IaC: Infrastructure as Code
Different IaC Tools:
configuration management tools (ansible, puppet, docker)
server templating tools (on Amazon images)
orchestration tools (k8s, but is program)
provisioning tools (terraform)
Declarative: specify end state
Imperative: specify commands
Install Terraform by following Here
For AWS, go to IAM and create user named
terraform-user and a user group named
terraform-group with permissions and add
install AWS command line
make sure you have payment method setup
export TF_LOG="DEBUG" and
export TF_LOG_PATH="tmp/terraform.log" for debugging
Here is a list of all providers terraform supports. You can also program your own provider.
aws configure [accessKeyID] and you can create a CLI access key for user
terraform-user with the following set up
AWS_ACCESS_KEY=AK???? AWS_SECRET_KEY=AL+??? AWS_REGION=us-east-1 AWS_OUTPUT_FORMAT=json
and it will generate
You then install VSCode plugin. Create a file named
main.tf and setup an example instance like the following (see Here for documentation about AWS instances)
Backend: a terraform state file where terraform store a representation of what is deployed. It is in json readable format containing sensitive information like password. Can either be local or remote, can collaborate.
terraform init command will initialize backend in the current working directory.
The command will download the providers in
.terraform/providers directory in the working directory.
It will generate a
.terraform.lock.hcl file as well.
.terraform/modules will be created if you use modules.
terraform plan command will query cached state file and compare desired specification to state file.
terraform apply will create the resources
terraform destroy will tear down all resources (everything in state file)
Account Level: Billing, IAM, Route53
Region Level: S3, DynamoDB
Zone Level: EC2, RDS, EBS
Here is a good video for a introduction of all kinds of Amazon services.
EFS vs S3: The core difference in the EFS vs S3 use case is EFS is designed to be attached to the file as a networked drive where as S3 is designed to be accessed via an API. If you need one networked drive attached to the file system of several EC2 instance / containers simultaneously then go with EFS. If you need highly redundant storage which your application can access via an API then go with S3.
EBS vs S3: The core difference in the EBS vs S3 use case is EBS is designed to be attached to the file system as a drive where as S3 is designed to be accessed via an API. If you need another drive for your EC2 instance then use EBS, if you need to program redundant, high availability storage for you application, be it running on EC2, a container, or a lambda, then S3 is what you need to use.
Table of Content