Terraform with awscli localstack

Table of content:

• Overview
• Install
• AWS CLI
• Terraform
• Modules

Synopsis

In this lab, we’ll explore the localstack project as a training and CI tool for AWS resource development

Skills Learned

• localstack
• AWS CLI
• Terraform

AWS CLI

AWS CLI s3 bucket workflow

awslocal s3api --region us-east-1 create-bucket --bucket testwebsite
awslocal s3 cp index.html s3://testwebsite
awslocal s3 sync ./assets s3://testwebsite
awslocal s3 ls s3://testwebsite/

# Enable staic website hosting
awslocal s3 website s3://testwebsite/ --index-document index.html --error-docume
nt error.html
curl http://testwebsite.s3-website.localhost.localstack.cloud:4566/

Lab Setup:

Now we are going to use the terrform conifugration managment tool.

Do a plan by specifying values in terfacof

cd into

terraform plan -var="bucket_name=kurtis"
terraform apply -var="bucket_name=kurtis"

---

Modules

Modules allow us apply the following code we just wrote as a function.

mkdir -p modules/module-s3-website

# move current files into module
mv index.html assets main.tf outputs.tf variables.tf modules/module-s3-website/

Update main.tf to add 2 new buckets now:

module "module_s3_website" {
  source = "./modules/module-s3-website"
  bucket_name = "kurtis2"
}

module "module_s3_website_kurtis3" {
  source = "./modules/module-s3-website"
  bucket_name = "kurtis3"
}

Path variables for uploading content:

Values are a available:

• path.module – Filesystem path of the invoked module
• path.root – Filesystem path or root module.
• path.cwd – Filesystem path of original working directory

You need to run terraform init everything you add a module call.

---

IAM Testing

Next we will create useres and roles to access the s3 bucket we just create.

IAM INTRO

awslocal sts get-caller-identity

$ /Users/kurtisvelarde/Library/Python/3.9/bin/awslocal sts get-caller-identity
{
    "UserId": "AKIAIOSFODNN7EXAMPLE",
    "Account": "000000000000",
    "Arn": "arn:aws:iam::000000000000:root"
}
$ awslocal iam create-user --user-name test
{
    "User": {
        "Path": "/",
        "UserName": "test",
        "Arn": "arn:aws:iam::000000000000:user/test",
        "CreateDate": "2024-01-01T23:44:13.448000Z"
    }
}
$ awslocal iam create-access-key --user-name test
{
    "AccessKey": {
        "UserName": "test",
        "AccessKeyId": "LKIAQAAAAAAAN5HPM7IN",
        "Status": "Active",
        "SecretAccessKey": "CPmrae/3AtxqqaXj2QK2p85H4PdaFZ5qe56FNOuK",
        "CreateDate": "2024-01-01T23:44:31Z"
    }
}

---

IAM Policies

List Policys and attach

awslocal iam list-policies | grep EC2FullAccess
aws iam attach-user-policy --user-name kurtis --policy-arn "arn:aws:iam::aws:pol
icy/AmazonEC2FullAccess"
awslocal iam list-attached-user-policies --user-name kurtis

Conclusion

We’ve demonstrated basic aws cli and terraform with local stack.