Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Missing steps from Terraform's "Basic Two-Tier AWS Architecture" README.txt

Some missing steps from Terraform's "Basic Two-Tier AWS Architecture" README.txt

(1) If you have an AWS account that allows for "EC2 Classic" then this whole example might not work for you. I have an ancient AWS account that has EC2 Classic support and have found that other Hashicorp examples do not work. (The networking and security group defaults seem to be wrong.) You call tell if you have an EC2 Classic account as to will see "EC2" inaddition to "VPC" listed under the "Supported Platforms" of the "EC2 Dashboard." I advise you to create a new account and use that instead; I did.

(2) Generate an SSH key pair on your local machine, eg

ssh-keygen -f id_terraform_two_tier

Don't use a passphrase. Note, you can use an existing key-pair if you wish; most people have the default pair at


(3) Import the public key from $HOME/.ssh/ to AWS EC2 Dashboard Key Pairs

(4) Terraform relies on ssh-agent to intermediate between itself and the ssh server on your EC2 instance. This allows Terraform to not need any details about your private SSH key.

Run ssh-agent in the same terminal you will be running Terraform

eval `ssh-agent`

(5) Check that the agent has your id_terraform_two_tier keys

ssh-add -l

If the key is missing then add it

ssh-add $HOME/.ssh/id_terraform_two_tier

(6) Once Terraform is complete you might want to SSH to your new EC2 instance. Its public IP address is mixed in Terraform's output, but lets make getting it easier. Add the following to

output "ssh" {
  value = "${aws_instance.web.public_ip}"

(7) Run Terraform

terraform apply -var key_name=id_terraform_two_tier -var public_key_path=$HOME/.ssh/

(8) Test HTTP replacing the "address" output value for XXXX

curl -D - http://XXXX

(9) Test SSH replacing the "ssh" output value for XXXX

ssh ubuntu@XXXX


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment