First steps in terraform - AWS Setup

Instructor: Let's do our first steps in terraform. Let's start with spinning up an instance on AWS. To do this you also need an AWS account. So the first step will be to open an AWS account. You can open one for free and Amazon also has a free tier. So some of the usage, especially when you use the small instances, will be for free. You can actually run a t2 micro, which is an instance type, for one full month for free within the first year. Then, once you open your account, you then can create an IAM admin user. This is the user that we then are going to use in terraform. Then we're going to create a terraform file to spin up a t2 micro instance. So if you open a new account and you're always going to shut down your instances after you use it, you should not be paying for it. Once this terraform file is created, we're going to use terraform apply, the command which is then going to send the instructions to AWS to launch t2 micro instance. So let's start with opening an AWS account. If you go to awsamazon.com, and there's a button here, create a free account. And here if you fill out the details you can create an account. And you see on the right if you open AWS account it includes 12 months of free tier access, including use of Amazon EC2, S3 and RDS. You can visit aws.amazon.com/free to see what is included. So here you see Amazon EC2, 750 hours per month of Linux t2 micro instance. That's the one we are going to use. Make sure that after every lab you shut down the instances so that you don't have to pay for them. Once you created your AWS account you will see a screen like this. First thing we'll do is to create a new user. So if you type in searches IAM, manage access to AWS resources, then at the identity and access management page, we can create new users. So if you click on users, and then add user, you can create a terraform user. This terraform user is not going to access the AWS management console, it's only going to exit it using the API. So the access type is going to be programmatic access, and this enables an access key ID and secret access key, which we will then have to configure within terraform. Next we can add the user to a group, so you can create a group if you don't have an administrative group yet. The group name can be administrators, or I'm gonna call it terraform administrators, because I already have an admin group. And then gonna give it administrator access, which is full access to all AWS resources. Then you're gonna click next. You don't need to give it any tags, we're going to review it, everything looks good. And now we can create the user. Now that the user is created, we have an access key ID and a secret access key. We can click on the show, which will show you the secret access key and this one you'll be able to configure in the next lecture. Let's have another look at EC2. So if you go to compute, EC2, then this is the EC2 dashboard. Once you start doing the demos, you will find your EC2 instances here if you launch. You just have to make sure that you are in the correct region. So my labs will launch in Europe, Ireland, EU West one. If you're going to launch in a different region, you have to make sure that you change the terraform files before you do a terraform apply, and that you also pick the correct region here. A lot of the first labs, we'll use a default security group. So have a look at your security groups. And if you filter on default, then you will see you have three default security groups here, because I have three VPCs. One of them will be the default VPC, if this is a new account you will only have one security group. You just wanna make sure that you enable inbound rules. For example in this one, that there is an inbound rule for your IP address. So if you go to inbound rules, edit inbound rules, then you can add a rule to allow all the traffic to my IP address. And when choosing my IP address, you'll allow all the access to your IP address. You might have to repeat this if you have a dynamic IP address. In the first demos we are not using security groups yet, so the demos will use the default security group. Once we start talking about VPCs, then we will also use security groups and then you can define everything in terraform. So that's it for account setup, in the next lecture we'll try to launch our first EC2 instance.