This topic describes how to install and configure Terraform and how to use Terraform to manage OSS.
Install and configure Terraform
Before using Terraform, follow these steps to install and configure Terraform:
- Download the software package applicable to your operating system from Terraform official website. In this topic, Terraform is installed and configured in a Linux operating system as an example.
- Extract the software package to the /usr/local/bin directory. If you extract the executable file to another directory, you must add the directory to global variables.
- Run Terraform to verify the directory configuration. If a list of available Terraform options is displayed, Terraform is installed.
[root@test bin]#terraform Usage: terraform [-version] [-help] <command> [args] - Create and authorize a RAM user.
- Log on to the RAM console.
- Create a RAM user named Terraform and create an AccessKey for the user. For more information, see Create a RAM user.
- Authorize the RAM user. You can add relevant permissions to the Terraform RAM user as needed. For detailed steps, see Authorize RAM users.
Notice To maintain data security, do not use the AccessKey of your Alibaba Cloud account to configure Terraform. - Create a test directory named terraform-test. You must create a separate directory for each Terraform project.
[root@test bin]#mkdir terraform-test - Enter the terraform-test directory.
[root@test bin]#cd terraform-test [root@test terraform-test]# - Create a configuration file. Terraform reads all *.tf and *.tfvars files in the terraform-test directory when running. Therefore, you can write configuration information to different files as needed. Some common configuration files are described as follows:
For example, when you create the provider.tf file, you can configure your authentication information as follows:provider.tf -- Used to configure providers. terraform.tfvars -- Used to configure the variables required to configure providers. varable.tf -- Used to configure universal variables. resource.tf -- Used to define resources. data.tf -- Used to define package files. output.tf -- Used to configure the output.[root@test terraform-test]# vim provider.tf provider "alicloud" { region = "cn-beijing" access_key = "LTA**********NO2" secret_key = "MOk8x0*********************wwff"For more information about configurations, see alicloud_oss_bucket.
- Initialize your working directory.
[root@test terraform-test]#terraform init Initializing provider plugins... - Checking for available provider plugins on https://releases.hashicorp.com... - Downloading plugin for provider "alicloud" (1.25.0)... The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings suggested below. * provider.alicloud: version = "~> 1.25" Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.Notice After creating a working directory and configuration files for a Terraform project, you must initialize the working directory.
You can use Terraform after completing the preceding steps.
Use Terraform to manage OSS
After Terraform is installed, you can run commands in Terraform to manage OSS. Some common commands are described as follows:
- terraform plan: You can run this command to view the operations to be executed by a configuration file.
For example, you add a configuration file named test.tf that is used to create a bucket as follows:
[root@test terraform-test]#vim test.tf resource "alicloud_oss_bucket" "bucket-acl"{ bucket = "figo-chen-2020" acl = "private" }In this case, you can run the terraform plan command to view the operations to be executed by the test.tf configuration file.[root@test terraform-test]# terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ------------------------------------------------------------------------ An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + alicloud_oss_bucket.bucket-acl id: <computed> acl: "private" bucket: "figo-chen-2020" creation_date: <computed> extranet_endpoint: <computed> intranet_endpoint: <computed> location: <computed> logging_isenable: "true" owner: <computed> referer_config.#: <computed> storage_class: <computed> Plan: 1 to add, 0 to change, 0 to destroy. ------------------------------------------------------------------------ Note: You didn't specify an "-out" parameter to save this plan, so Terraform can't guarantee that exactly these actions will be performed if "terraform apply" is subsequently run. - terraform apply: You can run this command to execute a configuration file in the working directory.
For example, if you want to create a bucket named figo-chen-2020, you must add a configuration file named test.tf that is used to create the bucket as follows:
[root@test terraform-test]#vim test.tf resource "alicloud_oss_bucket" "bucket-acl"{ bucket = "figo-chen-2020" acl = "private" }Then you can run the terraform apply command to execute the configuration file.
[root@test terraform-test]#terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + alicloud_oss_bucket.bucket-acl id: <computed> acl: "private" bucket: "figo-chen-2020" creation_date: <computed> extranet_endpoint: <computed> intranet_endpoint: <computed> location: <computed> logging_isenable: "true" owner: <computed> referer_config.#: <computed> storage_class: <computed> Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_oss_bucket.bucket-acl: Creating... acl: "" => "private" bucket: "" => "figo-chen-2020" creation_date: "" => "<computed>" extranet_endpoint: "" => "<computed>" intranet_endpoint: "" => "<computed>" location: "" => "<computed>" logging_isenable: "" => "true" owner: "" => "<computed>" referer_config.#: "" => "<computed>" storage_class: "" => "<computed>" alicloud_oss_bucket.bucket-acl: Creation complete after 1s (ID: figo-chen-2020) Apply complete! Resources: 1 added, 0 changed, 0 destroyed.Note After you execute the configuration file, a new bucket is created if the figo-chen-2020 bucket does not exist. If the figo-chen-2020 bucket already exists and is an empty bucket that is created by Terraform, the bucket is deleted and a new bucket with the same name is created. terraform destroy: You can run this command to delete an empty bucket that is created by Terraform.terraform import: You can run this command to import a bucket that is not created by Terraform.For example, you create a configuration file named main.tf and add configurations to the file as follows:[root@test terraform-test]#vim main.tf resource "alicloud_oss_bucket" "bucket" { bucket = "test-hangzhou-2025" acl = "private" }Then you can run the following command to import the test-hangzhou-2025 bucket:
terraform import alicloud_oss_bucket.bucket test-hangzhou-2025
References
- For more bucket configuration examples, see alicloud_oss_bucket.
- For more object configuration examples, see alicloud_oss_bucket_object.