Terraform Provisioner

Terraform Provisioner

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed terraform output.


In this blog post, we will discuss terraform provisioner.

What is Terraform Provisioner?

Provisioners are used to execute scripts on a local or remote machine as part of resource creation or destruction. Provisioners can be used to bootstrap a resource, cleanup before destroy, run configuration management, etc.

Provisioners types:

  • Provisioner Connections: Many provisioners require access to the remote resource. For example, a provisioner may need to use SSH or WinRM to connect to the resource. Any connection information provided in a resource will apply to all the provisioners, but it can be scoped to a single provisioner as well.
  • Provisioners Without a Resource: If you need to run provisioners that aren’t directly associated with a specific resource, you can associate them with a null_resource.
  • Chef Provisioner: The chef provisioner installs, configures and runs the Chef Client on a remote resource. The chef provisioner supports both ssh and winrm type connections.
  • File Provisioner: The file provisioner is used to copy files or directories from the machine executing Terraform to the newly created resource. The file provisioner supports both ssh and winrm type connections.
  • Habitat Provisioner: The habitat provisioner installs the Habitat supervisor and loads configured services. This provisioner only supports Linux targets using the ssh connection type at this time.
  • local-exec Provisioner: The local-exec provisioner invokes a local executable after a resource is created. This invokes a process on the machine running Terraform, not on the resource.
  • remote-exec Provisioner: The remote-exec provisioner invokes a script on a remote resource after it is created. This can be used to run a configuration management tool, bootstrap into a cluster, etc.
  • Salt Masterless Provisioner: The salt-masterless Terraform provisioner provisions machines built by Terraform using Salt states, without connecting to a Salt master. The salt-masterless provisioner supports ssh connections.

Provisioner Syntax:

resource "<resource_type>" "<resource_local_name>"
  provisioner "<provisioner_type>" {
    connection "<connection_type>" {}
  connection "<connection_type>" {}

Provisioner demo:

#create a directory and get inside it
mkdir terraform && cd terraform

#create main.tf
vi main.tf
#create a ec2 instance with httpd
provider "aws" {
access_key = "<your_access_key>"
secret_key = "<your_secret_key>"
region = "ap-south-1"

#create the EC2 instance
resource "aws_instance" "my_web_instance" {
ami = "ami-0937dcc711d38ef3f"
instance_type = "t2.micro"
key_name = "<your_private_key>" #make sure you have your_private_key.pem file
tags = {
Name = "my_web_instance"
provisioner "remote-exec" { #execute the command in remote ec2 instance
inline = [
"sudo mkdir -p /var/www/html/", #command to be executed in remote ec2 instance
"sudo yum install -y httpd",
"sudo service httpd start",
"sudo usermod -a -G apache ec2-user",
"sudo chown -R ec2-user:apache /var/www",

provisioner "local-exec" { #execute the command in local ec2 instance
command = "echo 'Hello from terraform' > /home/ec2-user/terraform/index.html"

provisioner "file" { #copy file from local ec2 instance to remote ec2 instance
source = "index.html"
destination = "/var/www/html/index.html"

connection { #ssh connection details for remote ec2 instance
type = "ssh"
user = "ec2-user"
password = ""
#copy <your_private_key.pem> in your local instance home directory
#chmod 400 <your_private_key.pem>
private_key = "${file("/home/ec2-user/your_private_key.pem")}"

output "we_server_address" {
value = "${aws_instance.my_web_instance.public_dns}"

#format code
terraform fmt

#initialized terraform
terraform init

#create the resource
terraform apply

#copy the we_server_address from output and check in your favourite browser

#list outputs
terraform output

#destroy the resources
terraform destroy

cd .. && rm -rf terraform

Hope you have enjoyed this article. In the next blog post, we will discuss terraform override.

To get more details on terraform, please refer below terraform documentation



Leave a Reply

Close Menu