m_shige1979のときどきITブログ

プログラムの勉強をしながら学習したことや経験したことをぼそぼそと書いていきます

Github(変なおっさんの顔でるので気をつけてね)

https://github.com/mshige1979

terraformでAWSのVPCを試してみる

コレ見てちょっとやってみようって思いました

ただ、本の通りの場合はGCPとか用意しないといけないので 面倒そうなのでネットの情報を探しながらVPCの構築まで漕ぎ着けたのでメモ

前提条件

AWS CLI
AWS 

install

brew tap hashicorp/tap
brew install hashicorp/tap/terraform

% terraform -v
Terraform v1.1.9
on darwin_amd64
%

サンプル

ディレクトリを作成

mkdir sample1
cd sample1

AWSのIAM情報を環境変数へ設定

sample1/terraform.tfvars

aws_access_key = "自身のアカウントのアクセスキー"
aws_secret_key = "自身のアカウントのシークレットキー"

サンプルコードを作成

sample1/main.tf

# このへんはおまじないらしい
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.27"
    }
  }

  required_version = ">= 0.14.9"
}

# AWS
variable "aws_access_key" {}
variable "aws_secret_key" {}
provider "aws" {
  region     = "ap-northeast-1"
  access_key = var.aws_access_key
  secret_key = var.aws_secret_key
}

# VPC
resource "aws_vpc" "myVPC" {
    cidr_block = "10.1.0.0/16"
    instance_tenancy = "default"
    enable_dns_support = "true"
    enable_dns_hostnames = "false"
    tags = {
      Name = "myVPC"
    }
}

初期化

terraform init

変更内容確認

terraform init

リソース作成

terraform apply

% terraform apply

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  + create

Terraform will perform the following actions:

  # aws_vpc.myVPC will be created
  + resource "aws_vpc" "myVPC" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.1.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_classiclink                   = (known after apply)
      + enable_classiclink_dns_support       = (known after apply)
      + enable_dns_hostnames                 = false
      + enable_dns_support                   = true
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Name" = "myVPC"
        }
      + tags_all                             = {
          + "Name" = "myVPC"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_vpc.myVPC: Creating...
aws_vpc.myVPC: Creation complete after 2s [id=vpc-XXXXXXXXXXXXXXXX]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
%

リソース削除

terraform destroy

% terraform destroy
aws_vpc.myVPC: Refreshing state... [id=vpc-XXXXXXXXXXXXXXXXXX]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
  - destroy

Terraform will perform the following actions:

  # aws_vpc.myVPC will be destroyed
  - resource "aws_vpc" "myVPC" {
      - arn                              = "arn:aws:ec2:ap-northeast-1:XXXXXXXXXXXXX:vpc/vpc-080aae0823073b72b" -> null
      - assign_generated_ipv6_cidr_block = false -> null
      - cidr_block                       = "10.1.0.0/16" -> null
      - default_network_acl_id           = "acl-XXXXXXXXXXXXXXXXX" -> null
      - default_route_table_id           = "rtb-XXXXXXXXXXXXXXXXX" -> null
      - default_security_group_id        = "sg-XXXXXXXXXXXXXXXXX" -> null
      - dhcp_options_id                  = "dopt-XXXXXXXXXXXXXXX" -> null
      - enable_classiclink               = false -> null
      - enable_classiclink_dns_support   = false -> null
      - enable_dns_hostnames             = false -> null
      - enable_dns_support               = true -> null
      - id                               = "vpc-XXXXXXXXXXXXXXXX" -> null
      - instance_tenancy                 = "default" -> null
      - ipv6_netmask_length              = 0 -> null
      - main_route_table_id              = "rtb-XXXXXXXXXXXXXXXX" -> null
      - owner_id                         = "XXXXXXXXXXXXXX" -> null
      - tags                             = {
          - "Name" = "myVPC"
        } -> null
      - tags_all                         = {
          - "Name" = "myVPC"
        } -> null
    }

Plan: 0 to add, 0 to change, 1 to destroy.

Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: yes

aws_vpc.myVPC: Destroying... [id=vpc-XXXXXXXXXXXXXXXXXXXX]
aws_vpc.myVPC: Destruction complete after 1s

Destroy complete! Resources: 1 destroyed.
%

参考

Terraform簡易チュートリアル on AWS - Qiita 祝 terraform v0.12.0 リリース! upgrade やっていき! - Qiita VPC - Terraformで構築するAWS AWSでTerraformに入門 | DevelopersIO