• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

terraform

GCP Create Service Account via Terraform

June 27, 2022

How to create service account in GCP via Terraform.

provider "google" {
  project = "your_project_id"
}
resource "google_service_account" "service_account" {
  account_id   = "your-service-account-name"
  display_name = "test service account built by terraform"
}

provider "google" { project = "your_project_id" } resource "google_service_account" "service_account" { account_id = "your-service-account-name" display_name = "test service account built by terraform" }

Filed Under: Cloud Tagged With: create, gcp, service account, terraform

AWS SDK Load Config

February 14, 2022

Occasionally I was getting this random error when running Terraform.

╷
│ Error: error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
│ 
│ Please see https://registry.terraform.io/providers/hashicorp/aws
│ for more information about providing credentials.
│ 
│ Error: RequestError: send request failed
│ caused by: Post "https://sts.amazonaws.com/": read tcp xx.xx.xx.xx:59422->xx.xx.xx.xx:443: read: connection reset by peer
│ 
│ 
│   with provider["registry.terraform.io/hashicorp/aws"],
│   on main.tf line 10, in provider "aws":
│   10: provider "aws" {

╷ │ Error: error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found. │ │ Please see https://registry.terraform.io/providers/hashicorp/aws │ for more information about providing credentials. │ │ Error: RequestError: send request failed │ caused by: Post "https://sts.amazonaws.com/": read tcp xx.xx.xx.xx:59422->xx.xx.xx.xx:443: read: connection reset by peer │ │ │ with provider["registry.terraform.io/hashicorp/aws"], │ on main.tf line 10, in provider "aws": │ 10: provider "aws" {

Here’s the fix. Place this in your ~/.bash_profile.

export AWS_SDK_LOAD_CONFIG=1

export AWS_SDK_LOAD_CONFIG=1

This forces Terraform to use both config and credentials file.

Filed Under: Linux Tagged With: aws, awscli, bash_profile, cli, config, credentials, sdk, terraform

GCP Terraform Second Drive

February 4, 2022

How to add a second drive on GCP Compute Engine using Terraform.

provider "google" {
  project = "your-project-id"
  zone    = "us-central1-c"
}
 
resource "google_compute_disk" "data-drive" {
  name = "data-drive"
  type = "pd-standard"
  zone = "us-central1-c"
  size = "20"
}
 
resource "google_compute_attached_disk" "attach-data-drive" {
  count    = 1
  disk     = google_compute_disk.data-drive.id
  instance = google_compute_instance.test.id
}
 
resource "google_compute_instance" "test" {
  name         = "test"
  machine_type = "e2-micro"
 
  boot_disk {
    initialize_params {
      image = "rocky-linux-cloud/rocky-linux-8"
    }
  }
 
  scheduling {
    preemptible       = true
    automatic_restart = false
  }
  network_interface {
    network = "default"
    access_config {
    }
  }
}

provider "google" { project = "your-project-id" zone = "us-central1-c" } resource "google_compute_disk" "data-drive" { name = "data-drive" type = "pd-standard" zone = "us-central1-c" size = "20" } resource "google_compute_attached_disk" "attach-data-drive" { count = 1 disk = google_compute_disk.data-drive.id instance = google_compute_instance.test.id } resource "google_compute_instance" "test" { name = "test" machine_type = "e2-micro" boot_disk { initialize_params { image = "rocky-linux-cloud/rocky-linux-8" } } scheduling { preemptible = true automatic_restart = false } network_interface { network = "default" access_config { } } }

Filed Under: Cloud Tagged With: compute, drive, gcp, second, terraform, vm

AWS Terraform Security Group

January 4, 2022

How to create AWS security groups using Terraform.

resource "aws_security_group" "my-security-group" {
  name        = "my-security-group"
  description = "allow ports"
  vpc_id      = aws_vpc.my-vpc.id
 
  ingress {
    description = "ping"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    description = "http"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    description = "https"
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "ALL"
    cidr_blocks = ["0.0.0.0/0"]
  }
  tags = {
    Name = "my-security-group"
  }
}

resource "aws_security_group" "my-security-group" { name = "my-security-group" description = "allow ports" vpc_id = aws_vpc.my-vpc.id ingress { description = "ping" from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } ingress { description = "http" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { description = "https" from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "ALL" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "my-security-group" } }

Filed Under: Cloud Tagged With: aws, create, security group, terraform

Create AWS VPC using Terraform

December 21, 2021

Creating a VPC in AWS using Terraform. The script will do the following:

  • Create a VPC
  • Create a Subnet
  • Create an Internet Gateway
  • Create a route in the default route table using the Internet Gateway

Contents of main.tf

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
}
 
provider "aws" {
  profile = "tfc"
  region  = "us-west-1"
}
 
resource "aws_vpc" "my-vpc" {
  cidr_block       = "10.0.4.0/24"
  instance_tenancy = "default"
  tags = {
    Name = "my-vpc"
  }
}
 
resource "aws_subnet" "my-subnet" {
  vpc_id            = aws_vpc.my-vpc.id
  cidr_block        = "10.0.4.0/24"
  availability_zone = "us-west-1a"
  tags = {
    Name = "my-subnet-us-west-1a"
  }
}
 
resource "aws_internet_gateway" "my-igw" {
  vpc_id = aws_vpc.my-vpc.id
  tags = {
    Name = "my-internet-gateway"
  }
}
 
resource "aws_default_route_table" "my-rt" {
  default_route_table_id = aws_vpc.my-vpc.default_route_table_id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.my-igw.id
  }
  tags = {
    Name = "my-route-table"
  }
}

terraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "tfc" region = "us-west-1" } resource "aws_vpc" "my-vpc" { cidr_block = "10.0.4.0/24" instance_tenancy = "default" tags = { Name = "my-vpc" } } resource "aws_subnet" "my-subnet" { vpc_id = aws_vpc.my-vpc.id cidr_block = "10.0.4.0/24" availability_zone = "us-west-1a" tags = { Name = "my-subnet-us-west-1a" } } resource "aws_internet_gateway" "my-igw" { vpc_id = aws_vpc.my-vpc.id tags = { Name = "my-internet-gateway" } } resource "aws_default_route_table" "my-rt" { default_route_table_id = aws_vpc.my-vpc.default_route_table_id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.my-igw.id } tags = { Name = "my-route-table" } }

Filed Under: Cloud Tagged With: aws, create, internet gateway, route table, subnet, terraform, vpc

GCP Spot VM

December 8, 2021

Spot VMs are preemtible, they can be reclaimed by the Cloud provider.

However you can get deep discounts using them.

Launch a spot instance in GCP using Terraform.

provider "google" {
  project = "airy-totality-151318"
  zone    = "us-central1-c"
}
 
resource "google_compute_instance" "test" {
  name         = "test"
  machine_type = "e2-micro"
 
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-9"
    }
  }
 
  scheduling {
    preemptible       = true
    automatic_restart = false
  }
 
  network_interface {
    network = "default"
    access_config {
    }
  }
}

provider "google" { project = "airy-totality-151318" zone = "us-central1-c" } resource "google_compute_instance" "test" { name = "test" machine_type = "e2-micro" boot_disk { initialize_params { image = "debian-cloud/debian-9" } } scheduling { preemptible = true automatic_restart = false } network_interface { network = "default" access_config { } } }

Filed Under: Cloud Tagged With: gcp, spot, terraform, vm

Terraform AWS Security Group

November 15, 2021

How to create a security group in AWS via Terraform.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
}
 
provider "aws" {
  profile = "default"
  region  = "us-east-1"
}
 
resource "aws_security_group" "my_sg" {
  vpc_id       = "vpc-xxxxxxxxxxxxxxxxx"
  name         = "My Security Group"
  description  = "My Security Group"
  ingress {
	from_port   = 8088
	to_port     = 8088
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
        from_port   = 0
        to_port     = 0
        protocol    = "-1"
        cidr_blocks = ["0.0.0.0/0"]
  }
  tags = {
        Name = "My Security Group"
  }  
}

terraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_security_group" "my_sg" { vpc_id = "vpc-xxxxxxxxxxxxxxxxx" name = "My Security Group" description = "My Security Group" ingress { from_port = 8088 to_port = 8088 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } tags = { Name = "My Security Group" } }

Filed Under: Cloud Tagged With: aws, create, security group, terraform

Terraform AWS S3

November 15, 2021

How to create S3 bucket via Terraform.

erraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
}
 
provider "aws" {
  profile = "default"
  region  = "us-east-1"
}
 
resource "aws_s3_bucket" "bucket" {
  bucket = "my-ulysses-bucket"
  acl    = "private"
 
  tags = {
    Name        = "My Ulysses bucket"
    Environment = "Dev"
  }
}
 
resource "aws_s3_bucket_public_access_block" "example" {
  bucket = aws_s3_bucket.bucket.id
  block_public_acls = true
  block_public_policy = true
  ignore_public_acls = true
  restrict_public_buckets = true
}

erraform { required_providers { aws = { source = "hashicorp/aws" } } } provider "aws" { profile = "default" region = "us-east-1" } resource "aws_s3_bucket" "bucket" { bucket = "my-ulysses-bucket" acl = "private" tags = { Name = "My Ulysses bucket" Environment = "Dev" } } resource "aws_s3_bucket_public_access_block" "example" { bucket = aws_s3_bucket.bucket.id block_public_acls = true block_public_policy = true ignore_public_acls = true restrict_public_buckets = true }

Filed Under: Linux Tagged With: aws, bucket, create, s3, terraform

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »
  • Home
  • About
  • Archives

Copyright © 2023