Terraform Provisioner
Terraform Provisioners
Provisioners are used to performing certain custom actions and tasks either on the local machine or on the remote machine.
File Provisioner
Example1(Amazon EC2) – Upload the file to an EC2 instance
provider "aws" {
region="us-east-1"
}
resource "aws_instance" "ec2_example" {
ami = "ami-05fa00d4c63e32376"
instance_type = "t2.micro"
key_name= "aws_key"
vpc_security_group_ids = [aws_security_group.main.id]
provisioner "file" {
source = "/home/ubuntu/1.txt"
destination = "/home/ec2-user/test-file.txt"
}
connection {
type = "ssh"
host = self.public_ip
user = "ubuntu"
private_key = file("/home/ubuntu/aws_key")
timeout = "4m"
}
}
resource "aws_security_group" "main" {
egress = [
{
cidr_blocks = [ "0.0.0.0/0", ]
description = ""
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = "-1"
security_groups = []
self = false
to_port = 0
}
]
ingress = [
{
cidr_blocks = [ "0.0.0.0/0", ]
description = ""
from_port = 22
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = "tcp"
security_groups = []
self = false
to_port = 22
}
]
}
resource "aws_key_pair" "deployer" {
key_name = "aws_key"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYQIjBKUkXyvWRrrDvLyc5hqs+8CFnCoS8LOR847TJ9NwMVPT5KsKg17k9a/edvemMCZtB15fZS2YsK/EsawacGSlaruhr5mCGQ9p8GVzkGCkjTx8gRGKU23D7KCi6lIBPMO47FbYmb22OemEinwox4vpw41V6AeRDdxnVGiw6xOKruAcN05XhUsTYw3GYoRACWn78fGsZL8YrWyK0Xze0tZlOX/48x9wD/co1znw/JkfUEjhfeCvYtnWYESy521dG9388S/8vhOXfSY4eD57PGvJj5eaN1BfizfzkQn6IviOx/lEtBGL1bIrn3nBaJROzW8nUMgUrd0APimQTERGF root@terraform"
}
Example1(Windows) – Upload the file to an EC2 instance
provider “aws” {
region = “us-east-1”
}
resource “aws_instance” “ec2_example” {
ami = “ami-05fa00d4c63e32376”
instance_type = “t2.micro”
key_name= “aws_keyraman”
vpc_security_group_ids = [aws_security_group.main.id]
tags = {
“Name” = “FileProvisoning”
}
provisioner “file” {
source = “C:\\ABB\\1.yaml”
destination = “/home/ec2-user/test-file.txt”
}
connection {
type = “ssh”
host = self.public_ip
user = “ec2-user”
private_key = file(“C:\\ABB\\aws_key”)
timeout = “4m”
}
}
resource “aws_security_group” “main” {
egress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “-1”
security_groups = []
self = false
to_port = 0
}
]
ingress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 22
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “tcp”
security_groups = []
self = false
to_port = 22
}
]
}
resource “aws_key_pair” “deployer” {
key_name = “aws_keyraman”
public_key = “ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6V5MtNDz26m5qVyvUt6EIdCzXsMWyLvGLVIPhAYKLS+s4Z84wSPO8kJz9jYwjtk2gXtKQDKd0PSeiUwue7YBzXQiCd1xsskcBZvgirrwql0RTXGFKMe99Kr7H/dIrmqcedyKxYupBFIoAt4ugCtGmhsBo+gW15C0+nI+f4PWh0vubJRweEu8rjN+EnEoKbJKPp0N6N5rFwFpsq0P7mtL5c9sdh0G95eo7N1pSVAjI49BfTGzYu36w2wa1iJ6KV9VIZDFD6yanvZRjeWG9wp3Q9NeNw/AMIt7yXgzh2cf4RAqyoSSujorgzmu0i7Ki8bNGDR+U37aerNvcp5+6+rGCeF46v5N950Xa8toFfZH83Wcj4bHHrH5nyiFo18E6kV2+f51EYSU3vdDpRqu34pXlTLmcgrLc+t7jT3uzZq90D9N5DMGAeFLE3cEuYggKdAV06cEo9/dpALEqWOCGYSHw4uMPRsjcEKve/U6mztl5b749RBJyVkc6YyjigYusl5c= raman@Raman-Sharma”
}
local-exec provisioner
This provisioner is used when you want to perform some tasks onto your local machine where you have installed the terraform.
So local-exec provisioner is never used to perform any kind task on the remote machine. It will always be used to perform local operations onto your local machine.
Example(Ubuntu) – Consider the following example where we are trying to create a file hello-world.txt on the local machine
provider "aws" {
profile="rprofile"
region="ap-south-1"
}
resource "aws_instance" "ec2_example" {
ami = "ami-04bde106886a53080"
instance_type = "t2.micro"
key_name= "devops"
provisioner "local-exec" {
command ="touch hello-world.txt"
}
}
Example (Windows)
provider “aws” {
region = “us-east-1”
}
resource “aws_instance” “ec2_example” {
ami = “ami-05fa00d4c63e32376”
instance_type = “t2.micro”
key_name= “newkey”
vpc_security_group_ids = [aws_security_group.main.id]
tags = {
“Name” = “Local command Exec”
}
provisioner “local-exec” {
command =“echo ‘Test’ >> hello-world.txt”
}
}
resource “aws_security_group” “main” {
egress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “-1”
security_groups = []
self = false
to_port = 0
}
]
ingress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 22
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “tcp”
security_groups = []
self = false
to_port = 22
}
]
}
remote-exec provisioner
As the name suggests remote-exec it is always going to work on the remote machine. With the help of the remote-exec you can specify the commands of shell scripts that want to execute on the remote machine.
provider “aws” {
region = “us-east-1”
}
resource “aws_instance” “ec2_example” {
ami = “ami-05fa00d4c63e32376”
instance_type = “t2.micro”
key_name= “aws_keyraman”
vpc_security_group_ids = [aws_security_group.main.id]
tags = {
“Name” = “Remote Command Execution”
}
provisioner “remote-exec” {
inline = [
“touch /home/ec2-user/hello.txt”,
“echo helloworld remote provisioner >> /home/ec2-user/hello.txt”,
]
}
connection {
type = “ssh”
host = self.public_ip
user = “ec2-user”
private_key = file(“C:\\ABB\\aws_key”)
timeout = “4m”
}
}
resource “aws_security_group” “main” {
egress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 0
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “-1”
security_groups = []
self = false
to_port = 0
}
]
ingress = [
{
cidr_blocks = [ “0.0.0.0/0”, ]
description = “”
from_port = 22
ipv6_cidr_blocks = []
prefix_list_ids = []
protocol = “tcp”
security_groups = []
self = false
to_port = 22
}
]
}
resource “aws_key_pair” “deployer” {
key_name = “aws_keyraman”
public_key = “ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6V5MtNDz26m5qVyvUt6EIdCzXsMWyLvGLVIPhAYKLS+s4Z84wSPO8kJz9jYwjtk2gXtKQDKd0PSeiUwue7YBzXQiCd1xsskcBZvgirrwql0RTXGFKMe99Kr7H/dIrmqcedyKxYupBFIoAt4ugCtGmhsBo+gW15C0+nI+f4PWh0vubJRweEu8rjN+EnEoKbJKPp0N6N5rFwFpsq0P7mtL5c9sdh0G95eo7N1pSVAjI49BfTGzYu36w2wa1iJ6KV9VIZDFD6yanvZRjeWG9wp3Q9NeNw/AMIt7yXgzh2cf4RAqyoSSujorgzmu0i7Ki8bNGDR+U37aerNvcp5+6+rGCeF46v5N950Xa8toFfZH83Wcj4bHHrH5nyiFo18E6kV2+f51EYSU3vdDpRqu34pXlTLmcgrLc+t7jT3uzZq90D9N5DMGAeFLE3cEuYggKdAV06cEo9/dpALEqWOCGYSHw4uMPRsjcEKve/U6mztl5b749RBJyVkc6YyjigYusl5c= raman@Raman-Sharma”
}
