Archival Notice
This guide was written for legacy Terraform v1.2 and AWS Provider v4.16 deployments. Please note that HashiCorp Terraform syntax and AWS provider resources have evolved over time. Please refer to official HashiCorp documentation for current HCL syntax and provider block declarations.
When scaling cloud infrastructure on Amazon Web Services (AWS), provisioning EC2 instances manually through the AWS Management Console is inefficient and prone to configuration drift. Adopting Infrastructure as Code (IaC) allows you to define your complete infrastructure declaratively, ensuring consistent, repeatable deployments across all environments.
Terraform by HashiCorp is the industry-standard tool for cloud infrastructure automation. In this guide, I will walk you through installing Terraform on CentOS, configuring AWS IAM access keys, structuring your first main.tf configuration manifest, and executing the core init, plan, apply, and destroy workflows.
Prerequisites
You will need a CentOS Linux machine with root privileges, alongside an active AWS account with IAM permissions to provision EC2 instances and VPC security groups.
Step 1: Installing Terraform on CentOS
First, configure the official HashiCorp repository manifest and install the Terraform CLI.
# Install prerequisite utilities
sudo yum install -y yum-utils
# Add HashiCorp repository
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
# Install Terraform CLI
sudo yum -y install terraform
Verify your installation and enable shell tab completion:
terraform --help
touch ~/.bashrc
terraform -install-autocomplete
source ~/.bashrc
Step 2: Configuring AWS IAM Credentials
To allow Terraform to authenticate with the AWS API, export your IAM user Access Key ID and Secret Access Key to your shell environment variables.
export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
Step 3: Structuring Your First Terraform Manifest (main.tf)
Create a dedicated project directory structure and construct your primary configuration manifest /home/wazeem/terraform/terraform-aws-instance/main.tf:
# /home/wazeem/terraform/terraform-aws-instance/main.tf
terraform {
required_version = ">= 1.2.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}
}
provider "aws" {
region = "us-west-2"
}
resource "aws_instance" "app_server" {
ami = "ami-830c94e3"
instance_type = "t2.micro"
tags = {
Name = "AppServerInstance"
}
}
Modularizing Variables (variables.tf)
To keep credentials and region settings modular, you can decouple them into variables.tf:
# variables.tf
variable "aws_access_key" {
description = "AWS access key"
type = string
}
variable "aws_secret_access_key" {
description = "AWS secret access key"
type = string
}
variable "aws_region" {
description = "AWS deployment region"
type = string
default = "us-west-2"
}
Step 4: Executing the Core Deployment Workflow
With your manifest structured, execute the standard Terraform operational workflow to provision your EC2 instance.
1. Initialize Working Directory
Initialize backend storage and download required AWS provider plugins:
terraform init
2. Validate HCL Syntax
Ensure your configuration files are syntactically valid:
terraform validate
3. Generate Execution Plan
Preview the exact additions and modifications Terraform will apply to your AWS account:
terraform plan
4. Apply Configuration
Execute the plan to launch your EC2 instance in the cloud:
terraform apply
5. Destroy Infrastructure
When decommissioning your environment, remove all provisioned resources cleanly:
terraform destroy
EC2 Instance Provisioned
Your AWS EC2 instance is now successfully provisioned and managed declaratively through Terraform Infrastructure as Code!