Guide to Terraform's Plan and AWS VPC Creation Workflow (2024)

Terraform is an open-source, cloud-agnostic provisioning tool developed by HashiCorp and written in the GO language. In this blog, we will talk about the workflow of Terraform. It is extremely helpful in a team and can benefit you even if you work individually. A good workflow enables you to streamline a process, organize it, and make it less error-prone.

In this blog, I will be covering the workflow of Terraform with an example of how to implement it:

Basic Concept of Terraform Workflow | Terraform Plan |Writing Terraform Code | terraform init |terraform destroy | Demo: Creating an AWS VPC

Basic Concept of Terraform Workflow

The workflows of Terraform are built on top of five key steps: Write, Init, Plan, Apply, and Destroy. Nevertheless, their details and actions vary between workflows.

Write –this is whereyou createchanges to the code.

Init – this is where you initialize your code to download the requirements mentioned in your code.

Plan –this is where you review changesand choosewhetherto simply acceptthem.

Apply –this is where you accept changes and apply them against real infrastructure.

Destroy – this is where to destroy all your created infrastructure.

Also Read:Our blog post on Terraform Tips and Tricks.

Writing Terraform Code

The first thing in the Terraform workflow is to start with writing your Terraform configuration just like you write code: in your editor of choice. It’s common practice to store your work in a version-controlled repository even when you’re just operating as an individual.

Note: Check out the blog on Terraform Installation Overview

What Does the Terraform Init Command Do?

The working directory holding the Terraform configuration files is initialized using the terraform init command. After creating a new Terraform configuration or cloning an existing one from version control, this is the first command that needs to be executed. It is safe to execute this command more than once. This command performs multiple distinct startup processes in order to prepare the current working directory for use with Terraform. This command is always safe to run numerous times to bring the working directory up to date with configuration changes. Though additional runs may result in errors, this program will never erase your existing setup or state.

This command, by default, assumes that the working directory already includes a configuration and attempts to initialize it. It can also be run against an empty directory with the -from-module=MODULE-SOURCE option, which copies the supplied module into the target directory before any additional initialization steps are performed.

The majority of providers are available as Terraform plugins. Terraform scans the configuration for both direct and indirect references to providers and attempts to install the plugins for those providers once the command is executed. The program will automatically discover, download, and install the appropriate provider plugins for providers that are published in either the public Register or a third-party provider registry.

Terraform adds information about the selected providers to the dependency lock file after successful installation. You should committhis file to your version control system to ensure that when you run terraform init again in the future, Terraform will choose the same provider versions.

You can use the init command for:

1. Plugin Installation
2. Child Module Installation
3. Backend Initialization

Note: If any of the above changes are done in the configuration then we need to run the init command to initialize the working directory again.

Once you run the command it will begin initializing the directory as shown in the below image.

Also read, our blog on Terraform Providers Overview

How to Create a Terraform Plan?

The terraform plan command generates an execution plan, allowing you to see a preview of the infrastructure modifications that Terraform intends to make. As soon as Terraform produces a plan, it:

1. Reads the current state of any existing remote objects to ensure that the state is up to date.
2. Compares the current state to the previous state, noting any differences.
3. Proposes a set of change actions that, if executed, should cause the remote objects to match the configuration.

The plan command by itself won’t really implement the suggested changes, so before applying them or sharing your changes with your team for wider evaluation, you can use this command to see if the suggested changes line up with your expectations.If the Terraform discovers no changes to resources, then the terraform plan indicates that no changes are required to the real infrastructure.

Terraform also helps to save the plan to a file for later execution with terrafom apply, which can be useful while applying automation with Terraform. This can be achieved by using -out argument. A speculative plan, which is a description of the plan’s effects but with no intention of actually implementing them, will be created if you run the Terraform Plan without the -out=FILE option.

To specify values for input variables declared in your root module, use the -var command-line option. However, doing so will require creating a command line that can be read by Terraform as well as your preferred command-line shell, which can be challenging for expressions with numerous quotes and escape sequences. Instead of interpreting the output of your shell’s parsing, Terraform should be able to parse your actual values directly if you use the -var-file option, which is what we generally advise.

Also Check: Terraform Create VM.

How to use Terraform Apply –

The steps suggested in a Terraform plan are carried out using the Terraform apply command. The simplest approach to use terraform apply is to execute it without any arguments at all. In this instance, it will automatically generate a new execution plan (just as if you had executed the terraform plan) and then ask for your approval before carrying out the stated actions.

The filename of a saved plan file you earlier prepared with terraform plan -out=… can also be passed to terraform apply, in which case Terraform will apply the changes to the plan without asking for confirmation. This two-step process is primarily meant to be used with automated Terraform execution. This command will produce its own plan of action in the default scenario, similar to how terraform plan would in the absence of a saved plan file. Unless you want to forego the prompt by using the -auto-approve option, Terraform will propose the plan to you and prompt you to approve it before carrying out the indicated steps.

The steps described by a plan file are carried out exactly by the command if you pass the filename of a previously saved plan file. You can use terraform display to view a plan file before applying it; it does not prompt for approval. None of the planning modes or planning options referenced above is supported when utilizing a saved plan; these options only have an impact on Terraform’s decisions regarding which actions to take, and the plan file includes the outcomes of those choices.

If you do not provide a plan file on the instruction, terraform apply will create a replacement plan automatically and then prompt for approval to use it. If the created plan does not include any changes to resources or to root module output values then terraform apply will exit immediately, without prompting.

Also Read: Terraform Cheat Sheet.

When to use Terraform destroy?

The terraform destroy command allows you to easily destroy all remote objects managed by a specific Terraform configuration. While you should avoid destroying long-lived objects in a production environment, Terraform is occasionally used to manage ephemeral infrastructure for development reasons, in which case you can use terraform destroy to conveniently wipe away all of those temporary objects after you’re done.

To destroy a specific EC2 instance (demo vm 1), use the –target parameter with the resource path to identify the relevant resource, as shown below.

Terraform destroy is a command that should be used with caution. It is not something that would be used on a daily basis in the industrial setting. However, using it in sub-production contexts would be rather common, as many proof-of-concept tests necessitate cleanup tasks.

Check Out:Terraform Interview Questions and Answers.

Demo: Creating an AWS VPC

We will be performing a simple demo of creating an AWS VPC, to see the terraform workflow:

We can write our terraform configuration in Hashicorp Configuration Language (HCL) or in JSON. Terraform language syntax is built around two key syntax constructs: arguments and blocks.

Read: AWS Virtual Private Cloud (VPC)

1. Create a main.tf file in your favorite editor, and paste the provider block it in.

2. Paste the code of vpc resource in main.tf (Note: You can also name your vpc in AWS using name tag as shown below).

resource "aws_vpc" "demo" { cidr_block = "10.0.0.0/16" instance_tenancy = "default" tags = { Name = "my-first-vpc" }}

3. Run the terraform init command to initialize the code, and download the plugin.

4. Run terraform apply on the terminal to execute the code, and type yes when asked for confirmation.

5. We will get the below output once the vpc is created.

6. Open AWS console, click on Services, and select VPC.

7. Click on Your VPCs and now check for the created VPC.

8. The last step is to delete the infrastructure, you can do this by using terraform destroy command.

Frequently Asked Questions

Related/References

• Variables In Terraform
  
• Terraform Installation Overview
  
• Why Terraform? Not Chef, Ansible, Puppet, CloudFormation?
• HashiCorp Infrastructure Automation Certification: Terraform Associate
• Terraform Providers Overview

Join FREE Class

🚀 Master Terraform & DevOps to get High-Paying Jobs!

🔥 Join our EXCLUSIVE Free class! 🚀

Get your hands dirty with lots of projects and labs based on Terraform and DevOps in our Program.
Click on the below image to Register for Our FREE Class Now!