What Are Terraform Modules and How Do They Work?

By

 



What does a module do?

A Terraform module allows you to create logical abstraction on the top of some resource set. In other words, a module allows you to group resources together and reuse this group later, possibly many times.

Modules: Definitions

Root Modules

Child Modules

The output block and how it’s used in Modules

One of the uses of an output block is to expose a subset of the module’s resource attributes to a parent module. As a precursor to Module Composition, bellow is an illustration of how outputs are used in modules:



Let's assume we have a virtual server with some features hosted in the cloud. What set of resources might describe that server? For example:

the virtual machine itself, created from some image
an attached block device of a specified size for additional storage
a static public IP mapped to the server's virtual network interface
a set of firewall rules to be attached to the server
other things like another block device, additional network interface, and so on


Now let's assume that you need to create this server with a set of resources many times. This is where modules are really helpful – you don't want to repeat the same configuration code over and over again, do you?

We can create sample VPC using modules:

https://github.com/GudditiNaganjaneyulu/Terraform/tree/main/vpc


provider.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }

  backend "s3" {
    bucket = "my-terrafrom-backend"
    #dynamodb_table = "value"
  }


}
provider "aws" {
    region = "us-east-1"
 
}

vpcmodule.tf


module "terraform-vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "3.18.1"

#VPC NAME & CIDR Range
  name = "terraform-vpc"
  cidr = "10.0.0.0/16"

# Avalibulity Zones & Subnets  Declaration
  azs = ["us-east-1a","us-east-1b"]
  public_subnets = ["10.0.150.0/24","10.0.151.0/24"]
  private_subnets = ["10.0.100.0/24","10.0.101.0/24"]
#database subnets
  create_database_subnet_group = true
  create_database_subnet_route_table = true
  database_subnets = ["10.0.50.0/24","10.0.51.0/24"]

#NAT Gateway
  enable_nat_gateway = true
  single_nat_gateway = true

#DNS hostnames
  enable_dns_hostnames = true
  enable_dns_support = true

#public subnet tags

public_subnet_tags ={
    Name = "My-terraform-public_subnet"
    Environment = "DEV"

}

#public subnet tags

private_subnet_tags ={
    Name = "My-terraform-private_subnet"
    Environment = "DEV"
   
}

#public subnet tags

database_subnet_tags ={
    Name = "My-terraform VPC-Database_subnet"
    Environment = "DEV"
   
}

tags = {
    Name = "Terraform-VPC"
    Owner = "Gudditi"

}

vpc_tags = {
    Name = "TF-VPC"
}


}

# Terraform Initialize
terraform init
Observation:
1. Verify if modules got downloaded to .terraform folder

# Terraform Validate
terraform validate

# Terraform plan
terraform plan

# Terraform Apply
terraform apply -auto-approve
Observation:
1) Verify VPC
2) Verify Subnets
3) Verify IGW
4) Verify Public Route for Public Subnets
5) Verify no public route for private subnets
6) Verify NAT Gateway and Elastic IP for NAT Gateway
7) Verify NAT Gateway route for Private Subnets
8) Verify no public route or no NAT Gateway route to Database Subnets
9) Verify Tags

# Terraform Destroy
terraform destroy -auto-approve

# Delete Files
rm -rf .terraform*
rm -rf terraform.tfstate*





Comments

Post a Comment

Popular posts from this blog

Remote Friendly Companies

By
Image
 List of companies provide remote opportunities NAME WEBSITE REGION &yet andyet.com Worldwide 10up 10up.com Worldwide 15Five 15five.com Europe, Americas 17hats 17hats.com Worldwide 18F 18f.gsa.gov USA 1Password 1password.com North America, UK 42 Technologies 42technologies.com Worldwide abiturma abiturma.de Germany Ably ably.io Europe Abstract API abstractapi.com Worldwide acct acct.global Worldwide Acivilate acivilate.com USA Acquia acquia.com Worldwide ActiveCampaign activecampaign.com Dublin, Ireland; USA Ad Hoc adhocteam.us USA Adaface adaface.com Asia AddStructure bazaarvoice.com USA Adzuna adzuna.co.uk Worldwide AE Studio ae.studio USA, BR Aerolab aerolab.co Latin America AgFlow agflow.com Europe Aha! aha.io Worldwide Aim India aimincorp.com India Airbyte airbyte.com Europe, North America, Latin America AirGarage airgarage.com USA AirTreks airtreks.com USA Aivitex aivitex.de Germany Algorand algorand.com USA Algorithmia algorithmia.com the USA or Canada ALICE aliceplatfor...
Read more

Docker Image Vulnerabilities and Scanner Guide: A Quick Overview

By
Image
V ulnerabilities in Docker images can expose your system to potential cyber threats. Tools like Docker Scout, Trivy,.. offer a fast and comprehensive way to scan for these vulnerabilities, ensuring a secure containerized environment. What is a Vulnerability? A vulnerability is a weakness or flaw in software that can be exploited by attackers to compromise a system’s security. In the context of Docker, vulnerabilities can exist within container images, making them potential entry points for cyber threats. Docker Image Vulnerabilities Docker images serve as the building blocks for containers. These images can contain   outdated   or   flawed components   that may pose security risks. Identifying and mitigating these vulnerabilities is crucial for a   secure containerized environment. Image Vulnerability Database:   https://dso.docker.com/explore Here are the top 5 tools to scan Docker images: Docker scout Trivy Clair Anchore Engine Dagda Synk Scan Docker Imag...
Read more

Introduction to Istio, Kiali, Jaeger, Grafana, and Prometheus

By
Image
Are you curious about the magic behind those seamless web applications and services you use daily? Well, let's take a peek into the fascinating world of microservices and the tools that make them work like a charm: Istio, Kiali, Jaeger, Grafana, and Prometheus. These tools might sound a bit technical, but fear not! We're here to break it down in the simplest way possible. 1. Istio: The Traffic Director Istio is an open source service mesh that layers transparently onto existing distributed applications. Istio’s powerful features provide a uniform and more efficient way to secure, connect, and monitor services. Istio is the path to load balancing, service-to-service authentication, and monitoring – with few or no service code changes.  The control plane takes your desired configuration, and its view of the services, and dynamically programs the proxy servers, updating them as the rules or the environment changes. Before utilizing Istio After utilizing Istio Imagine you're m...
Read more