In this Extended Terraform Tutorial, we’ll guide you through the process of deploying scalable infrastructure on AWS using Terraform. This tutorial covers everything from setting up auto-scaling groups and load balancers to configuring networking essentials for high availability. Whether you’re a beginner or looking to refine your cloud infrastructure skills, this step-by-step guide will help you deploy a fully functional AWS environment with minimal manual intervention.
Step 1: Install Terraform on Debian 12
Run the following commands to install Terraform:
sudo apt update && sudo apt install -y gnupg software-properties-common curl
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y terraformVerify installation:
terraform -vStep 2: Configure AWS Credentials
Create an AWS IAM user with Programmatic Access and assign the AdministratorAccess policy.
Once you have the Access Key ID and Secret Access Key, run:
aws configureEnter the following when prompted:
- AWS Access Key ID → (Your Access Key ID)
- AWS Secret Access Key → (Your Secret Key)
- Default region →
us-east-1(or your preferred region) - Default output format →
json
Verify AWS connectivity:
aws s3 lsStep 3: Create the Terraform Project
Create the project directory and the necessary files:
mkdir terraform-aws-scaled && cd terraform-aws-scaled
touch main.tf variables.tf outputs.tfStep 4: Write the Terraform Configuration Files
main.tf – Main Infrastructure Configuration
provider "aws" {
region = var.aws_region
}
# VPC Creation
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
}
# Subnet Creation
resource "aws_subnet" "subnet" {
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
availability_zone = "us-east-1a"
map_public_ip_on_launch = true
}
# Security Group
resource "aws_security_group" "sg" {
name = "terraform-sg"
description = "Allow HTTP, SSH, and load balancer access"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
# Launch Template for Auto Scaling
resource "aws_launch_template" "lt" {
name_prefix = "terraform-template"
image_id = var.ami_id
instance_type = var.instance_type
security_group_names = [aws_security_group.sg.name]
key_name = var.key_name
user_data = data.template_file.user_data.rendered
}
# Auto Scaling Group
resource "aws_autoscaling_group" "asg" {
desired_capacity = 2
min_size = 1
max_size = 3
vpc_zone_identifier = [aws_subnet.subnet.id]
launch_template {
id = aws_launch_template.lt.id
version = "$Latest"
}
health_check_type = "EC2"
health_check_grace_period = 300
force_delete = true
}
# Application Load Balancer
resource "aws_lb" "alb" {
name = "terraform-lb"
internal = false
load_balancer_type = "application"
security_groups = [aws_security_group.sg.id]
subnets = [aws_subnet.subnet.id]
}
# Target Group
resource "aws_lb_target_group" "tg" {
name = "terraform-tg"
port = 80
protocol = "HTTP"
vpc_id = aws_vpc.main.id
}
# Listener for Load Balancer
resource "aws_lb_listener" "listener" {
load_balancer_arn = aws_lb.alb.arn
port = "80"
protocol = "HTTP"
default_action {
type = "fixed-response"
fixed_response {
status_code = 200
content_type = "text/plain"
message_body = "OK"
}
}
}
# Attach Auto Scaling Group to Load Balancer Target Group
resource "aws_lb_target_group_attachment" "asg_attachment" {
target_group_arn = aws_lb_target_group.tg.arn
target_id = aws_autoscaling_group.asg.id
port = 80
}variables.tf – Variables for Customization
variable "aws_region" {
default = "us-east-1"
}
variable "ami_id" {
default = "ami-0c55b159cbfafe1f0" # Update with your region's AMI
}
variable "instance_type" {
default = "t3.micro"
}
variable "key_name" {
default = "my-aws-key" # Replace with your AWS Key Pair
}outputs.tf – Display Useful Information
output "load_balancer_url" {
value = aws_lb.alb.dns_name
}
output "autoscaling_group_name" {
value = aws_autoscaling_group.asg.name
}Step 5: Initialize Terraform
Initialize the Terraform project:
terraform initStep 6: Preview the Changes (Optional)
To see what will be created:
terraform planStep 7: Deploy the Infrastructure
Apply the configuration to create the resources:
terraform apply -auto-approveStep 8: Access the Deployed Infrastructure
Once the deployment is successful, check the output for your load balancer URL:
terraform output load_balancer_urlYou should see a URL, e.g., terraform-lb-12345678.us-east-1.elb.amazonaws.com. Open this URL in your browser to see the “OK” response from the application load balancer.
Step 9: Clean Up Resources (Optional)
To remove the deployed infrastructure:
terraform destroy -auto-approveStep 10: Bonus – Creating a Key Pair (If Needed)
If you don’t have a key pair yet:
aws ec2 create-key-pair --key-name my-aws-key --query 'KeyMaterial' --output text > my-aws-key.pem
chmod 400 my-aws-key.pemSummary of the Extended Terraform Tutorial
This tutorial includes the creation of:
- VPC and Subnet for networking.
- Security Group for access control.
- Auto Scaling Group with dynamic scaling based on the instance count.
- Load Balancer for distributing traffic to the instances.
- Target Group and Listener to attach the instances to the load balancer.