Provisioning AWS Infrastructure Using Terraform (IaC)
For me, DevOps isn't just a job โ it's a craft. I derive genuine excitement from turning tedious manual tasks into automated workflows that run like clockwork. As a junior DevOps engineer, I've already made tangible impacts, like implementing a Jenkins CI/CD pipeline that cut deployment times by 30% and significantly reduced release-day errors.
๐๐ฒ๐ ๐ฆ๐ธ๐ถ๐น๐น๐ & ๐๐ฐ๐ต๐ถ๐ฒ๐๐ฒ๐บ๐ฒ๐ป๐๐
๐๐๐๐ผ๐บ๐ฎ๐๐ถ๐ผ๐ป & ๐๐/๐๐: Built and maintained continuous integration pipelines (Jenkins, GitHub Actions) that accelerated deployment cycles by eliminating manual steps, saving ~5 hours per week.
๐๐น๐ผ๐๐ฑ ๐๐ป๐ณ๐ฟ๐ฎ๐๐๐ฟ๐๐ฐ๐๐๐ฟ๐ฒ (๐๐ช๐ฆ): Deployed and managed scalable applications on AWS using infrastructure as code (Terraform), ensuring consistent environments and smooth rollouts.
๐๐ผ๐ป๐๐ฎ๐ถ๐ป๐ฒ๐ฟ๐ถ๐๐ฎ๐๐ถ๐ผ๐ป & ๐ข๐ฟ๐ฐ๐ต๐ฒ๐๐๐ฟ๐ฎ๐๐ถ๐ผ๐ป: Implemented containerization with Docker and orchestrated services using Kubernetes, enabling microservice architectures and seamless deployments.
I approach each challenge with a humble mindset โ there's always a new tool or technique to master โ but also with the confidence that I can devise effective solutions. I've thrived in globally distributed teams and am adept at remote collaboration, using clear communication to keep projects on track across time zones. Ultimately, I'm on a mission to bridge the gap between development and operations to help teams deliver reliable software faster. I'm excited to continue growing as a DevOps professional. My goal is to bring my energy, curiosity, and commitment to excellence to a forward-thinking remote team that values continuous improvement and innovation.
6 million dollar question: โIf everything went down today, could you rebuild it from code?โ
After this project, the answer is YES.
๐ฏ PROJECT 3 โ GOALS
By the end of this project, you will:
Provision AWS infrastructure entirely from code
Create and destroy EC2 safely using Terraform
Manage Security Groups declaratively
Understand Terraform state (very important)
Be able to say (confidently):
โI provision AWS infrastructure using Terraform.โ ๐ฆ WHAT WE WILL BUILD (CLEAR SCOPE)
Terraform will create:
โ EC2 instance (Ubuntu)
โ Security Group
SSH (22)
HTTP (80)
โ Key Pair (or reference existing)
โ Output values (public IP)
This will replace manual EC2 creation.
๐ PROJECT STRUCTURE (PROFESSIONAL)
project-3-terraform-aws/
โโโ main.tf
โโโ variables.tf
โโโ outputs.tf
โโโ terraform.tfvars
โโโ README.md
NB: Note that we are using Bash terminal throughout the project except stated otherwise.
๐งฑ CLASS 1 โ TERRAFORM SETUP & BASICS Step 1: Install Terraform (Windows)
Download: ๐ https://developer.hashicorp.com/terraform/downloads
Choose:
Windows AMD64
Extract terraform.exe
Add it to PATH
How do you add to path?
๐งฑ STEP 4 โ ADD TERRAFORM TO PATH (CRITICAL)
This is the step most people miss.
3๏ธโฃ Add C:\terraform to PATH (CRITICAL)
Press Windows key
Search: Environment Variables
Open Edit the system environment variables
Click Environment Variables
Under System variables, select Path
Click Edit
Click New
Click on Browse.. and select the terraform folder we have save in C:.
Click OK on all windows.
โ ๏ธ You must close and reopen Git Bash after this.
๐งช STEP 5 โ VERIFY INSTALLATION
Close all terminals.
Open Git Bash again, then run: Verify:
terraform -version
You must see a version number.
โ STEP 2: Create the Terraform project directory
Now create it:
mkdir project-3-terraform-aws
Enter it:
cd project-3-terraform-aws
Confirm:
pwd
You should see:
.../Desktop/project-3-terraform-aws
โ Now youโre in the right place.
โ๏ธ AWS SETUP โ KEY PAIR (SAFE & CORRECT) ๐ฏ What we are doing
By the end of this, you will have:
An AWS account
An EC2 Key Pair
A .pem file saved safely
The key pair NAME ready for Terraform โ ๏ธ We are NOT creating EC2 yet โ just preparing access.
STEP 1: Log in to AWS Console
Go to: ๐ https://console.aws.amazon.com/
Sign in with your AWS account. STEP 2: Select the correct region (IMPORTANT)
Top-right corner of AWS Console:
Select US East (N. Virginia) โ us-east-1
Why?
Free-tier friendly
Matches our Terraform default
Most tutorials & AMIs work here
STEP 3: Go to EC2 Dashboard
In the AWS search bar, type:
EC2
Click EC2.
STEP 4: Create a Key Pair
In the left sidebar:
Network & Security โ Key Pairs
Click Create key pair.
Fill the form:
Name:
terraform-key
(simple, professional, reusable)
Key pair type: RSA
Private key file format: .pem
Click Create key pair.
STEP 5: SAVE THE KEY FILE (VERY IMPORTANT)
Your browser will download:
terraform-key.pem
Do NOT delete it
Do NOT rename it
โ ๏ธ AWS will never show this file again.
โ STEP 3: Initialize the project files Create the Terraform files weโll use:
`touch main.tf variables.tf outputs.tf terraform.tfvars`
Confirm:
ls
You should see:
main.tf variables.tf outputs.tf terraform.tfvars
Now that the folder exists and files are created, open it in VS Code:
code .
Step 1: Paste variables.tf
Open variables.tf and paste:
variable "region" { description = "AWS region" type = string default = "us-east-1" }
variable "instance_type" { description = "EC2 instance type (keep low-cost)" type = string default = "t2.micro" }
variable "key_name" { description = "Existing AWS key pair name (NOT the .pem filename)" type = string }
Step 2: Paste `main.tf`
Open `main.tf `and paste:
terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5.0" } } }
provider "aws" { region = var.region }
resource "aws_security_group" "web_sg" { name = "terraform-web-sg" description = "Allow SSH and HTTP"
ingress { description = "SSH" from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] }
ingress { description = "HTTP" from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] }
egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } }
data "aws_ami" "ubuntu" { most_recent = true
filter { name = "name" values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] }
filter { name = "virtualization-type" values = ["hvm"] }
owners = ["099720109477"] # Canonical (Ubuntu) }
resource "aws_instance" "web" { ami = data.aws_ami.ubuntu.id instance_type = var.instance_type key_name = var.key_name
vpc_security_group_ids = [aws_security_group.web_sg.id]
tags = { Name = "terraform-web-instance" } }
Step 3: Paste `outputs.tf`
Open `outputs.tf` and paste:
output "public_ip" { description = "Public IP of the EC2 instance" value = aws_instance.web.public_ip }
Step 4: Set `terraform.tfvars`
Open `terraform.tfvars` and paste (edit the key name):
key_name = "YOUR_KEYPAIR_NAME"
โ ๏ธ This must be your AWS Key Pair name (example: nodejs-key) โ not nodejs-key.pem.
Step 5: Run Terraform commands (from Git Bash in project-3 folder)
terraform init terraform fmt terraform validate terraform plan
STEP 6: Confirm the **Key Pair** exists
Back in `AWS Console โ Key Pairs`
You should see:
terraform-key
๐ Terraform uses the **name**
๐ SSH uses the **.pem file**
STEP 7: Prepare for **Terraform**
Now go back to your local machine.
Open:
`project-3-terraform-aws/terraform.tfvars`
Set:
key_name = "terraform-key"
โ
This is correct.
๐ PROJECT 3 โ CLASS 2 (CONTINUED)
Terraform Plan โ Apply โ Verify โ Destroy (Cost-Safe)
You already have:
โ
Terraform installed
โ
AWS CLI configured
โ
Key pair created: terraform-key
โ
Terraform files created
Now we proceed.
โ
**Step 1: Set the key pair in Terraform**
Open `terraform.tfvars` and confirm it contains exactly:
`key_name = "terraform-key"`
Save the file.
โ
FIX AWS CLI v2 (Windows 11)
Step 1: Check if AWS CLI files actually exist
Open File Explorer and go to:
C:\Program Files\Amazon\AWSCLIV2\
Look for:
aws.exe
Also check this folder:
C:\Program Files\Amazon\AWSCLIV2\bin\
Look for:
aws.exe
How to add PATH:
Press **Win key** โ type **Environment Variables**
Open **Edit the system environment variables**
Click **Environment Variablesโฆ**
Under User variables (top), select **Path** โ **Edit**
New โ paste the path above
**OK โ OK โ OK**
โ
Now close ALL terminals (PowerShell + Git Bash) and reopen PowerShell.
Test:
**where aws
aws --version**
**After AWS works: configure creds for Terraform**
Once `aws --version` works, do:
aws configure
Set:
region: `us-east-1
`
output: `json`
Then confirm:
aws sts get-caller-identity
Then go back to your **Terraform folder** and **run**:
terraform plan
Expected output (example):
C:\Program Files\Amazon\AWSCLIV2\aws.exe aws-cli/2.xx.x Python/3.xx Windows/10 exe/AMD64
โ
**Then continue Project 3 (Terraform AWS)**
Configure AWS credentials:
aws configure
Enter:
**Access Key ID** โ from AWS IAM
**Secret Access Key** โ from AWS IAM
**Region** โ `us-east-1`
**Output** โ `json`
Verify:
aws sts get-caller-identity
Then:
Copy code terraform init terraform plan
You should get a successful result.
**Next step (Project 3)**
From the same folder `(~/OneDrive/Desktop/project-3-terraform-aws)` run:
terraform apply
Type **yes **when it asks.
After it finishes, **run**:
terraform output
You should see the
public_ip
**1) Get the EC2 Public IP**
Run (in the same project folder):
terraform output public_ip
If it says โno outputs foundโ, run:
terraform refresh terraform output
(That will display it.)
Then we test it
1) SSH into the server (Git Bash)
Your keypair name is terraform-key, so your file is likely on Desktop.
Run:
chmod 400 ~/OneDrive/Desktop/terraform-key.pem ssh -i ~/OneDrive/Desktop/terraform-key.pem ubuntu@34.229.201.13
If your key is in **Downloads** instead:
chmod 400 ~/Downloads/terraform-key.pem ssh -i ~/Downloads/terraform-key.pem ubuntu@34.229.201.13
2) Once youโre inside EC2: install Docker and run the proof app
Paste these **exactly**:
sudo apt-get update -y sudo apt-get install -y docker.io sudo systemctl enable --now docker sudo usermod -aG docker ubuntu newgrp docker docker run -d --name hello -p 80:80 nginx:alpine
Now open in your browser:
http://34.229.201.13
You should see the Nginx page โ
Destroy everything (from your Terraform folder)
Make sure youโre in the right folder:
cd ~/OneDrive/Desktop/project-3-terraform-aws
Run:
terraform destroy
Type: yes
This will remove:
EC2 instance
Security Group
- Confirm itโs gone
After it completes, run:
terraform output
It should either show nothing useful or error because resources are gone.
