In this article we are going to cover Creating EC2 Instance using Terraform, connecting to ec2 instance and destroy the resources.
Prerequisites
- AWS Account
- Create IAM User with Admin Access
- Preinstalled Terraform
- Create new Key pairs or use existing
Follow this link to create free aws account
Follow below article to create IAM user in AWS and allow admin access
How to Create IAM User in AWS Step by Step and setup IAM Policy to user
Install Terraform on Linux
How to Install Terraform on Ubuntu 20.04/18.04/16.04 LTS
Creating EC2 Instance using Terraform using minimum variable configuration
once all above prerequisites done then create a folder/directory
sudo mkdir ec2instance
change the folder/directory permission
sudo chmod 777 -R ec2instance
Navigate to ec2instance directory
cd ec2instance
then create ec2demo.tf file
sudo nano ec2demo.tf
paste the below configuration into it
provider "aws" {
access_key = "ACCESS_KEY"
secret_key = "SECRET_KEY"
region = "ap-south-1"
}
resource "aws_instance" "Demo" {
ami = "ami-0d758c1134823146a"
instance_type = "t2.micro"
key_name = "key_pair_name"
tags = {
Name = "Demo"
}
}
Replace the ACCESS_KEY, SECRET_KEY, ami , instance type, key_name and Instance Name value.
Initialize the working directory for terraform using below command
terraform init
Output:
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v3.32.0...
- Installed hashicorp/aws v3.32.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Check the execution plan before applying
terraform plan
Output:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.demo will be created
+ resource "aws_instance" "demo" {
+ ami = "ami-0d758c1134823146a"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ enclave_options {
+ enabled = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
Now build the infrastructure and Type “yes” to confirm, it will create ec2 instance in Default VPC, subnets and security groups given by AWS account.
terraform apply
Output:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.Demo will be created
+ resource "aws_instance" "Demo" {
+ ami = "ami-0d758c1134823146a"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "kops"
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "Demo"
}
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ enclave_options {
+ enabled = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.Demo: Creating...
aws_instance.Demo: Still creating... [10s elapsed]
aws_instance.Demo: Still creating... [20s elapsed]
aws_instance.Demo: Creation complete after 21s [id=i-0c929daadc70ae8e4]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
you will see instance is created in AWS

copy the public address , select key pair name , open the SSH port (22) in security group if not enabled.

Connect to EC2 instance using putty

To destroy the resource use below command and Type “Yes“
terraform destroy
Output:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# aws_instance.Demo will be destroyed
- resource "aws_instance" "Demo" {
- ami = "ami-0d758c1134823146a" -> null
- arn = "arn:aws:ec2:ap-south-1:908198849120:instance/i-0c929daadc70ae8e4" -> null
- associate_public_ip_address = true -> null
- availability_zone = "ap-south-1a" -> null
- cpu_core_count = 1 -> null
- cpu_threads_per_core = 1 -> null
- disable_api_termination = false -> null
- ebs_optimized = false -> null
- get_password_data = false -> null
- hibernation = false -> null
- id = "i-0c929daadc70ae8e4" -> null
- instance_state = "running" -> null
- instance_type = "t2.micro" -> null
- ipv6_address_count = 0 -> null
- ipv6_addresses = [] -> null
- key_name = "kops" -> null
- monitoring = false -> null
- primary_network_interface_id = "eni-041b18460b5ce27c6" -> null
- private_dns = "ip-172-31-45-18.ap-south-1.compute.internal" -> null
- private_ip = "172.31.45.18" -> null
- public_dns = "ec2-15-206-80-209.ap-south-1.compute.amazonaws.com" -> null
- public_ip = "15.206.80.209" -> null
- secondary_private_ips = [] -> null
- security_groups = [
- "default",
] -> null
- source_dest_check = true -> null
- subnet_id = "subnet-a09391c8" -> null
- tags = {
- "Name" = "Demo"
} -> null
- tenancy = "default" -> null
- vpc_security_group_ids = [
- "sg-00c76564",
] -> null
- credit_specification {
- cpu_credits = "standard" -> null
}
- enclave_options {
- enabled = false -> null
}
- metadata_options {
- http_endpoint = "enabled" -> null
- http_put_response_hop_limit = 1 -> null
- http_tokens = "optional" -> null
}
- root_block_device {
- delete_on_termination = true -> null
- device_name = "/dev/sda1" -> null
- encrypted = false -> null
- iops = 100 -> null
- tags = {} -> null
- throughput = 0 -> null
- volume_id = "vol-014952c340f590ffe" -> null
- volume_size = 8 -> null
- volume_type = "gp2" -> null
}
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
aws_instance.Demo: Destroying... [id=i-0c929daadc70ae8e4]
aws_instance.Demo: Still destroying... [id=i-0c929daadc70ae8e4, 10s elapsed]
aws_instance.Demo: Still destroying... [id=i-0c929daadc70ae8e4, 20s elapsed]
aws_instance.Demo: Still destroying... [id=i-0c929daadc70ae8e4, 30s elapsed]
aws_instance.Demo: Destruction complete after 39s
Destroy complete! Resources: 1 destroyed.
To destroy the resources without confirmation use below command
terraform destroy -auto-approve
Error: Unsupported block type
Blocks of type “tags” are not expected here. Did you mean to define argument
“tags”? If so, use the equals sign to assign it a value.
Solution:
tags = {
Name = "value"
}
Conclusion:
We have covered Creating EC2 Instance using Terraform, connecting to ec2 instance and destroy the resources.
Great, useful information.