us-east-1"   access_key = "AQ"   secret_key = "Kaurid" } resource "aws_key_pair" "developer" {   key_name   = "developer"   public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhI176Z0ylP2WdWAbI2hrFf5oEHlnZ0zcSm85SGysuwx/lMl0F+muOcke0wS90f5NU+bUAKNL2hWFozx/HxEtaquM77go+eWY9lg1E7q9Ls8nzVv1pddNgtS7Cihgzd7UaXDq0ayhOUBO1y6nMZYobFNy4E63vBuCYyhHwPAT7mheZm2GphKYrkd1Qt4qvcZcJ4CBmjCwQ3VBdwOhk8ZdKc7BdpLNPENNCLkzswhNcpRInRADMAM1ZgPikKt8wEaeMX/Hg2Mrk0MS49mYFnPxc1...

NOTE: make three directory  mkdir project1  - handled by harry mkdir project1     - danish mkdir project1    - moon vim aws,tf make three instances multiple ppl are working on project1 harry wrote script now danish want to add more so he will copy code from harry and do changes    cp /root/project_a/aws.tf . once danish will try to add some changes but it didnt got backup file.  so it will craete new setup because in his local system state file was NOT existed if danish want to work on same file then he need tfstate file as well cp /root/project_a/aws.tf . cp /root/project_a/terraform.tfstate . store tfstste file in remote  search terraform s3 remote create s3 bucket terraform {   backend "s3" {     bucket = "mybucket"--- bucketname     key    = "abid/moon" inside bucket it will create two folders  abid -- inisde -- moon     region = "us-east-1"     access_key =   ...

 note: if we need information about resources like elastic IP, volume etc .  provider "aws" {   region     = "us-east-1"   access_key = "AGQ"   secret_key = "Kkt1aurid" } resource "aws_instance" "web" {   ami           = "ami-02e136e904f3da870"   instance_type = "t3.micro"   tags = {     Name = "moon"   } } resource "aws_vpc" "main" {   cidr_block       = "10.0.0.0/16"   instance_tenancy = "default"   tags = {     Name = "main"   } } ===================================================== VIM OUTPUT.TF output "instance-wrnhole" {   value = aws_instance.web.arn } output "instance-id" {   value = aws_instance.web.id } output "instance-ami" {   value = aws_instance.web.ami } output "vpc-cidr" {   value = aws_vpc.main.cidr_block } output "vpc-tedency" {   value = aws_vpc.main.instance_tenancy } output ...

  NOTE:  we can use multiple services from one account. we can use tag for each resource . ==local value is good concept than tags ==  if we need to change tag only we need to change local value.. provider "aws" {   region     = "us-east-1"   access_key = "AUGQ"   secret_key = "Kfkt1aurid" } locals {   common_tag = {    Name = "uk-project"    Owner = "moon" } } locals {  usa = {  Name = "us-pro" } } resource "aws_instance" "web" {   ami           = "ami-0ed9277fb7eb570c9"   instance_type = "t3.micro"   tags           = local.common_tag } resource "aws_vpc" "main" {   cidr_block       = "10.0.0.0/16"   instance_tenancy = "default"   tags           = local.common_tag } resource "aws_ebs_volume" "example" {   availability_zone = "us-east-1a"   size    ...

 while copying snap from one to another we need to change region provider "aws" {   region     = "us-west-1"   access_key = "AGQ"   secret_key = "Kurid" } resource "aws_ebs_snapshot_copy" "example_copy" {   source_snapshot_id = "snap-08bc5c27dad8e82b3"   source_region      = "us-east-1"   tags = {     Name = "HelloWorld_copy_snap"   } }

 provider "aws" {   region     = "us-east-1"   access_key = "AUGQ"   secret_key = "Kf1aurid" } resource "aws_ebs_volume" "example" {   availability_zone = "us-east-1a"   size              = 10   tags = {     Name = "HelloWorld"   } } resource "aws_ebs_snapshot" "example_snapshot" {   volume_id = aws_ebs_volume.example.id   tags = {     Name = "HelloWorld_snap"

  NOTE:  AWS_AMI_COPY - COPY CODE  write ami id and the region we are in .  if we want to copy ami in california region . we need to change region in "provider " region= "us-west-1" provider "aws" {   region     = "us-west-1"   access_key = "AKIAUGQ"   secret_key = "Kurid" } resource "aws_ami_copy" "example" {   name              = "terraform-example-COPY"   description       = "COPY AMI"   source_ami_id     = "ami-0e7540ad79b0d2157"   source_ami_region = "us-east-1"   tags = {     Name = "HelloWorld"   } }

NOTE :aws_ami_instance - copycode- write instance id   provider "aws" {   region     = "us-east-1"   access_key = "AKGQ"   secret_key = "K1aurid" } resource "aws_ami_from_instance" "example" {   name               = "terraform-example-1234"   source_instance_id = "i-0eb972fc55778b641" }

NOTE :  GO TO VOLUME - ACTIONS - CRAETE SNAPSHOT  GO TO DOCS - EC2- AWS_AMI - COPY CODE- type snapshot id  provider "aws" {   region     = "us-east-1"   access_key = "AQ"   secret_key = "Kfkt1aurid" } resource "aws_ami" "ami_jammu" {   name                = "terraform-example"   virtualization_type = "hvm"   root_device_name    = "/dev/xvda"   ebs_block_device {     device_name = "/dev/xvda"     snapshot_id = "snap-04e091a83626419c9"     volume_size = 8   } }

CONDITIONAL STATEMENT EXAMPLE provider "aws" {   region     = "us-east-1"   access_key = "AUGQ"   secret_key = "KMdfVkt1aurid" } variable "image" {   type    = list   default = ["ami-02e136e904f3da870", "ami-02e136e904f3da870", "ami-02e136e904f3da870"] } variable "instancetype" {   type    = map   default = {     "dev" = "t2.small",     "test" = "t2.medium",     "prod" = "t2.large" } } variable input {} resource "aws_instance" "dev" {   instance_type = var.instancetype["dev"]   ami = var.image[0]   count = var.input == "dev" ? 1 : 0   tags = {    Name = "dev-dep" } } resource "aws_instance" "test" {   instance_type = var.instancetype["test"]   ami = var.image[1]   count = var.input == "test" ? 2 : 0   tags = {    Name = "test-dep" } } resou...

   NOTE:  we can use multiple services from one account. we can use tag for each resource. ==local value is a good concept than tags == if we need to change tag only we need to change local value. vim aaa.tf provider "aws" {   region     = "us-east-1"   access_key = "AUGQ"   secret_key = "Kft1aurid" } locals {   common_tag = {    Name = "uk-project"    Owner = "moon" } } locals {  usa = {  Name = "us-pro" } } resource "aws_instance" "web" {   ami           = "ami-0ed9277fb7eb570c9"   instance_type = "t3.micro"   tags           = local.common_tag } resource "aws_vpc" "main" {   cidr_block       = "10.0.0.0/16"   instance_tenancy = "default"   tags           = local.common_tag } resource "aws_ebs_volume" "example" {   availability_zone = "us-east-1a"   size ...

# Adding big values into logical names use default value demo.auto.tfvars provider "aws" {   region     = "us-east-1"   access_key = "AGQ"   secret_key = "KVkt1aurid" } resource "aws_instance" "new" {   ami           = var.image   instance_type = var.instancetype   tags = {     Name = "new"   } } resource "aws_instance" "old" {   ami           = var.image   instance_type = var.instancetype   tags = {     Name = "old"   } } --------------------------------------------------------------------------------------------- demo.auto.tfvar instancetype="t2.nano" image="ami-02e136e904f3da870" ====================================== variables.tf variable "instancetype"  { } variable "image"  { }

NOTE:  AWS_AMI_COPY - COPY CODE  write ami id and the region we are in .  if we want to copy ami in california region . we need to change region in "provider " region= "us-west-1" provider "aws" {   region     = "us-west-1"   access_key = "AUGQ"   secret_key = "KffVkt1aurid" } resource "aws_ami_copy" "example" {   name              = "terraform-example-COPY"   description       = "COPY AMI"   source_ami_id     = "ami-0e7540ad79b0d2157"   source_ami_region = "us-east-1"   tags = {     Name = "HelloWorld"   } }

  CREATE EBS VOLUME AND SNAPSHOT  VI EBS.TF  provider "aws" {   region     = "us-east-1"   access_key = "AKIBKVUGQ"   secret_key = "KfU3xN99jTMdfVkt1aurid" } resource "aws_ebs_volume" "example" {   availability_zone = "us-east-1a"   size              = 10   tags = {     Name = "HelloWorld"   } } resource "aws_ebs_snapshot" "example_snapshot" {   volume_id = aws_ebs_volume.example.id   tags = {     Name = "HelloWorld_snap"

 vim var.tf provider "aws" {   region     = "us-east-1"   access_key = "AKIGQ"   secret_key = "KfU0tFVkt1aurid" } resource "aws_instance" "new" {   ami           = var.image   instance_type = var.instancetype   tags = {     Name = "new"   } } resource "aws_instance" "old" {   ami           = var.image   instance_type = var.instancetype   tags = {     Name = "old"   } } vim variables.tf variable "instancetype"  { } variable "image"  { } values.auto.tfvar instancetype="t2.nano" image="ami-02e136e904f3da870"

 provider "aws" {   region     = "us-east-1"   access_key = "AKIARBKVUGQ"   secret_key = "KfU0tFpao0b+B63xN99jTMdfVkt1aurid" } resource "aws_vpc" "cloud-vpc" {   cidr_block       = "10.0.0.0/16"   instance_tenancy = "default"   tags = {     Name = "cloud-vpc"   } } # resource "aws_subnet" "public-subnet" {   vpc_id     = aws_vpc.cloud-vpc.id   cidr_block = "10.0.1.0/24"   tags = {     Name = "public-subnet"   } } resource "aws_subnet" "private-subnet" {   vpc_id     = aws_vpc.cloud-vpc.id   cidr_block = "10.0.2.0/24"   tags = {     Name = "private-subnet"   } } resource "aws_security_group" "moon_security" {   name        = "moon_security"   description = "Allow TLS inbound traffic"   vpc_id      = aws_vpc.cloud-vpc.id   ingress {       descripti...

  Note: aws_ami_instance - copycode- write instance id  vim sss.tf provider "aws" {   region     = "us-east-1"   access_key = "AKIARUPJBF76BKVUGQ"   secret_key = "KfU0tFpao0b+Bc+GG63xN99jTMdfVkt1aurid" } resource "aws_ami_from_instance" "example" {   name               = "terraform-example-1234"   source_instance_id = "i-0eb972fc55778b641" }

AWS_AMI_COPY - COPY CODE  write ami id and the region we are in  important if we want to copy ami in california region . we need to change region in "provider " region= "us-west-1" vim moon.tf  provider "aws" {   region     = "us-west-1"   access_key = "AKIN6BKVUGQ"   secret_key = "KfU0tFpao0b+GG63xN99jTMdfVkt1aurid" } resource "aws_ami_copy" "example" {   name              = "terraform-example-COPY"   description       = "COPY AMI"   source_ami_id     = "ami-0e7540ad79b0d2157"   source_ami_region = "us-east-1"   tags = {     Name = "HelloWorld"   } }

 vim ami.tf provider "aws" {   region     = "us-east-1"   access_key = "AKIARUPJBFKVUGQ"   secret_key = "KfU0tFpao0+GG63xN99jTMdfVkt1aurid" } resource "aws_ami" "ami_jammu" {   name                = "terraform-example"   virtualization_type = "hvm"   root_device_name    = "/dev/xvda"   ebs_block_device {     device_name = "/dev/xvda"     snapshot_id = "snap-04e091a83626419c9"     volume_size = 8   } } CREATRE AMI VIA TERRAFORM FIRST WAY  TAKE A SNAPSHOT OF ROOT VOLUME AND CREATE AN AMI GO TO VOLUME - ACTIONS - CREATE SNAPSHOT  GO TO DOCS - EC2- AWS_AMI - COPY CODE- type snapshot id

 NOTE: once we make-instance it doesn't provide elastic IP, security group and key pair. go to docs  copy key pair code  go to the main console type ssh-keygen  type key name afreen  enter twice ls vim afreen.pub copy key  and paste in code     vim key.tf  provider "aws" {   region     = "us-east-1"   access_key = "AKIARUPJBFN6BKVUGQ"   secret_key = "KfU0tFpao0bDvc+GG63xN99jTMdfVkt1aurid" } resource "aws_instance" "web" {   ami           = "ami-02e136e904f3da870"   instance_type = "t2.micro"   key_name      = "afreen"   vpc_security_group_ids  = [aws_security_group.apple.id]   tags = {     Name = "HelloWorld"   } } resource "aws_key_pair" "moon" {   key_name   = "afreen"   public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCms+0pf8D2EEtdnVA3v+zc/P7ztVP/DrmdKOB1ZRfy2NYQ7faxKTuvVrNdzKvEdyxmnwK3+/+PrYL...

Note: use your own access key and secret key   vim abid.tf provider "aws" {   region     = "us-east-1"   access_key = "AKIARUPJBF7JBKVUGQ"   secret_key = "KfU0tFpao0b+BOGG63xN99jTMdfVkt1aurid" } resource "aws_instance" "web" {   ami           = "ami-02e136e904f3da870"   instance_type = "t2.micro"   tags = {     Name = "HelloWorld"   } } Now use terraform init tio download all plugins  terraform apply       - what it will do terraform apply          - to run code terraform destroy         - to delete the instance 

       wget https://releases.hashicorp.com/terraform/1.1.7/terraform_1.1.7_linux_amd64.zip      ls      unzip terraform_1.1.7_linux_amd64.zip      ll      rm -rf terraform_1.1.7_linux_amd64.zip      cp terraform /bin/      terraform

                                            Terraform is not a cloud-agnostic tool It’s not a magic wand that gives you power over all clouds and systems. It embraces all major Cloud Providers and provides a common language to orchestrate your infrastructure resources.                                         Terraform  ● A provisioning declarative tool that based on Infrastructure as a Code paradigm  ● Uses own syntax - HCL (Hashicorp Configuration Language)  ● Written in Golang ● Helps to evolve you infrastructure, safely and predictably  ● Applies Graph Theory to IaaC  ● Terraform is a multipurpose composition tool:  ○ Composes multiple tiers (SaaS/PaaS/IaaS) ○ A plugin-based architecture model  ● Open-source. Backed by Hashicorp company and Ha...