{"id":658,"date":"2024-08-24T14:44:09","date_gmt":"2024-08-24T21:44:09","guid":{"rendered":"http:\/\/184.72.63.26\/?p=658"},"modified":"2024-10-01T14:14:13","modified_gmt":"2024-10-01T21:14:13","slug":"adopt-infrastructure-as-code-iac-to-manage-aws-resources-with-terraform","status":"publish","type":"post","link":"https:\/\/www.wallacel.com\/index.php\/2024\/08\/24\/adopt-infrastructure-as-code-iac-to-manage-aws-resources-with-terraform\/","title":{"rendered":"Managing Infrastructure as Code (IaC) With Terraform"},"content":{"rendered":"\n

When managing AWS resources, it’s common to start with resources created manually or by other tools. As you begin adopting Infrastructure as Code (IaC) with Terraform, importing these existing resources becomes necessary. In this blog, we\u2019ll explore how to import AWS Systems Manager State Manager association into Terraform, and then how to update the EC2 instance IDs within the Terraform-managed resource.<\/p>\n\n\n\n

Prerequisite<\/h2>\n\n\n\n

To use Terraform you will need to install a binary package for your platform (e.g. macOS or Windows). For macOS, you can install the Homebrew packages using the following commands:<\/p>\n\n\n\n

brew tap hashicorp\/tap\nbrew install hashicorp\/tap\/terraform<\/code><\/pre>\n\n\n\n
Step 1: Importing AWS Systems Manager State Manager Association<\/h2>\n\n\n\n
AWS Systems Manager State Manager is a powerful tool that helps manage the configuration of your instances. To manage existing State Manager associations with Terraform, you’ll first need to import them.<\/p>\n\n\n\n
First, create a Terraform configuration file (e.g. ssm.tf) with a place holder for your SSM association. You don’t need to fill in all the arguments, just create a basic structure. Here\u2019s an example:<\/p>\n\n\n\n
terraform {\n  required_providers {\n    aws = {\n      source  = \"hashicorp\/aws\"\n      version = \"5.63.1\"\n    }\n  }\n}\n# Configure the AWS Provider\nprovider \"aws\" {\n  region = \"us-west-2\"\n}\nresource \"aws_ssm_association\" \"myEC2FreeSpace\" {\n  name = \"myEC2FreeSpace\"\n}<\/code><\/pre>\n\n\n\n
Before any import, you need to initialize your Terraform working directory. It downloads the necessary provider plugins, setup backend, and prepares the environment for running other Terraform commands.<\/p>\n\n\n\n
terraform init<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Use the terraform import<\/code> command to import the existing association into Terraform:<\/p>\n\n\n\n
terraform import aws_ssm_association.myEC2FreeSpace <association-id><\/code><\/pre>\n\n\n\n
Replace <association-id><\/code> with the actual ID of the State Manager association. After importing, Terraform will manage this resource, and you can use terraform plan<\/code> to see the current configuration.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
After importing, Terraform will now have the association in its state, but the resource block you initially created will likely be incomplete. Run the following command to see what Terraform detects as different between your configuration and the actual state:<\/p>\n\n\n\n
terraform plan<\/code><\/pre>\n\n\n\n
Terraform will show the differences, and you should update your aws_ssm_association<\/code> resource block in your ssm.tf<\/code> file to match the actual state configuration. This may include adding parameters, targets, document version, etc.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Run the show command and copy the current terraform state to the configuration for editing.<\/p>\n\n\n\n
terraform show<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Edit the configuration until it matches the existing state.<\/p>\n\n\n\n
#SSM State Manager Association\nresource \"aws_ssm_association\" \"myEC2FreeSpace\" {\n    association_name                 = \"myEC2FreeSpace\"\n    document_version                 = \"$LATEST\"\n    name                             = \"CheckFreeDiskSpace\"\n    schedule_expression              = \"cron(0 *\/30 * * * ? *)\"\n    compliance_severity              = \"UNSPECIFIED\"\n    tags                             = {}       \n    targets {\n        key    = \"tag:InstanceIds\"\n        values = [\n            \"i-0abcd1234efgh5678\",\n        ]\n    }\n}<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Step 2: Modify EC2 Instance ID in State Manager Association<\/h2>\n\n\n\n
To update the instance ID in the State Manager association using Terraform, modify your Terraform configuration:<\/p>\n\n\n\n
#SSM State Manager Association\nresource \"aws_ssm_association\" \"myEC2FreeSpace\" {\n    association_name                 = \"myEC2FreeSpace\"\n    document_version                 = \"$LATEST\"\n    name                             = \"CheckFreeDiskSpace\"\n    schedule_expression              = \"cron(0 *\/30 * * * ? *)\"\n    compliance_severity              = \"UNSPECIFIED\"\n    tags                             = {}     \n    targets {\n        key    = \"tag:InstanceIds\"\n        values = [\n            \"i-0abcd1234efgh5678\",\n        ]\n    }\n}<\/code><\/pre>\n\n\n\n
Replace \"i-0abcd1234efgh5678\"<\/code> with the new EC2 instance ID.<\/p>\n\n\n\n
Once you\u2019ve made the necessary updates to your configurations, verify the changes with:<\/p>\n\n\n\n
terraform plan<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Apply the changes with:<\/p>\n\n\n\n
terraform apply<\/code><\/pre>\n\n\n\n
This command will update the existing State Manager association with the new EC2 instance ID.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Final Thoughts<\/h2>\n\n\n\n
Managing AWS resources using Iac offers several key benefits. It greatly reduces the time required to deploy infrastructure and allows you to track changes in your configurations through version control, making it easier to maintain and audit. Once you have your environment setup using Terraform, you can easily replicate another (e.g. staging, production) by applying the same configurations, ensuring consistency across different environments.<\/p>\n\n\n\n
Thank you for reading and I hope you like my blog.<\/p>\n","protected":false},"excerpt":{"rendered":"
When managing AWS resources, it’s common to start with resources created manually or by other tools. As you begin adopting Infrastructure as Code (IaC) with Terraform, importing these existing resources becomes necessary. In this blog, we\u2019ll explore how to import AWS Systems Manager State Manager association into Terraform, and then how to update the EC2 […]<\/p>\n","protected":false},"author":1,"featured_media":681,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[39,40,22],"class_list":["post-658","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aws","tag-iac","tag-state-manager","tag-terraform"],"_links":{"self":[{"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/posts\/658","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/comments?post=658"}],"version-history":[{"count":10,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/posts\/658\/revisions"}],"predecessor-version":[{"id":684,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/posts\/658\/revisions\/684"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/media\/681"}],"wp:attachment":[{"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/media?parent=658"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/categories?post=658"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wallacel.com\/index.php\/wp-json\/wp\/v2\/tags?post=658"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}