A repository dedicated to a collection of hands-on Terraform challenges forked from Zeal Vora at this repo. There are a total of 4 challenges related to IaC skills, from basic resource provisioning to complex, multi-provider setups.
The developer at Sample Small Corp had created a Terraform File for creating certain resources and the code was written a few years back based on the old Terraform version.
My responsibility was to review the existing Terraform code, modernise it to align with current best practices, and ensure compatibility with the latest Terraform version.
- Access/Secret Keys: There are hardcoded AWS Access and Secret keys with the code. This must be fixed.
- Provider Block: Provider Block is used to define provider version along with 3rd party providers. We need to use the new required_provider block to define provider and constraints.
- Terraform Core Versioin requirement: The original version
0.12.31is old version and we should use the latest version of Terraform, I have removed the original one to set the latest version in use.
The Terraform scripts were modernised, security vulnerabilities were eliminated, and the code became compliant with current Terraform standards. This ensured smoother deployments, better maintainability, and reduced risks for future infrastructure changes.
The sample code has been provided that creates certain resources. I need to optimise the code following the best practices. Also, I need to demonstrate ability to modify veriable splunk from 8088 to 8089 without modifying the Terraform code.
My responsibility was to ensure the code is working and resource gets created without deleting the existing terraform.lock.hcl file. File is free to be modified based on requirements and I need to demonstrate the ability to modify veriable splunk as mention.
- Indentation issues: These are present in the code and the code has been updated to ensure proper indention.
- Hard-coded issues: Many values are found in hard-coded as part of the code. This makes it difficult to modify and review if code bse becomes larger. We need to use Variables and TFVars.
- Use of Tags: For easy identification of the resources among all others, all resources are properly tagged.
- Variable Precedence: The appropriate variable precedence must be used to override variables from Terraform code.
- Create Right Folder Structure: We should not put everything in one single file named
main.tf.eip.tf,providers.tf,sg.tfandvariables.tfare created.
The Terraform configuration was optimised for readability, scalability, and maintainability. Resources could be deployed smoothly, and the splunk variable was successfully overridden to 8089 without modifying the Terraform code, demonstrating flexibility in handling infrastructure changes.
I got .tf file containing varible named instance_config in map. Based on the values specified in map, EC2 instances should be created accordingly. If key/value is removed from map, EC2 instances should be destoryed accordingly.
My responsibility was to review the existing Terraform code, modernise it to align with current best practices, and ensure compatibility with the latest Terraform version.
- Use of Loops: We need to use the loops to achieve this because the requirement indicates that based on key/value specified in map, the resources should be created and estoryed accordingly.
- Use for_each: If a resource block includes a
for_eachargument whose value is a map or a set of strings, Terraform creates one instance for each member of that map or set.
The Terraform code was modernised and optimised for maintainability. EC2 instances could now be created and destroyed dynamically based on instance_config, reducing manual intervention, improving scalability, and ensuring the code aligned with Terraform best practices.
Client wants a code that can create IAM user in AWS account with following syntax: admin-user-{account-number-of-aws}.
Client wants to have a logic that will show names of ALL users in AWS account in the output.
Client also wants Terraform to show Total number of users in AWS along with the list of users in AWS.
My responsibility was to review the existing Terraform code, modernise it to align with clientt's requirement and current best practices, and ensure compatibility with the latest Terraform version.
- Data Sources: Data Sources allows us to dynamically fetch information from the infrastructure resource / othe state backends. I can fetch information dynamically like AWS Account ID, User names using Data Sources.
- Functions: I make use of Terraform Function that can calculate total number of users and output it.
The Terraform code was successfully modernised to meet the client’s specifications. IAM users were created with the required naming convention, and Terraform outputs now provided both the complete list of users and the total count, giving the client greater visibility and automation in managing IAM users.