Terraform From Local Machine

altugozgercek · July 10, 2024, 8:52am

Hi,

Is there anyway we can access to playground through our local machine using Terraform? I know we have already up and running Terraform infrastructure, I just want to mirror real world scenario by adding AWS credentials etc.

al1 · July 10, 2024, 10:02am

Which playground? AWS, Azure or GCP?

altugozgercek · July 10, 2024, 10:16am

I want to try on AWS

al1 · July 10, 2024, 10:22am

In AWS go to IAM, select the existing user and then select Create Access Key under Access key 2 in the Summary.
Select Command Line Interface (CLI), click you understand and then next, then select Create Access Key
Note down the Access Key and the Secret.
Back in your local terminal run aws configure and use the credentials you just noted down. Don’t change the region from us-east-1.

altugozgercek · July 10, 2024, 10:25am

That works thank you!

altugozgercek · July 10, 2024, 11:29am

I can see the playground time is available for 3 hours only. If I reopen will I have new credentials? If so, should I run terraform init again?

al1 · July 10, 2024, 12:26pm

Yes after 3 hours the playground will be deleted and you will have to start over from a fresh playground.

rob_kodekloud · July 11, 2024, 7:50pm

Depending upon what you need, you can also run a simulated AWS system on your laptop and run terraform against it. This is a very cool project called localstack; we use this in some of our labs. Fun and educational!

alokmishra218 · July 13, 2024, 2:58pm

I can create access key and secret access key and can able to do aws configure from my local system. But while running terraform files on the aws. I am getting below error(STS: GetCallerIdentity). But while accessing same from TERRAFORM+AWS playgrounds. I can access it. So, is this still a limitation on AWS playgrounds?

terraform plan

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Retrieving AWS account details: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, decomposing request: net/http: invalid header field value for “Authorization”
│
│ with provider[“Terraform Registry”],
│ on V1-EC2.tf line 1, in provider “aws”:
│ 1: provider “aws” {

al1 · July 13, 2024, 3:07pm

This means you have the credentials wrong.

alokmishra218 · July 13, 2024, 3:29pm

Thank you. I don’t think so. I can list the s3 buckets but i wasn’t able to user terraform commands to create resources. If the credentials are wrong , then i shouln’t be able to list s3 buckets. Correct?

By credentials, i mean Access Key + Secret Access key which i used to do “aws configure” from aws cli.

al1 · July 13, 2024, 3:40pm

In that case you are not allowed to create the resource.

alokmishra218 · July 13, 2024, 4:04pm

How can i be allowed then?

al1 · July 13, 2024, 4:06pm

You don’t say what you are trying to create. To keep costs down we can’t allow access to any resource without limits.

Edit: if you refer to the playground page it give details of what is permitted:
AWS SandBox Playground | KodeKloud

alokmishra218 · July 13, 2024, 4:06pm

I am trying to create an EC2 Instance.

al1 · July 13, 2024, 4:08pm

You can create smaller EC2 instances with standard (not premium) disks.

alokmishra218 · July 13, 2024, 4:26pm

I re-provision the new AWS playground and again configured the access key and secret access key. It’s worked now. (Maybe caching issue not sure. I was doing same thing before). Anyway, Thank you so much for quick responses. Very helpful!!