Infrastructure as Code with Terraform

What is Infrastructure as Code?

Infrastructure as Code (IaC) is the practice of defining and managing infrastructure using code and automation rather than manual processes. This enables version control, reproducibility, and scalability.

Introduction to Terraform

Terraform is an open-source tool that allows you to define infrastructure using a declarative configuration language (HCL - HashiCorp Configuration Language).

Why Use Terraform?

• Supports multiple cloud providers (AWS, Azure, GCP, etc.)
• Infrastructure as code for version control
• Reproducible environments
• Easy to share and collaborate
• Plan before applying changes
• Destroy infrastructure easily

Terraform Basics

Provider

Specifies which cloud provider you're using.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

Resources

Define the infrastructure components you want to create.

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
  
  tags = {
    Name = "MyEC2Instance"
  }
}

Variables

Make your configuration flexible and reusable.

variable "instance_type" {
  description = "EC2 instance type"
  type        = string
  default     = "t2.micro"
}

variable "instance_count" {
  description = "Number of instances"
  type        = number
  default     = 1
}

Outputs

Export values from your infrastructure.

output "instance_ip" {
  value       = aws_instance.example.public_ip
  description = "Public IP of the instance"
}

Common Terraform Commands

# Initialize Terraform working directory
terraform init

# Format Terraform files
terraform fmt

# Validate configuration syntax
terraform validate

# Plan changes (preview)
terraform plan

# Apply changes
terraform apply

# Destroy infrastructure
terraform destroy

# Show current state
terraform show

# List resources in state
terraform state list

Best Practices

• Use remote state backend (S3, Terraform Cloud)
• Store sensitive variables in .tfvars files (not in VCS)
• Use modules to organize code
• Name resources descriptively
• Use workspaces for different environments
• Implement proper access controls
• Document your infrastructure

Example: Complete AWS Setup

# VPC
resource "aws_vpc" "main" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true
  
  tags = {
    Name = "main-vpc"
  }
}

# Subnet
resource "aws_subnet" "main" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = "10.0.1.0/24"
  availability_zone = "us-east-1a"
  
  tags = {
    Name = "main-subnet"
  }
}

# Security Group
resource "aws_security_group" "web" {
  name   = "web-sg"
  vpc_id = aws_vpc.main.id
  
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}