Alibaba Cloud Cloud Shell is a free operations and maintenance product that comes pre-installed with Terraform and configured with identity credentials. You can run Terraform commands directly in Cloud Shell.
Log on to Cloud Shell
Open your browser and enter https://shell.alibabacloud.com/ in the address bar to access Cloud Shell. For more information about Cloud Shell access and usage, see Use Cloud Shell.
We recommend that you log on as a RAM user. To ensure the security of your Alibaba Cloud account, avoid using your Alibaba Cloud account to access cloud resources unless necessary.
Switch Terraform versions
The default Terraform version in Cloud Shell might be outdated, which can cause some features to malfunction. We recommend switching to a newer version.
Check the current Terraform version. If the version is earlier than 1.2, we recommend switching to a newer version.
terraform version
View the built-in Terraform versions in Cloud Shell:
tfenv list
Switch to a specific Terraform version:
tfenv use <terraform_version>For example, to switch to version 1.9.5:
Compile Terraform templates
This topic uses creating an ECS instance with Terraform as an example to help you understand how Terraform orchestrates resources and how to use Terraform commands to create and destroy resources.
Create a Terraform template file named main.tf and edit it directly using the vim command.
mkdir tf-demo && cd tf-demo vim main.tfCopy the following Terraform example code to the main.tf file:
provider "alicloud" { region = var.region } # Region for resource creation variable "region" { default = "cn-beijing" } # ECS instance name variable "instance_name" { default = "tf-cloudshell-test" } # ECS instance type variable "instance_type" { default = "ecs.n2.small" } # Outbound public bandwidth, value 0 means no public network access variable "internet_bandwidth" { default = 10 } # ECS OS image variable "image_id" { default = "ubuntu_18_04_64_20G_alibase_20190624.vhd" } # ECS system disk type variable "disk_category" { default = "cloud_efficiency" } # ECS instance logon password variable "password" { default = "TF-test@1234" } # Create a VPC resource "alicloud_vpc" "vpc" { vpc_name = "tf_test_foo" cidr_block = "172.16.0.0/12" } # Query available zones based on instance type and disk category data "alicloud_zones" "default" { available_disk_category = var.disk_category available_resource_creation = "VSwitch" available_instance_type = var.instance_type } # Create a vSwitch resource "alicloud_vswitch" "vsw" { vpc_id = alicloud_vpc.vpc.id cidr_block = "172.16.0.0/21" zone_id = data.alicloud_zones.default.zones.0.id } # Create a security group resource "alicloud_security_group" "default" { security_group_name = "default" vpc_id = alicloud_vpc.vpc.id } # Create an inbound rule for the security group resource "alicloud_security_group_rule" "allow_all_tcp" { type = "ingress" ip_protocol = "tcp" nic_type = "intranet" policy = "accept" port_range = "1/65535" priority = 1 security_group_id = alicloud_security_group.default.id cidr_ip = "0.0.0.0/0" } resource "alicloud_instance" "instance" { # Attach security group security_groups = alicloud_security_group.default.*.id instance_type = var.instance_type system_disk_category = var.disk_category image_id = var.image_id instance_name = var.instance_name # vSwitch vswitch_id = alicloud_vswitch.vsw.id internet_max_bandwidth_out = var.internet_bandwidth password = var.password }Run the
terraform initcommand to initialize the configuration.Run the
terraform plancommand to preview the configuration.
Run the
terraform applycommand to create an ECS instance. If the execution result returns "Apply complete!", the resource has been created successfully.
If you no longer need this instance, you can run the
terraform destroycommand to release the resources you created.