All Products
Search
Document Center

ENS:Resource integration by using Terraform

Last Updated:Jun 22, 2026

Terraform is an open source tool for provisioning and managing cloud infrastructure. You can use Terraform to manage ENS resources, such as creating an ENS instance.

Procedure

Grant required permissions to a RAM user

To execute a Terraform template, create a Resource Access Management (RAM) user, obtain an AccessKey pair, and attach a permission policy. The AccessKey pair is configured as an environment variable of Terraform. Attach the following policy to the RAM user:

  • AliyunENSFullAccess: permissions to manage ENS resources.

An Alibaba Cloud account has permissions on all API operations, which may pose security risks. We recommend that you use a RAM user to call API operations or perform routine O&M. Grant the required permissions to the RAM user based on your business requirements. The RAM user must have the permissions to manage Edge Node Service resources. For more information, see System policies for ENS.

Install Terraform

  • To install and configure Terraform on your PC, see Install and configure Terraform in the local PC.

    After Terraform is installed, open the CLI and run terraform version. If version information is returned, the installation is successful.

  • Alternatively, use Cloud Shell provided by Alibaba Cloud, which has a built-in Terraform runtime environment.

Create a template

Create a file named eip.tf with the following content to create an instance:

variable "name" {
  default = "terraform-example"
}
resource "alicloud_ens_eip" "default" {
  description   = "EipDescription_autotest"
  bandwidth     = "5"
  isp           = "cmcc"
  payment_type  = "PayAsYouGo"
  ens_region_id = "cn-chenzhou-telecom_unicom_cmcc"
  eip_name      = var.name
  internet_charge_type = "95BandwidthByMonth"
}

Execute the template

The following steps use Windows as an example. The commands may differ on other operating systems.

  1. Initialize and load required modules, such as the Provider module.

    terraform init
    D:\Terraform>terraform init
    Initializing the backend...
    Initializing provider plugins...
    - Reusing previous version of hashicorp/alicloud from the dependency lock file
    - Using previously-installed hashicorp/alicloud v1.226.0
    ╷
    │ Warning: Additional provider information from registry
    │
    │ The remote registry returned warnings for registry.terraform.io/hashicorp/alicloud:
    │ - For users on Terraform 0.13 or greater, this provider has moved to aliyun/alicloud. Please update your source in
    │ required_providers.
    ╵
    Terraform has been successfully initialized!
    You may now begin working with Terraform. Try running "terraform plan" to see
    any changes that are required for your infrastructure. All Terraform commands
    should now work.
    If you ever set or change modules or backend configuration for Terraform,
    rerun this command to reinitialize your working directory. If you forget, other
    commands will detect it and remind you to do so if necessary.
    D:\Terraform>
  2. Check whether the template syntax is valid.

    terraform validate
    D:\Terraform>terraform validate
    Success! The configuration is valid.
  3. Create an execution plan.

    terraform plan
    D:\Terraform>terraform plan
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
      + create
    Terraform will perform the following actions:
      # alicloud_ens_eip.default will be created
      + resource "alicloud_ens_eip" "default" {
          + bandwidth            = 5
          + create_time          = (known after apply)
          + description          = "EipDescription_autotest"
          + eip_name             = "terraform-example"
          + ens_region_id        = "cn-chenzhou-telecom_unicom_cmcc"
          + id                   = (known after apply)
          + internet_charge_type = "95BandwidthByMonth"
          + isp                  = "cmcc"
          + payment_type         = "PayAsYouGo"
          + status               = (known after apply)
        }
    Plan: 1 to add, 0 to change, 0 to destroy.
    Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
  4. Deploy the template.

    terraform apply
    D:\Terraform>terraform apply
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
      + create
    Terraform will perform the following actions:
      # alicloud_ens_eip.default will be created
      + resource "alicloud_ens_eip" "default" {
          + bandwidth           = 5
          + create_time         = (known after apply)
          + description         = "EipDescription_autotest"
          + eip_name            = "terraform-example"
          + ens_region_id       = "cn-chenzhou-telecom_unicom_cmcc"
          + id                  = (known after apply)
          + internet_charge_type = "95BandwidthByMonth"
          + isp                 = "cmcc"
          + payment_type        = "PayAsYouGo"
          + status              = (known after apply)
        }
    Plan: 1 to add, 0 to change, 0 to destroy.
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
  5. Enter yes to apply the changes. To release the resources created by the template, run the terraform destroy command.

    alicloud_ens_eip.default: Creating...
    alicloud_ens_eip.default: Creation complete after 7s [id=eip-5xxxxxxxxxxxx]
    Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
  6. After the instance is created, you can call API operations, use SDKs, or log on to the ENS console to view it.

    On the left-side navigation pane of the ENS console, choose Compute & Images > Instances. On the Instances page, confirm that the instance status is running.