devops:terraform
This is an old revision of the document!
Terraform
Installation https://askubuntu.com/questions/983351/how-to-install-terraform-in-ubuntu
Introduction: https://www.terraform.io/intro/getting-started/build.html
Skeleton project https://github.com/skipidar/terraform-skeleton
Apply terraform bash script
#!/bin/bash set -eo pipefail if [[ ! -d ".terraform" ]] then terraform init fi terraform validate terraform plan #terraform apply
Main
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
profile = "default"
region = format("%s", var.aws_region)
}
Variables
Create “variables.tf”
variable "aws_region" {
description = "The AWS region to deploy the resources into"
type = string
default = "eu-central-1"
}
variable "aws_account_id" {
description = "The AWS account identifier of the project"
type = string
default = "453267903880"
}
variable "prefix" {
description = "The resource prefix"
type = string
default = "alf-dev-con1"
}
locals {
iot_policy = "${var.prefix}-thing2"
}
Use the variable
provider "aws" {
profile = "default"
region = var.region
}
Data
data "template_file" "tf_iot_policy" {
vars = {
aws_region = "${var.aws_region}"
aws_account_id = "${var.aws_account_id}"
}
template = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect",
"iot:Publish",
"iot:Receive",
"iot:Subscribe"
],
"Resource": "arn:aws:iot:$${aws_region}:$${aws_account_id}:*"
}
]
}
EOF
}
Usage
resource "aws_iot_policy" "iot_policy" {
name = "${local.iot_policy}"
policy = "${data.template_file.tf_iot_policy.rendered}"
}
devops/terraform.1631390015.txt.gz · Last modified: by skipidar