Terraform AWS Infrastructure Setup

This skill guides you through setting up and managing AWS infrastructure using Terraform, HashiCorp's Infrastructure as Code (IaC) tool.

What This Skill Does

Helps users create, manage, and destroy AWS infrastructure using Terraform. Covers the complete Terraform workflow from installation through collaboration with HCP Terraform (Terraform Cloud).

Instructions

Step 1: Install Terraform

Install Terraform on the user's system based on their operating system:

**macOS (using Homebrew):**

```bash

brew tap hashicorp/tap

brew install hashicorp/tap/terraform

```

**Linux (Ubuntu/Debian):**

```bash

wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list

sudo apt update && sudo apt install terraform

```

**Windows (using Chocolatey):**

```powershell

choco install terraform

```

**Verify installation:**

```bash

terraform version

```

Step 2: Configure AWS Authentication

Set up AWS credentials for Terraform to authenticate:

```bash

Option 1: AWS CLI configuration (recommended)

aws configure

Option 2: Environment variables

export AWS_ACCESS_KEY_ID="your-access-key"

export AWS_SECRET_ACCESS_KEY="your-secret-key"

export AWS_DEFAULT_REGION="us-east-1"

```

Step 3: Create Terraform Configuration

Guide the user to create a basic Terraform configuration file (`main.tf`):

```hcl

terraform {

required_providers {

aws = {

source = "hashicorp/aws"

version = "~> 5.0"

}

}

}

provider "aws" {

region = var.aws_region

}

Example: Create an EC2 instance

resource "aws_instance" "example" {

ami = var.ami_id

instance_type = var.instance_type

tags = {

Name = "TerraformExample"

}

}

```

Create a variables file (`variables.tf`):

```hcl

variable "aws_region" {

description = "AWS region"

type = string

default = "us-east-1"

}

variable "ami_id" {

description = "AMI ID for EC2 instance"

type = string

}

variable "instance_type" {

description = "EC2 instance type"

type = string

default = "t2.micro"

}

```

Create an outputs file (`outputs.tf`):

```hcl

output "instance_id" {

description = "ID of the EC2 instance"

value = aws_instance.example.id

}

output "instance_public_ip" {

description = "Public IP of the EC2 instance"

value = aws_instance.example.public_ip

}

```

Step 4: Initialize Terraform

Initialize the Terraform working directory:

```bash

terraform init

```

This downloads the AWS provider plugin and sets up the backend.

Step 5: Validate and Plan

Validate the configuration syntax:

```bash

terraform validate

```

Create an execution plan to preview changes:

```bash

terraform plan

```

Review the plan output to ensure it matches expectations before applying.

Step 6: Apply Configuration

Apply the configuration to create infrastructure:

```bash

terraform apply

```

Type `yes` when prompted to confirm.

Step 7: Manage Infrastructure Changes

When updating infrastructure:

1. Modify the Terraform configuration files

2. Run `terraform plan` to preview changes

3. Run `terraform apply` to apply changes

4. Use `terraform show` to inspect current state

5. Use `terraform output` to view output values

Step 8: Use Modules (Optional)

Guide users to use Terraform modules for reusable infrastructure components:

```hcl

module "vpc" {

source = "terraform-aws-modules/vpc/aws"

version = "5.1.0"

name = "my-vpc"

cidr = "10.0.0.0/16"

azs = ["us-east-1a", "us-east-1b"]

private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]

public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]

}

```

Step 9: Configure HCP Terraform (Optional)

For team collaboration, configure HCP Terraform (Terraform Cloud):

Add a `cloud` block to your Terraform configuration:

```hcl

terraform {

cloud {

organization = "your-org-name"

workspaces {

name = "your-workspace-name"

}

}

required_providers {

aws = {

source = "hashicorp/aws"

version = "~> 5.0"

}

}

}

```

Authenticate with HCP Terraform:

```bash

terraform login

```

Migrate local state to HCP Terraform:

```bash

terraform init

```

Step 10: Destroy Infrastructure

When infrastructure is no longer needed:

**Remove a specific resource:**

**Destroy all infrastructure:**

```bash

terraform destroy

```

Type `yes` when prompted to confirm deletion.

Key Concepts

Best Practices

1. **Never commit state files or secrets** to version control

2. **Use remote state** (S3 + DynamoDB or HCP Terraform) for team collaboration

3. **Pin provider versions** to avoid unexpected changes

4. **Use variables** for environment-specific values

5. **Run `terraform plan`** before every `apply`

6. **Use modules** for reusable infrastructure patterns

7. **Tag resources** consistently for cost tracking and organization

8. **Use workspaces** for managing multiple environments (dev, staging, prod)

Example Usage

**User:** "Help me set up Terraform to manage AWS infrastructure"

**Agent:** Guides through installation, AWS authentication, and creating a basic configuration.

**User:** "Create an EC2 instance with Terraform"

**Agent:** Generates `main.tf`, `variables.tf`, and `outputs.tf` for an EC2 instance, then walks through `init`, `plan`, and `apply`.

**User:** "How do I destroy my Terraform-managed infrastructure?"

**Agent:** Explains `terraform destroy` and the option to remove specific resources by editing configuration.

Constraints

References