Edrich

Terraform - Create EC2 resource using GitHub Actions

Edrich Lewis's photo
Edrich Lewis
·

4 min read

Below is a complete enterprise-level solution with detailed steps to create an EC2 instance in the Ohio region (default subnet) using Terraform. It incorporates best practices such as remote state management, separate provider configuration, and reusable modules.

We can clone the GitHub Repo to have the code.

Initially, we will create the Terraform files and test them, later will improve by automating using GitHub Actions workflow.

Steps to automate the deployment using GitHub actions are provided in the same article.

1. Prerequisites

  1. Install Terraform: Download and install Terraform from Terraform's official website.

  2. Install AWS CLI: Install and configure it using aws configure to set up your credentials.

  3. IAM User with Permissions: Ensure the IAM user has sufficient permissions (EC2, VPC, S3, DynamoDB, IAM).

  4. Create an S3 Bucket and DynamoDB Table for Remote State:

    • S3 Bucket: terraform-state-enterprise

    • DynamoDB Table: terraform-lock-table with a primary key LockID of type String.

2. Folder Structure

Organize your Terraform files in a project structure like in GitHub Repo or we can clone the #repo

note the .github folder which has GitHub action yml file and module folder.

3. Backend Configuration

Create the backend.tf file in the root directory for remote state management

Steps to Create the Backend

  1. Create an S3 bucket (terraform-state-enterprise) in the Ohio region (us-east-2).

  2. Create a DynamoDB table (terraform-lock-table) with the primary key LockID.

yjyj

4. Provider Configuration

configure providers.tf

5. Create Reusable EC2 Module

In modules/ec2, create the following files:

The below link has the code

modules/ec2/main.tf

modules/ec2/variables.tf

6. Main Terraform Configuration

In the root folder, create these files:

main.tf

variables.tf

outputs.tf

7. Deploy the Infrastructure

Step-by-Step Commands

  1. Navigate to the Project Directory:

    cd terraform-ec2

  2. Initialize Terraform:

    • This downloads the AWS provider and configures the backend:

      terraform init

  3. Validate the Configuration:

    • Ensure there are no syntax errors:

      terraform validate

  4. Generate an Execution Plan:

    • Review the planned infrastructure changes:

      terraform plan

  5. Apply the Configuration:

    • Deploy the EC2 instance:

      terraform apply

    • Type yes to confirm

8. Verify the Deployment

  1. AWS Management Console:

    • Navigate to the EC2 dashboard in the Ohio region.

    • Confirm the instance is running with the specified tags and settings.

9. Cleanup

To destroy the resources and avoid incurring charges:

terraform destroy

10. Enterprise-Level Practices

  1. Remote State Management:

    • Used S3 for state storage and DynamoDB for locking.

  2. Modularity:

    • Created a reusable EC2 module.

  3. Version Control:

    • Commit this code to a Git repository for collaboration.

  4. Environment Tagging:

    • Added tags like Environment to distinguish resources.

  5. Dynamic Variables:

    • Used variables for region, instance type, and tags for flexibility.

This approach ensures a robust, scalable, and enterprise-ready solution for managing AWS infrastructure with Terraform.

1. Enterprise-Level GitHub Actions Workflow for Terraform

Automate the deployment of the EC2 infrastructure with the following considerations:

  1. CI/CD Workflow: Automate Terraform commands (plan, apply, destroy).

  2. Secure Secrets Management: Store AWS credentials securely.

  3. State Locking: Ensure backend state locking is intact.

  4. Dynamic Environments: Use branch-based environments for staging and production.

2. Prerequisites

  1. GitHub Repository:

    • The Terraform codebase is already stored in GitHub.

  2. IAM Role for GitHub Actions:

    • Create an IAM user or role with permissions for S3, DynamoDB, and EC2.

  3. GitHub Secrets:

    • Store sensitive information as GitHub secrets:

      • AWS_ACCESS_KEY_ID

      • AWS_SECRET_ACCESS_KEY

      • AWS_REGION

3. Folder Structure

4. GitHub Actions Workflow

Create a file .github/workflows/terraform.yml , this file should be in root folder.

5. Testing the Workflow

Step 1: Commit and Push Changes

  • What it means:

    • Once you’ve configured your Terraform code and GitHub Actions workflow (terraform.yml), you commit these changes to your repository and push them to the main branch.

    • This action triggers the GitHub Actions workflow as it’s configured to run on pushes to main.

  • How to do it:

Step 2: Verify Output

  • once What it means:

    • After the workflow runs, you check the logs in the GitHub Actions tab of your repository to verify successful execution.

    • Confirm that the EC2 instance is created in AWS by logging into the AWS Management Console and checking the EC2 dashboard.

  • How to do it:

    1. Go to your GitHub repository.

    2. Click on Actions > Select the latest workflow run.

    3. Review logs for steps like Terraform Init, Plan, and Apply.

  • once we click on actions

    once we click on actions

  • we can view the workflows, we can click on it and view the logs for the workflow.

  • The workflow which we created we can run it manually and select the destroy to delete the created instance.

  • select the required options to Run Workflow

GitHub ActionsworkflowTerraformautomation