Help for the VSCode editor.
-
Navigate to the directory /root/terraform-projects/project-cerberus. We have an empty main.tf file in this directory.
Using this configuration file write a resource block to provision a simple EC2 instance with the following specificationsSpecifications:
- Resource Name:
cerberus - AMI:
ami-06178cf087598769c, use variable namedami - region:
eu-west-2, use variable namedregion - Instance Type:
m5.large, use variable namedinstance_type
-
Navigate to the indicated directory in the Explorer pane
-
We have been asked to use variables. It's OK to define them in
main.tf(terraform doesn't actually care about the filenames - it considers all files ending in.tfwhen planning in no particular order)
Create the variable blocks, assigning the correct default values:Reveal
variable "ami" { default = "ami-06178cf087598769c" } variable "instance_type" { default = "m5.large" } variable "region" { default = "eu-west-2" } -
Add the EC2 instance below the variables, which you should know by now is type
aws_instance. Be sure to use the variablesReveal
resource "aws_instance" "cerberus" { ami = var.ami instance_type = var.instance_type } -
Deploy
cd /root/terraform-projects/project-cerberus terraform init terraform plan terraform apply
- Resource Name:
-
Information only
-
Information only
-
Using the public key, create a new key-pair in AWS with the following specifications
Specifications:
- Resource Name: cerberus-key
- key_name: cerberus
- Use the file functions to read the the public key
cerberus.pub
-
Inspect the provider documentation for the use of the aws_key_pair
-
Create the resource block in
main.tfReveal
resource "aws_key_pair" "cerberus-key" { key_name = "cerberus" public_key = file(".ssh/cerberus.pub") } -
Deploy
-
Deploy
cd /root/terraform-projects/project-cerberus terraform plan terraform apply
-
Let us now configure the cerberus resource to make use of this key. Update the resource block to make use of the key called cerberus.
-
Inspect the [aws_instance] documentation to know which attribute to add to the
cerberusinstance to attach a key pair. Also what value it expects. Note that we haven't been asked to make a reference expression.Reveal
resource "aws_instance" "cerberus" { ami = var.ami instance_type = var.instance_type key_name = "cerberus" }Note that adding a key pair to an existing instance is a REPLACEMENT operation, that is the instance will be deleted and then recreated. You have to make these considerations when working on real production infrastructure!
-
-
Let us now install nginx in this EC2 instance. To do this, let's make use of the user_data argument.
Although you can use heredoc syntax, it's best practice to use an external file and the
file()function.Modify the resource to add the user_data
Reveal
resource "aws_instance" "cerberus" { ami = var.ami instance_type = var.instance_type key_name = "cerberus" user_data = file("./install-nginx.sh") }Don't apply it yet!
-
What will happen if we run terraform apply now?
This question and its hint are incorrect. It should be fixed soon.
Select the following to pass it.
nginx will be installed on the current server.
In the next question it will modify (not recreate) the instance, but in reality nginx would not have been installed.
-
Run terraform apply and let the EC2 instance be modified.
terraform apply -
Where should you add a provisioner block?
Provisioners are related to the resource they provision, therefore
Nested block inside the resource block
-
Which of the following provisioners does not need a connection block defined?
Provisioners that don't need to connect to remote resources don't require a connection block
local-execBecause it operates on the workstation where you are running terrafrom.
-
What is the public IPv4 address that has been allocated to this EC2 instance?
You can use
terraform state showfor this.Reveal
terraform state show aws_instance.cerberusFind
public_ipin the output -
Let's create an Elastic IP Address.
Create an Elastic IP resource with the following specifications:
- Resource Name:
eip - vpc:
true - instance: id of the EC2 instance created for resource cerberus (use a reference expression)
- create a
local-execprovisioner for theeipresource and use it to print the attribute calledpublic_dnsto a file/root/cerberus_public_dns.txton the iac-server.
* [aws_eip documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eip#example-usage) * [local_exec documentation](https://developer.hashicorp.com/terraform/language/resources/provisioners/local-exec)-
Create the new resource, including its provisioner
Reveal
resource "aws_eip" "eip" { vpc = true instance = aws_instance.cerberus.id provisioner "local-exec" { command = "echo ${aws_eip.eip.public_dns} >> /root/cerberus_public_dns.txt" } } -
Deploy
terraform plan terraform apply
- Resource Name:
-
What is the public ip address that was created for this Elastic IP?
You can use
terraform state showfor this.Reveal
terraform state show aws_eip.eipFind
public_ipin the output -
In the current configuration, which dependency is NOT true?
The Elastic IP resource called
eiphas a reference expression pointing to the AWS EC2 resource called cerberus. Hence the resourceeipdepends on cerberus and not the other way around.Reveal
Resource called
cerberusdepends on the resource calledeipThe above is the correct answer given the logic of the statement above, but it will be marked incorrect. Logic of the question is wrong, and will be corrected. To pass the question, select the following
Resource called
eipdepends on the resource calledcerberus