For this testing created “ter-demo” dir and created files under this directory.
1.vars.tf
In this file we defined what are actual variables (like syntax) going to use and equivalent values options.
For AWS_REGION and AMIS defined default options.
For AWS_ACCEES_KEY and AWS_SECRET_KEY it can get input from other file or from user .
2.instance.tf
This file has actual contents to create instance in AWS ec2.
The lookup options helps to get relevant values for variables from vars.tf file for AMIS and AWS_REGION.
3.provider.tf
This file content will actually help to access AWS.
We can define access key and secret key in this file. For best practice credential information’s will keep in separate file , which is not exposed to git, version control /outside world.
4.Terraform.tfvars
In this file we can actually keep access key and secret key informations . We can include it in .gitignore file to avoid uploading in git repository.
Now lets verify all the files
Update the .gitignore file with terraform.tfvars
git staus omitted this file from untracked files .
Anyway in this demo we are not going to upload any files into git repo.
5.Now execute below command to validate all the files and values are okay.
#terraform plan
If you initiate #terraform apply the same will be applied in aws environment.
To validate further just move terraform.tfvars with some other name and try to execute #terraform.apply . You will be prompted for keys.
#mv terraform.tfvars terraform.tfvars.orig.
Thats all! In summary actual block to create instance, variables, provider ,secret values everything we can make it as separate file to manage easily and securely with flexible variables and values.