- documentation
- terraform core
- terraform language,configuration language
- terraform language,configuration language
- template json files into tf, terraform parametrizing
- built in functions
terraform console
run script
- terraform local version manager
after installation instead of terrafor pls use tfswitch like
tfswitch; $HOME/bin/terraform init
- terraform wrapper with additional features
- terraform wrapper
- reverse terraform - from existing infrastructure create json/tf files
- reverse terraform
- terraform code checker
pip3 install checkov
- terraform code linter
- workflow
- valid
- state
- src
- plan
TODO: templating TODO: metaarguments
# download plugins into folder .terraform
terraform init
# set logging level: TRACE, INFO, WARN, ERROR
export TF_LOG="DEBUG"
# dry run
terraform plan
terraform plan -out will-by-applied.zip
# apply configuration
terraform apply
terraform apply -auto-approve
terraform apply will-by-applied.zip
# apply state from another file
# skip warning: cannot import state with lineage
terraform state push -force terraform.tfstate
# remove all resources
terraform destroy
# visualisation for resources
# sudo apt install graphviz
terraform graph | dot -Tpng > out.png
# list of providers
terraform providers
# validation of current source code
terraform validate
# show resources
# get all variables for using in resources
terraform show
terraform console
# docker_image.apache.id
cat ~/.terraformrc
plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"
disable_checkpoint = true
usage inside the code
some_resource "resource-name" {
resource_parameter = var.p1
}
possible way for input variables:
precedence (last is most powerful): TF_VAR -> -var-file=....tfvars -> -var "p1=..."
- terraform.tfvars, terraform.tfvars.json
p1=[ "this", "is", "my", "parameter"] p2=this is my parameter
terraform apply -var-file=terraform.tfvars
- cli
- cli var
terraform apply -var 'p1=this is my parameter' terraform apply -var='p1=this is my parameter' terraform apply -var='p1=["this","is","my","parameter"]' terraform apply -var='p1={"one":"this","two":"is"}' terraform apply -var 'password_use_special=true' -var 'password_length=10'
- cli var file
terraform apply -var-file="staging.tfvars"
p1 = "this is my param" p2 = [ "one", "two", ] p3 = { "one": "first", "two": "second" }
- environment variables
export TF_VAR_p1="this is my parameter"
export TF_VAR_p1=["this","is","my","parameter"]
terraform apply
terraform code
output "my_output_param" {
value = some_resource.value.sub_param_1
}
terraform execution example
terraform output my_input_param
example of usage in configuration
resource "aws_instance" "one_of_resources" {
tags = {
Name = "web - ${terraform.workspace}"
}
}
terraform workspace list
terraform workspace new attempt_1
terraform workspace show
terraform workspace select default
terraform workspace select attempt_1
some inner mechanism
# workspace with name "default"
.terraform.tfstate
.terraform.tfstate.backup
./terraform.tfstate.d
# workspace with name "attempt_1"
./terraform.tfstate.d/attempt_1
./terraform.tfstate.d/attempt_1/terraform.tfstate.backup
./terraform.tfstate.d/attempt_1/terraform.tfstate
# workspace with name "attempt_2" - has not applied yet
./terraform.tfstate.d/attempt_2
Holding information about
- current state
- configuration
terraform {
backend "s3" {
bucket = "aws-terraform-remote-store"
encrypt = true
key = "terraform.tfstate"
region = "eu-west-1"
}
}
touch main.tf
touch variables.tf
touch outputs.tf
touch versions.tf
- AWS S3 (state) + AWS DynamoDB ( .lock )
- Azure storage