Skip to content
Indus LeveL
terraform aws ec2 iac linux centos sysadmin devops

How to Setup an EC2 Instance from Scratch Using Terraform

A complete sysadmin guide to installing Terraform on CentOS, configuring AWS IAM access keys, structuring main.tf with AWS providers, and executing deployment workflows.

2 min read
Cover illustration representing AWS EC2 instance provisioning from scratch using Terraform Infrastructure as Code

When scaling cloud infrastructure on Amazon Web Services (AWS), provisioning EC2 instances manually through the AWS Management Console is inefficient and prone to configuration drift. Adopting Infrastructure as Code (IaC) allows you to define your complete infrastructure declaratively, ensuring consistent, repeatable deployments across all environments.

Terraform by HashiCorp is the industry-standard tool for cloud infrastructure automation. In this guide, I will walk you through installing Terraform on CentOS, configuring AWS IAM access keys, structuring your first main.tf configuration manifest, and executing the core init, plan, apply, and destroy workflows.

Prerequisites

You will need a CentOS Linux machine with root privileges, alongside an active AWS account with IAM permissions to provision EC2 instances and VPC security groups.


Step 1: Installing Terraform on CentOS

First, configure the official HashiCorp repository manifest and install the Terraform CLI.

# Install prerequisite utilities
sudo yum install -y yum-utils

# Add HashiCorp repository
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo

# Install Terraform CLI
sudo yum -y install terraform

Verify your installation and enable shell tab completion:

terraform --help
touch ~/.bashrc
terraform -install-autocomplete
source ~/.bashrc

Step 2: Configuring AWS IAM Credentials

To allow Terraform to authenticate with the AWS API, export your IAM user Access Key ID and Secret Access Key to your shell environment variables.

export AWS_ACCESS_KEY_ID="AKIAIOSFODNN7EXAMPLE"
export AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"

Step 3: Structuring Your First Terraform Manifest (main.tf)

Create a dedicated project directory structure and construct your primary configuration manifest /home/wazeem/terraform/terraform-aws-instance/main.tf:

# /home/wazeem/terraform/terraform-aws-instance/main.tf
terraform {
  required_version = ">= 1.2.0"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }
}

provider "aws" {
  region = "us-west-2"
}

resource "aws_instance" "app_server" {
  ami           = "ami-830c94e3"
  instance_type = "t2.micro"

  tags = {
    Name = "AppServerInstance"
  }
}

Modularizing Variables (variables.tf)

To keep credentials and region settings modular, you can decouple them into variables.tf:

# variables.tf
variable "aws_access_key" {
  description = "AWS access key"
  type        = string
}

variable "aws_secret_access_key" {
  description = "AWS secret access key"
  type        = string
}

variable "aws_region" {
  description = "AWS deployment region"
  type        = string
  default     = "us-west-2"
}

Step 4: Executing the Core Deployment Workflow

With your manifest structured, execute the standard Terraform operational workflow to provision your EC2 instance.

1. Initialize Working Directory

Initialize backend storage and download required AWS provider plugins:

terraform init

2. Validate HCL Syntax

Ensure your configuration files are syntactically valid:

terraform validate

3. Generate Execution Plan

Preview the exact additions and modifications Terraform will apply to your AWS account:

terraform plan

4. Apply Configuration

Execute the plan to launch your EC2 instance in the cloud:

terraform apply

5. Destroy Infrastructure

When decommissioning your environment, remove all provisioned resources cleanly:

terraform destroy

References

Back to Blog
Share:

Follow along

Stay in the loop — new articles, thoughts, and updates.