:Install and configure Terraform

Configure Terraform identity authentication

Before you use Terraform to manage Alibaba Cloud infrastructure, you must pass Terraform Provider identity authentication. You can use Terraform to call Alibaba Cloud API operations and create and manage the infrastructure and resources of Alibaba Cloud only after you pass identity authentication. Alibaba Cloud Terraform Provider supports multiple authentication methods. For more information, see Terraform identity authentication.

In this example, the AccessKey pair of a Resource Access Management (RAM) user that is obtained from environment variables is used for identity authentication.

1. Create an AccessKey pair for a RAM user. An Alibaba Cloud account has all permissions on resources. If the AccessKey pair of your Alibaba Cloud account is leaked, your resources are exposed to great risks. We recommend that you use the AccessKey pair of a RAM user. For more information, see Create an AccessKey pair.

2. Grant permissions to the RAM user based on the principle of least privilege and your business requirements. For more information, see Create custom policies.

3. Create environment variables to store the identity information.

   Linux

   Important

   The temporary environment variables configured by using the export command are valid only for the current session. After you exit the session, the configured environment variables become invalid. To configure permanent environment variables, you can add the export command to the startup configuration file of your operating system.

   # AccessKey Id
   export ALICLOUD_ACCESS_KEY="<yourAccessKeyID>"
   # AccessKey Secret
   export ALICLOUD_SECRET_KEY="<yourAccessKeySecret>"
   # The region in which resources are deployed.
   export ALICLOUD_REGION="cn-beijing"

   Windows

   1. On the Windows desktop, right-click This PC and select Properties. On the page that appears, click Advanced system settings. In the System Properties dialog box, click Environment Variables on the Advanced tab.

   2. In the Environment Variables dialog box, click New in the System variables or User variables section. In the dialog box that appears, create the environment variables that are described in the following table.

      Variable	Description	Example
      ALICLOUD_ACCESS_KEY	AccessKey Id	yourAccessKeyID
      ALICLOUD_SECRET_KEY	AccessKey Secret	yourAccessKeySecret
      ALICLOUD_REGION	The region in which resources are deployed.	cn-beijing

(Optional) Configure an acceleration solution for Terraform initialization

After you write a Terraform configuration file, run the terraform init command in the directory in which the configuration file is stored. Terraform automatically loads the latest or specified Provider version based on the Provider and Provisioner information specified in the configuration file, or based on resources or data sources relevant to the Provider version.

If Terraform initialization times out due to factors such as network latency, you may fail to download the Provider version. To resolve the issue, you can configure an Alibaba Cloud image site. You can download Terraform Provider from the following sources: source = hashicorp/alicloud and source = aliyun/alicloud. Terraform CLI V0.13.2 and later support the configuration of network images. For more information, see Configure an acceleration solution for Terraform initialization.