Here is some information about this architecture.
Here are the steps you can follow to build this solution on your own.
In this lesson, you will learn about Terraform Cloud and how to use it.
As a widely used infrastructure as code tool, Terraform provides various capabilities and features that help to streamline the provisioning and management of infrastructure. Technical and collaborative challenges differ when using Terraform in personal projects, small businesses, and large enterprises. To accommodate each user group, Terraform provides different editions of its IaC tool.
Terraform is offered in three editions:
Terraform Open Source
Terraform Enterprise
Terraform Cloud
When you download and configure Terraform for use in your local environment, the edition of Terraform you're using is the Terraform open-source software (OSS). The Terraform open-source edition allows you to effectively create, modify, and destroy resources programmatically. It is free to download and allows you to access powerful Terraform features including workspaces, modules, and remote backends right from your command line interface (CLI).
The bottlenecks that is encountered when using a tool increases with the number of people involved in the process. This is the case for large enterprises with complex infrastructure and multiple employees collaborating to provision the infrastructure. Terraform offers an Enterprise edition that is ideal for such large organizations. The Enterprise editions provide all the capabilities and features of the Terraform Opens-Source and Terraform Cloud editions, alongside many other premium capabilities.
Some of the exclusive benefits it offers include the following:
Control access to configuration files.
Set up a private instance of Terraform Cloud with dedicated support from HashiCorp.
Advanced security compliance and role-based access control.
Dedicated support.
When you run the workflow commands in Terraform Open-Source, Terraform keeps the state file in the local directory. It then uses the state file to synchronize the state resources in your target environment with your configuration code. While you can configure your Terraform code to use a remote backend like an S3 bucket, the whole process means that you are responsible for the storage and security of your state file.
Terraform Cloud simplifies this by abstracting the state file's storage and management from you, allowing you to collaborate and focus on writing your resource configuration without worrying about the storage or security of your state file.
On top of that, Terraform Cloud offers:
Automatic backup of your state files.
Version control, keeping track of all the changes to your config file and allowing you to revert to a previous version in case something goes wrong.
Access Control, allowing you to control who has access to run actions that can modify the state file.
Visibility into who applied what changes to the configuration.
Terraform Cloud also enable you to:
Declare variables and environment variables from the graphical interface, keeping sensitive credentials out of the configuration code.
Run configurations from the remote environment.
Group projects and related configurations into logical groups using the workspace.
Trigger Terraform operations based on preset conditions.
Integrate with continuous integration (CI) tools such as GitHub Action or Jenkins to automatically run workflows without interacting with the CLI.
Enforce best practices and security by checking for conditions like formatting.
Create and publish Terraform modules.
In this lab, you will create a free Terraform Cloud account and create a Terraform project that leverages some of the Terraform Cloud features you learned above.
On your local computer, create a new directory. Inside the directory, create a main.tf file.
To illustrate the usage of Terraform cloud, we will create a simple EC2 instance. Open your main.tf file, input, and save the following code:
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
}
}
}
provider "aws" {
region = "us-west-2"
}
resource "aws_instance" "web_server" {
ami = "ami-0c2ab3b8efb09f272"
instance_type = "t2.micro"
tags = {
Name = "skillmix-lab-instance"
}
}
Run the following commands, one after the other, to create a GitHub repository from your command line.
#create a new repository and initiate a README file
echo "# terraform-cloud" >> README.md
#initialize Git in the project
$ git init
#add all files to the staging area
$ git add .
#commit the files
$ git commit -m "initial commit"
#switch to the main branch of the local repository
$ git branch -M main
#add all files to the remote staging area
# Replace <Your-Username> below with your GitHub username.
$ git remote add origin https://github.com/<Your-Username>/terraform-cloud.git
#create and push all files to the remote GitHub repository
$ git push -u origin main
Now that we have created our Terraform configuration and pushed it to GitHub, it's time to set up our Terraform cloud.
Head to app.terraform.io/public/signup/account
Enter a username, email, and password.
Check the checkboxes to agree with the policy and terms of use.
Create your account, confirm your email, and then move to the next step.
After confirming your email, Terraform displays an onboarding interface.
Choose "Start from scratch".
Fill in your preferred organization name and hit "Create Organization."
Terraform Cloud workspaces work similarly to workspaces in the usual Terraform open source. It helps to manage different environments. For example, you can run dev and test environments on similar infrastructure.
Create the workspace as follows:
Choose Type
This requires you to choose a workflow type for the workspace you're about to create.
You can choose a workflow that triggers runs based on merges and pull requests. You can also select a CLI-driven workflow that allows you to connect your Terraform Cloud account to your local environment and run commands from your CLI. You can also choose the API-driven workflow that enables you to interact directly with the Terraform API for large-scale projects.
For this lab, choose “Version control workflow.”
2 . Connect Version Control
Next, you need to connect the workspace to your version control platform, GitHub, in our case. Click on GitHub, authorize and install Terraform Cloud to your GitHub account.
Once you successfully authenticate and install Terraform Cloud, move on to the next step.
3 . Choose Repository
Choose the repository that contains the configuration files we created earlier.
4 . Configure Settings
The “workspace name” field is automatically filled with the name of the GitHub repository.
Add a description for your workspace (Optional).
Click on “Create Workspace.”
If you're using the Skillmix Labs feature, open the lab settings (the beaker icon) on the right side of the code editor. Then, click the Start Lab button to start hte lab environment.
Wait for the credentials to load.
Note: If you're using your own AWS account you'll need to ensure that you've created and configured a named AWS CLI profile named smx-lab.
Click on “Go to workspace overview”
Navigate to the variables section.
Scroll down and select Add Variables.
Select Environment Variable as the variable category.
Enter AWS_ACCESS_KEY_ID as the key. The value is the access key you got from the lab you started earlier.
Select Save Variable.
Perform steps 3, 4, 5, and 6 again. This time, use AWS_SECRET_ACCESS_KEY as the key and enter the secret key you got from the lab you started earlier.
After creating the environment variables, navigate back to the overview section.
Scroll down and click “Start new plan.” This will automatically start running a plan.
Once the plan is done, scroll down the page and select Confirm & Apply.
Enter a comment such as "Ready to apply".
Click on "Confirm Plan."
This will apply the plan and create the resource in our configuration file.
Navigate to the EC2 dashboard from your AWS console.
Click on Instances
You should see the newly created instance there.
Congratulations, you now know how to provision infrastructure using Terraform Cloud.
Once you're done with this lab, navigate to the workspace. Select “Settings” >> “Destruction and Deletion” >> “Queue destroy plan” then follow the prompt to wind down the EC2 instance we created.