Understand Terraform Providers

Terraform, an open-source infrastructure as code software developed by HashiCorp, enables users to define and provide data center infrastructure using a declarative configuration language. Key to its operational mechanism is the concept of “providers”, which are an integral part of Terraform’s plug-in based architecture. In this article, we will explore what Terraform providers are, how they work, and how to use them.

What are Terraform Providers?

Terraform providers act as an abstraction layer between Terraform and the various services it supports. They encapsulate the set of APIs that each specific service exposes and translate that into a format that Terraform can understand and work with. For example, there are providers for AWS, Google Cloud Platform, Azure, and many other cloud or on-premises services.

Essentially, every resource you manage with Terraform is supported by a specific provider. Without providers, Terraform would lack the means to interact with APIs of various service providers, making its infrastructure as code (IaC) capabilities ineffective.

How do Terraform Providers Work?

Terraform providers serve as the conduit through which Terraform communicates with the rest of your tech stack. They are responsible for understanding API interactions and exposing resources. Providers offer a collection of resource types, and each type describes a specific kind of object to manage, like a compute instance or a DNS record.

During Terraform’s planning phase, the provider plugin is queried to understand the details of the resources under its management. The plugin communicates with the corresponding cloud service, checks the status of the resources, and feeds this information back to Terraform. This process enables Terraform to figure out what changes are necessary to reach the desired state of the infrastructure.

Subsequently, in the application phase, the provider plugin is informed of the planned changes and proceeds to make the necessary API calls to apply these changes.

Using Terraform Providers

1. Declaring Providers

Providers are declared in your Terraform configuration files, usually within a provider block. When you declare a provider, you also specify any required and optional configurations for that provider, such as region or account credentials.

A typical provider block might look like this:

provider "aws" {
  region = "us-west-2"
}

In this case, the `aws` provider is being declared, and the AWS region is being set to `us-west-2.

Multiple provider instances can also be declared for different configurations. For instance, managing resources in different regions within the same configuration.

2. Referencing Resources

Once you’ve declared a provider in your configuration, you can begin to define resources that the provider will manage. Resources are declared in resource blocks, and each block describes one or more infrastructure objects.

Here’s an example of a resource block that creates an AWS EC2 instance:

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
}

The string `aws_instance` is the resource type, and example is the resource’s name within your Terraform configuration.

3. Provider Documentation and Versioning

Each provider has its own documentation, which includes a list of the resource types and data sources it supports, any provider-specific configuration options, and usage examples.

It is also important to note that Terraform providers are versioned. This means you can specify which version of a provider your configuration should use. Provider versioning helps ensure that your configurations are consistent and maintainable, as updates to providers can sometimes cause breaking changes.

Specifying a provider version might look like this:

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 2.70"
    }
  }
}

This configuration requires the AWS provider from the HashiCorp namespace and any version in the 2.70 series.

Using Google Cloud Platform (GCP) as Provider

To work with GCP in Terraform, you will use the Google provider. The provider configuration for GCP typically requires the project ID and credentials in JSON format.

Here’s an example:

provider "google" {
  project     = "your_gcp_project_id"
  credentials = file("path_to_your_service_account_json_file")
}

The file function is used to load the JSON credentials file that you’ve downloaded from GCP.

Now you can define resources that the Google provider will manage. Let’s create a Google Compute Engine instance:

resource "google_compute_instance" "default" {
  name         = "terraform-instance"
  machine_type = "n1-standard-1"
  zone         = "us-central1-a"

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-9"
    }
  }

  network_interface {
    network = "default"

    access_config {
      // Ephemeral IP
    }
  }
}

This will create a VM instance in the “us-central1-a” zone, with the machine type “n1-standard-1”, and it uses Debian 9 as the boot image.

Using Azure as Provider

To use Azure with Terraform, you’ll need the Azure provider, known as `azurerm`. You will need to authenticate using a Service Principal with a Client Secret, or by using the Azure CLI.

Here’s an example with Service Principal and Client Secret:

provider "azurerm" {
  features {}
  subscription_id = "your_subscription_id"
  client_id       = "your_client_id"
  client_secret   = "your_client_secret"
  tenant_id       = "your_tenant_id"
}

To define a resource, such as creating a resource group in Azure, you might write:

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

This will create a resource group named “example-resources” in the “West Europe” location.

Please note that the actual values of your subscription ID, client ID, client secret, and tenant ID should be stored securely, and it’s better to reference them through environment variables or secure secret management systems.

Conclusion

In conclusion, Terraform providers are a powerful component of Terraform’s infrastructure as code offering. They allow you to manage a broad spectrum of services by acting as an essential bridge between Terraform and your chosen cloud services or platforms. Understanding and effectively using providers is vital to fully leveraging the power of Terraform in your IaC operations.

The post Understand Terraform Providers appeared first on TecAdmin.

Infrastructure Automation TecAdmin Terraform