Contents

Sample Terraform Script

Sample Terraform code

Website Visitors:

This is a sample terraform script which shows how you can deploy VPC, subnet, routes, instance and output the instance’s public ip. We want to use this environment for Jenkins. So, we have added a keyword called “jenk” in all the resources to recognize them easily in AWS.

Sample script

Variables file(file name variables.tfvars):

1
2
3
4
5
aws_access_key = ""
aws_secret_key = ""
aws_ssh_key_name = ""
private_key_path = ""
jenkregion = ""

Terraform script:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
variable "aws_access_key" {}
variable "aws_secret_key" {}
variable "jenkregion" {}
variable "aws_ssh_key_name" {}
variable "private_key_path" {}

variable "vpcCidr" {
  default = "10.0.0.0/16"
}

variable "subnetcidr" {
  default = "10.0.0.0/24"
}

variable "az" {
    default = "ap-south-1a"
}

provider "aws" {
  access_key = var.aws_access_key
  secret_key = var.aws_secret_key
  region     = var.jenkregion
}

#create vpc
resource "aws_vpc" "jenkVPC" {
  cidr_block = var.vpcCidr
  tags = {
    "Name" = "jenkVPC"
  }
}

#create subnet
resource "aws_subnet" "jenksubnet" {
  cidr_block              = var.subnetcidr
  vpc_id                  = aws_vpc.jenkVPC.id
  map_public_ip_on_launch = "true"
  availability_zone = data.aws_availability_zones.available.names[0]
  tags = {
    "Name" = "jenksubnet"
  }

}

# Internet Gateway
resource "aws_internet_gateway" "jenkInternetGateway" {
  vpc_id = aws_vpc.jenkVPC.id
  tags = {
    "Name" = "JenkIntGateway"
  }
}

# Route table
resource "aws_route_table" "jenkRouteTable" {
  vpc_id = aws_vpc.jenkVPC.id
  tags = {
    "Name" = "JenkRouteTable"
  }
}

resource "aws_route" "jenkroute" {
    gateway_id = aws_internet_gateway.jenkInternetGateway.id
    route_table_id = aws_route_table.jenkRouteTable.id
    destination_cidr_block = "0.0.0.0/0"
}

# Route table association
resource "aws_route_table_association" "jenksubnetassociation" {
  subnet_id      = aws_subnet.jenksubnet.id
  route_table_id = aws_route_table.jenkRouteTable.id
}

resource "aws_security_group" "jenksecuritygroup" {
  vpc_id = aws_vpc.jenkVPC.id
  tags = {
    "Name" = "jenkSecurityGroup"
  }
}

resource "aws_security_group_rule" "SSHportin" {
  description       = "Allow SSH port"
  type              = "ingress"
  security_group_id = aws_security_group.jenksecuritygroup.id
  from_port         = 22
  to_port           = 22
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
}

resource "aws_security_group_rule" "HTTPportin" {
  description       = "Allow HTTP port"
  type              = "ingress"
  security_group_id = aws_security_group.jenksecuritygroup.id
  from_port         = 80
  to_port           = 80
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
}

resource "aws_security_group_rule" "SSHportout" {
  description       = "Allow SSH port"
  type              = "egress"
  security_group_id = aws_security_group.jenksecuritygroup.id
  from_port         = 443
  to_port           = 443
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
}

resource "aws_security_group_rule" "HTTPportout" {
  description       = "Allow HTTP port"
  type              = "egress"
  security_group_id = aws_security_group.jenksecuritygroup.id
  from_port         = 80
  to_port           = 80
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
}

data "aws_availability_zones" "available" {
  state = "available"
}

resource "aws_instance" "JenkinsInstance" {
  ami                    = "ami-068257025f72f470d"
  instance_type          = "t2.micro"
  subnet_id              = aws_subnet.jenksubnet.id
  vpc_security_group_ids = [aws_security_group.jenksecuritygroup.id]
  key_name               = var.aws_ssh_key_name
  availability_zone = data.aws_availability_zones.available.names[0]

  provisioner "file" {
      //file copy commands. In the same folder you have this terraform script, you should have a file called script.sh. 
      //Terraform will copy this file to the aws instance after creation.
      source      = "script.sh"
      destination = "/home/ubuntu/script.sh"

    connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ubuntu"
      private_key = "${file("LinuxKeyPair.pem")}"
    }
  }
    root_block_device {
      volume_size = 30
    }
  tags = {
    Name = "JenkinsMaster"
  }
}

output "instance-dns" {
  value = aws_instance.JenkinsInstance.public_ip
}

Commands to run above script:

1
2
3
terraform plan -var-file=variables.tfvars
terraform apply -var-file=variables.tfvars
terraform destroy -var-file=variables.tfvars

Terraform script to deploy another instance by using the resources like security group, VPC, subnet created from above script:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
variable aws_access_key {}
variable aws_secret_key {}
variable aws_ssh_key_name {}
variable private_key_path {}
variable region {}

provider aws {
    access_key = var.aws_access_key
    secret_key = var.aws_secret_key
    region = var.region
}

// Using the data sources we refer to existing resources in aws. 
//All the below defined data sources like securitygroup, vpc, subnet are already created by above script. We are referring to them using the data sources as shown below.

data "aws_vpc" "VPC" {
  filter {
    name = "tag:Name"
    values = ["jenkVPC"]
  }
}

data "aws_subnet" "subnet" {
    filter {
      name = "tag:Name"
      values = ["jenksubnet"]
    }
}

data "aws_availability_zones" "az" {
    state = "available"  
}

data "aws_security_group" "sg" {
    filter {
    name   = "tag:Name"
    values = ["jenkSecurityGroup"]
  }
}
resource "aws_instance" "JenkinsInstance" {
  ami                    = "ami-068257025f72f470d"
  instance_type          = "t2.micro"
  subnet_id              = data.aws_subnet.subnet.id
  vpc_security_group_ids = [data.aws_security_group.sg.id]
  key_name               = var.aws_ssh_key_name
  availability_zone = data.aws_availability_zones.az.names[0]

   connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ubuntu"
      private_key = "${file("LinuxKeyPair.pem")}"
    }
    root_block_device {
      volume_size = 30
    }
  tags = {
    Name = "JenkinsNode"
  }
}

output "instance-dns" {
  value = aws_instance.JenkinsInstance.public_ip
}

Suggested Article

If you’d like to go through Terraform definitions, you can do it here. All other DevOps categories are listed here: DevOps Tools. Have a look at the posts as per your topic of interest.

Conclusion

In this tutorial, we’ve provided you with a sample Terraform script and its basic usage. We’ve also demonstrated examples for all the topics that are discussed. We hope you have learned something new in this article.

Please feel free to share your thoughts about this article in the comments section below.

Your inbox needs more DevOps articles.

Subscribe to get our latest content by email.