Use Terraform to manage OSS

Edit in GitHub

Last Updated: Aug 26, 2020 Edit in GitHub

This topic describes how to install, configure, and use Terraform to manage OSS.

Install and configure Terraform

Before you use Terraform, perform the following steps to install and configure Terraform:

Download the software package applicable to your operating system from Download Terraform.
In this topic, Terraform is installed and configured in a Linux operating system as an example.
Decompress the package to the /usr/local/bin directory.
To decompress the executable file to another directory, you must add the path to global variables.
Run Terraform to verify the path configuration. If a list of available Terraform options is displayed, the installation is complete.
```
[root@test bin]#terraform
Usage: terraform [-version] [-help] <command> [args]
```
Create a RAM user and grant permissions to the user.
1. Log on to the RAM console.
2. Create a RAM user named Terraform. Create an AccessKey pair for the user.
  For more information, see Create a RAM user.
3. Grant permissions to the RAM user.
  You can add relevant management permissions to the Terraform RAM user as needed. For more information, see Authorize RAM users.
Notice For security reasons, do not use the AccessKey pair of your Alibaba Cloud account to configure Terraform.
Create a test directory.
You must create a separate working directory for each Terraform project. In this example, create a test directory named terraform-test.
```
[root@test bin]#mkdir terraform-test
```

Go to the Terraform-test directory.

[root@test bin]#cd terraform-test
[root@test terraform-test]#

Create a configuration file.

Terraform reads all *.tf and *.tfvars files in the directory when running. You can write configuration information to different files as needed. Frequently used configuration files are as follows:

provider.tf                -- used to configure providers
terraform.tfvars      -- used to configure the variables required to configure providers
varable.tf                  -- Used to configure universal variables
resource.tf                -- Used to define resources
data.tf                        -- Used to define package files
output.tf                    -- Used to configure the output

For example, when you create the provider.tf file, you can configure your authentication information based on the following format:

[root@test terraform-test]# vim provider.tf
provider "alicloud" {
    region           = "cn-beijing"
    access_key  = "LTA**********NO2"
    secret_key   = "MOk8x0*********************wwff"
}

For more information about configurations, see alicloud_oss_bucket.

Initialize your working directory.

[root@test terraform-test]#terraform init


Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "alicloud" (1.25.0)...




The following providers do not have any version constraints in configuration,
so the latest version was installed.


To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.


* provider.alicloud: version = "~> 1.25"


Terraform has been successfully initialized!


You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.


If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Notice After creating a working directory and the configuration file for a Terraform project, you must initialize the working directory.

You can use Terraform after you complete the preceding steps.

After Terraform is installed, you can run Terraform commands to manage OSS. Some common commands are described as follows:

terraform plan: You can run this command to view the operations to be performed by a configuration file.

Assume that you add a configuration file named test.tf that is used to create a bucket:

[root@test terraform-test]#vim test.tf
resource "alicloud_oss_bucket" "bucket-acl"{
  bucket = "figo-chen-2020"
  acl = "private"
}

You can run the Terraform plan command to view the operations to be performed by the test.tf configuration file.

[root@test terraform-test]# terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.


------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + alicloud_oss_bucket.bucket-acl
      id:                <computed>
      acl:               "private"
      bucket:            "figo-chen-2020"
      creation_date:     <computed>
      extranet_endpoint: <computed>
      intranet_endpoint: <computed>
      location:          <computed>
      logging_isenable:  "true"
      owner:             <computed>
      referer_config.#:  <computed>
      storage_class:     <computed>


Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

terraform apply: You can run this command to run a configuration file in the working directory.

To create a bucket named figo-chen-2020, you must add a configuration file named test.tf.

[root@test terraform-test]#vim test.tf
resource "alicloud_oss_bucket" "bucket-acl"{
  bucket = "figo-chen-2020"
  acl = "private"
}

Use the terraform apply command to run the configuration file.

[root@test terraform-test]#terraform  apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + alicloud_oss_bucket.bucket-acl
      id:                <computed>
      acl:               "private"
      bucket:            "figo-chen-2020"
      creation_date:     <computed>
      extranet_endpoint: <computed>
      intranet_endpoint: <computed>
      location:          <computed>
      logging_isenable:  "true"
      owner:             <computed>
      referer_config.#:  <computed>
      storage_class:     <computed>


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

alicloud_oss_bucket.bucket-acl: Creating...
  acl:               "" => "private"
  bucket:            "" => "figo-chen-2020"
  creation_date:     "" => "<computed>"
  extranet_endpoint: "" => "<computed>"
  intranet_endpoint: "" => "<computed>"
  location:          "" => "<computed>"
  logging_isenable:  "" => "true"
  owner:             "" => "<computed>"
  referer_config.#:  "" => "<computed>"
  storage_class:     "" => "<computed>"
alicloud_oss_bucket.bucket-acl: Creation complete after 1s (ID: figo-chen-2020)

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Note After you run the configuration file, a new bucket is created if the figo-chen-2020 bucket does not exist. If the figo-chen-2020 bucket exists and contains no data, the existing bucket is overwritten by the new bucket.

terraform destroy: You can run this command to delete an empty bucket created by Terraform.
terraform import: You can run this command to import a bucket that is not created by Terraform.
To run this command, create a file named main.tf and write information about the bucket:
```
[root@test terraform-test]#vim main.tf
resource "alicloud_oss_bucket" "bucket" { 
 bucket = "test-hangzhou-2025" 
 acl = "private"
}
```
Run the following command to import the test-hangzhou-2025 bucket:
```
terraform import alicloud_oss_bucket.bucket test-hangzhou-2025
```

References

For more information about bucket configuration examples, see alicloud_oss_bucket.
For more information about object configuration examples, see alicloud_oss_bucket_object.