参考文献: Terraform Up & Running (Yevgeniy Brikman著)

 

cat <<-'EOF' > variables.tf

variable "role_name" {
  description = "role_name"
  type = string
  default = "role01"
}

EOF

cat <<-'EOF' > main.tf

terraform {
  required_version = "= 1.6.0"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "= 4.17.0"
    }
  }
}

provider "aws" {
  region = "ap-northeast-1"
}

data "aws_iam_policy_document" "role01" {
  statement {
    effect = "Allow"
    actions = [ "sts:AssumeRole" ]
    principals {
      type = "Service"
      identifiers = ["ec2.amazonaws.com"]
    }
  }
}

data "aws_iam_policy_document" "policy01" {
  statement {
    effect = "Allow"
    actions = ["ec2:*"]
    resources = ["*"]
  }
}

resource "aws_iam_role" "role01" {
  name_prefix = var.role_name
  assume_role_policy = data.aws_iam_policy_document.role01.json
}

resource "aws_iam_role_policy" "role01_policy01" {
  role = aws_iam_role.role01.id
  policy = data.aws_iam_policy_document.policy01.json
}

resource "aws_iam_instance_profile" "profile01" {
  role = aws_iam_role.role01.name
}

resource "aws_instance" "instance01" {
  ami = "ami-0404778e217f54308"
  instance_type = "t3.nano"
  key_name = "key1"
  iam_instance_profile = aws_iam_instance_profile.profile01.name

}

EOF

cat <<-'EOF' > outputs.tf

output "aws_instance_instance01_public_ip" {
  value = "${aws_instance.instance01.*.public_ip}"
}

EOF

terraform init
terraform fmt

terraform -version

terraform apply -auto-approve

EC2にログイン

aws ec2 describe-instances --region ap-northeast-1

terraform destroy -auto-approve