Terraform is an open-source infrastructure as code (IaC) software tool created by HashiCorp. It provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files. It reads configuration files and provides an execution plan of changes, which can be reviewed for safety and then applied and provisioned as per the requirement.
We can create AWS resources using Terraform and the .tf script can be executed either locally or on any cloud platform. In this article, we will create and store the configuration file in Azure repos and will trigger terraform commands using Azure pipeline.
Prerequisites
AWS Account
AWS Credential
Azure DevOps
AWS S3
For executing terraform for AWS resources, we need to create a service connection. Create a new project and then select Service Connection under Project settings.
Click on Create service Connection.
Under new service connection, search for AWS for Terraform and select the same connection type. You will be asked to enter the AWS Access key ID and Secret Access key. Enter the region and a name for service connection. We will be using this service connection name in future.
You will be able to see the new service connection created as below.
Before creating pipeline, create a new repository under Azure repos to store the configuration file.
Here we created a repository named testIAC and uploaded the terraform file.
Below is the terraform file used. For more insights on terraform basics you can check here.
provider "aws" {
region = "eu-west-1"
}resource "aws_s3_bucket" "example" {
bucket = "test-s3-bucket-6785"
acl = "private"
versioning {
enabled = true
}tags = {
Environment = "test"
}
}Once you have the service connection and files ready, we are good to start creating our pipeline. After launching the Releases page, select New pipeline option.
Provide the source directory on prompt. Here we have the code uploaded in Azure Repos, hence selecting the same.
PS: You can have the code in your Github account and link the artifact with your Github repository. You need to provide the authentication credentials as a one time activity.
Once the artifact is ready, lets update the Stages. Since we are going to create an S3 bucket, I have my stage name as “S3 bucket creation”.
Lets add task to our stage now. Search for terraform and add Terraform tool installer and Terraform (thrice for init, plan and apply operation).
In Terraform tool installer task, provide a meaningful display name (eg: Install Terraform + Version). Here we will be using version 0.13.5. This task is mandatory to install the required terraform packages to trigger the terraform operations.
After installing terraform, we can proceed with init command. You will be required to make the changes as shown in the below image. Initially the provider will be Azure and you will be required to change it to AWS. Also you will be asked to enter your configuration directory, which is actually the location of your config file ( Azure repos in our scenario). By default configuration directory is the root folder of the artifact.
Further you need to mention S3 bucket and key(prefix) where terraform state file will be stored.
Next we will update the terraform plan task. Please make the change as shown below. You can mention the required command extension in the Additional command argument.
Finally, let’s update the task to perform terraform apply. There is no much difference from the previous task except for the command used.
At the end, lets save the pipeline and then click on Create release to start the pipeline.
Automatically the pipeline will be deployed and the task will be executed in the order.
You can see the stage is in In Progress state. If the pipeline is not triggered automatically, go for a manual deploy.
You can click on Logs, to get the logs corresponding to each task. This helps to troubleshoot most of the errors.
Once the pipeline is triggered , the status changes from In Progress to Succeeded.
We will be able to see the newly created S3 bucket available in our AWS account.
If you wish to trigger terraform from your host machine, you can check out here.
There is a lot more you can achieve using terraform. Terraform helps you to automate the infra operation and with the help of the state file, you will be able to keep track of the resources created.
留言