Terraform Destroy: It’s Easy!

https://olohmann.github.io/azure-hands-on-labs/labs/07_iac/terraform.html

Whenever I use AWS services, my biggest concern after I am done using the services has always been —

Did I destroy all the resources properly, or, is there anything still left behind?

This was one of the main reasons why I got attracted towards Terraform. Terraform allows us to build and destroy (neatly) the entire infrastructure using just four simple commands —

terraform init

terraform plan -out planfile

terraform apply planfile

terraform destroy

While working with Terraform, there are two important things that need to be taken care of:

1. All script files must end with the extension .tf
2. Resource blocks must be used to describe one or more infrastructure objects

The syntax to create a resource is —

resource “<PROVIDER>_<TYPE>” “<NAME>” {[Configuration…]}

For example, if we want to create an EC2 instance, the corresponding resource block would be something similar to following —

AWS Instance Resource Block

In order to make the above code functional, a few more resource blocks would be required to be created for security group, IAM instance profile, IAM role inline policy, VPC, VPC subnet, VPC Internet Gateway, or for creating an association between a route table and a subnet, or, a route table and an internet gateway or virtual private gateway.

Security Group

IAM Instance Profile and IAM Role Policy

VPC Resource Block

VPC Subnet

VPC Internet Gateway

Resource to create an association between a route table and a subnet

Variables can be defined inside a variable block in two ways —

1. With a default value
2. Without a default value

Define variables with or without a default value

If a default value has not been provided for a variable, then the user will be prompted to enter its value at runtime.

Once defined, the variables can be referenced inside a resource block or a provider block by using the var keyword.

Access variables

When you feel the script is ready, or if you just want to test your script, get ready to run a few commands.

1. Initialize the working directory by running terraform init command.
2. Run terraform plan -out planfile to create an execution plan and save it in a file. After the command is run, any error in the Terraform script would be highlighted on the command line output.
3. When you are happy with the generated plan, apply these changes by running the command terraform apply planfile
4. Whenever you wish to tear down the infrastructure that was created by Terraform, without leaving behind any debris, run the command terraform destroy

Highlighted Error Messages

$ terraform plan -out planfile

$ terraform apply planfile

$ terraform destroy

The End!

References

Before I sign off, I am sharing below a few references that helped me in getting started with Terraform —

• https://medium.com/@kumargaurav1247/introduction-to-terraform-ec2-instance-creation-using-terraform-ec221ec630d7
• https://heap.io/blog/engineering/terraform-gotchas
• https://kulasangar.medium.com/creating-and-attaching-an-aws-iam-role-with-a-policy-to-an-ec2-instance-using-terraform-scripts-aa85f3e6dfff
• https://www.terraform.io/docs/configuration/variables.html
• https://github.com/terraform-aws-modules/terraform-aws-key-pair
• https://medium.com/@hmalgewatta/setting-up-an-aws-ec2-instance-with-ssh-access-using-terraform-c336c812322f
• http://2ninjas1blog.com/terraform-assigning-an-aws-key-pair-to-your-ec2-instance-resource/
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
• https://tudip.com/installing-amazon-ec2-instance-using-terraform/
• https://github.com/hashicorp/terraform-provider-aws/issues/3970
• https://medium.com/@devopslearning/aws-iam-ec2-instance-role-using-terraform-fa2b21488536

Troubleshooting

• https://github.com/hashicorp/terraform-provider-aws/issues/8480
• https://github.com/hashicorp/terraform/issues/1243