L1. A Complete Beginner’s Guide to Infrastructure as Code

🧠 What You'll Learn in This Guide

✅ Understand what Infrastructure as Code (IaC) really means
✅ Learn why Terraform is the top tool in the DevOps toolbox
✅ Install Terraform (even if you can't install software on your laptop!)
✅ Set up AWS authentication
✅ Write your first Terraform script
✅ Deploy your first EC2 instance
✅ Learn about Terraform’s lifecycle commands: init, plan, apply, destroy
✅ Understand Terraform's state file and its importance

🌐 Infrastructure as Code (IaC) – Explained Simply

Instead of manually creating cloud resources using the AWS Console, you write code to define and manage your infrastructure. This code can be versioned, reused, and shared - just like software code.

Example:

• Creating 1 S3 bucket? Easy via the AWS console.

• Creating 100 S3 buckets? IaC makes it fast, repeatable, and error-free.

Traditional Methods:

• ❌ Manual creation using the AWS Console - error-prone and repetitive

• ❌ AWS CLI or SDKs like Python + Boto3 - requires programming knowledge

• ❌ CloudFormation or ARM Templates - tied to specific cloud providers

---

💡 So Why Terraform?

Terraform gives us a universal language to define and manage infrastructure across multiple cloud providers - AWS, Azure, GCP, and more - using its own syntax called HCL (HashiCorp Configuration Language).

🔥 Key Benefits:

• 💥 Multi-cloud support with one tool

• 🧾 Readable and declarative syntax

• 🚀 Reusable modules and configurations

• 📦 Massive community and ecosystem

• ⚙️ No deep programming knowledge required

• 🔁 Version-controlled infrastructure (just like Git)

Instead of learning multiple tools like:

• AWS CloudFormation

• Azure ARM Templates

• OpenStack Heat Templates

...just learn Terraform, and it works for all of them.

---

🛠️ Installing Terraform

You can install Terraform in two ways:

🔹 Method 1: Local Installation

For Windows:

• Download the binary from terraform.io

• Add it to your system PATH

• Use Git Bash or PowerShell (not CMD)

For macOS:

brew tap hashicorp/tap
brew install hashicorp/tap/terraform

For Ubuntu/Linux:

sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt install terraform

---

🔹 Method 2: GitHub Codespaces (Recommended for Beginners)

Don’t have admin access or using a restricted office laptop?

Use GitHub Codespaces - your browser becomes your Dev environment.

• ✅ Free: 60 hours/month

• 🖥️ Environment: 2 CPUs, 4GB RAM

• 💻 Built-in Visual Studio Code

• 🌍 Access from any device with a browser

To set it up:

1. Fork the Repo

2. Click Code > Codespaces > Create codespace

3. Add Dev Container Configs for:

   • Terraform

   • AWS CLI

4. Rebuild the container - now you’re ready to use Terraform in-browser!

---

🔐 Setting Up AWS Authentication

Once the AWS CLI is installed, run:

aws configure

You’ll be prompted to enter:

• Access Key ID

• Secret Access Key

• Default region (e.g., us-east-1)

• Output format (json, table, or text)

🔒 Tip: Use IAM Users instead of root accounts for better security. You can generate access keys from the AWS IAM Console.

🔑 Important Note: This only allows your terminal (shell) to interact with AWS using the AWS CLI. It does not automatically grant access to Terraform.

The AWS CLI saves credentials in this location:

~/.aws/credentials

---

Giving Terraform Access to AWS

Once AWS CLI is configured, Terraform can also use those same credentials - if the provider block is correctly written in your .tf file.

Here's the minimal provider configuration:

provider "aws" {
  region = "us-east-1"
}

---

📝 Writing Your First Terraform Script

Let’s write a basic Terraform configuration to launch an EC2 instance.

Step 1: Create a file called main.tf

provider "aws" {
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-xxxxxxxxxxxxxxxxx" # Replace with valid AMI ID
  instance_type = "t2.micro"
  subnet_id     = "subnet-xxxxxxxxxxxxx"  # Replace with your Subnet ID
  key_name      = "your-key-name"         # Replace with your key pair name
}

💡 Where to find values:

• AMI ID: Launch an EC2 instance manually and copy the AMI ID

• Subnet ID: Use your default VPC subnet or create a new one

• Key Name: Use an existing EC2 key pair or create a new one from the AWS console

---

🔄 Terraform Lifecycle Commands

Follow these commands in order:

1️⃣ terraform init

Initializes the working directory and downloads provider plugins.

terraform init

2️⃣ terraform plan

Shows what changes Terraform will make. Think of this as a dry run.

terraform plan

3️⃣ terraform apply

Applies the configuration and creates real infrastructure on AWS.

terraform apply

Terraform will ask for confirmation - type yes.

4️⃣ terraform destroy

Destroys the infrastructure and avoids incurring AWS charges.

terraform destroy

📂 What is the Terraform State File?

Terraform creates a file called:

terraform.tfstate

This file:

• Records all the resources that Terraform created

• Tracks the current state of your infrastructure

• Is used internally to understand what changes need to be made

🔐 Important:
Manage this file securely - it may contain sensitive information like resource IDs and IPs.

In future guides, you’ll learn:

• How to use remote state storage (S3 + DynamoDB)

• How to secure and lock state files in team environments

• How state integrates with CI/CD pipelines