About/IaC

[Terraform] Terraform을 이용하여 AWS 리소스 생성/변경/삭제 (AWS Provider)

김징어 2022. 5. 19. 18:50

Terraform에서 AWS Provider를 이용하여 간단하게 VPC를 생성/변경/삭제하는 실습을 해보겠습니다.

실습환경은 다음과 같습니다.

  • Ubuntu 22.04 LTS
  • aws-cli/2.7.0 
  • Terraform v1.3.0-dev on linux_arm64

Terraform AWS Provider 


Terraform AWS Provider 관련된 정보는 다음 사이트에서 확인할 수 있습니다.

https://registry.terraform.io/providers/hashicorp/aws/latest

 

Terraform Registry

 

registry.terraform.io

 

AWS 자격 증명 확인

$ aws sts get-caller-identity
{
    "UserId": "<AWS 계정 ID>",
    "Account": "<AWS 계정 ID>",
    "Arn": "<AWS 계정 ARN>"
}

 

Terraform으로 VPC 생성

1. Workspace 생성

작업을 할 프로젝트 디렉토리를 생성하고 .tf 파일을 생성합니다.

$ mkdir myProject
$ cd myProject
$ vi main.tf

 

2. main.tf 를 다음과 같이 작성합니다.

# main.tf
provider "aws" {
  region = "ap-northeast-2"
}

resource "aws_vpc" "foo" {
  cidr_block = "10.0.0.0/16"
}

output "vpc_foo" {
  value= aws_vpc.foo
}
  • provider "aws" :  AWS Provider를 사용한다는 의미이며, region은 서울 리전을 사용하기 위하여 "ap-northeast-2"로 지정합니다.
  • resource "aws_vpc" "foo" : aws_vpc 리소스를 foo라는 이름으로 생성합니다. cidr 블록은 10.0.0.0/16을 사용합니다.
  • output "vpc_foo" : 생성되는 vpc의 정보를 확인하기 위해 aws_vpc.foo 의 상세 정보를 출력합니다.

3. terraform init

terraform init 명령어를 통해서 AWS Provider를 사용할 수 있도록 합니다.

$ terraform init

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v4.14.0...
- Installed hashicorp/aws v4.14.0 (signed by HashiCorp)

Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

 

4. terraform plan

  • terraform plan 명령어를 통해 코드 적용 시 변경되는 부분을 확인합니다.
  • 이번 실습에서는 vpc를 하나 생성했으므로 foo라는 이름으로 aws_vpc가 생성되는 것을 확인할 수 있습니다.
  • CIDR block 또한 코드에서 정한 것과 동일하게 적용됩니다.
$ terraform plan
aws_vpc.foo: Refreshing state... [id=vpc-0e69304854fa1dbb5]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply"
which may have affected this plan:

  # aws_vpc.foo has changed
  ~ resource "aws_vpc" "foo" {
        id                               = "vpc-0e69304854fa1dbb5"
      + tags                             = {}
        # (16 unchanged attributes hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes
using ignore_changes, the following plan may include actions to undo or respond to these changes.

────────────────────────────────────────────────────────────────────────────────────────────────────

Changes to Outputs:
  + vpc_foo = {
      + arn                                  = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-0e69304854fa1dbb5"
      + assign_generated_ipv6_cidr_block     = false
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = "acl-001de4c06bb690a88"
      + default_route_table_id               = "rtb-0d33bb528ea3d55da"
      + default_security_group_id            = "sg-00fe1d6212a572fdd"
      + dhcp_options_id                      = "dopt-6e85c905"
      + enable_classiclink                   = false
      + enable_classiclink_dns_support       = false
      + enable_dns_hostnames                 = false
      + enable_dns_support                   = true
      + id                                   = "vpc-0e69304854fa1dbb5"
      + instance_tenancy                     = "default"
      + ipv4_ipam_pool_id                    = null
      + ipv4_netmask_length                  = null
      + ipv6_association_id                  = ""
      + ipv6_cidr_block                      = ""
      + ipv6_cidr_block_network_border_group = ""
      + ipv6_ipam_pool_id                    = ""
      + ipv6_netmask_length                  = 0
      + main_route_table_id                  = "rtb-0d33bb528ea3d55da"
      + owner_id                             = "138996337336"
      + tags                                 = {}
      + tags_all                             = {}
    }

You can apply this plan to save these new output values to the Terraform state, without changing any
real infrastructure.

────────────────────────────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly
these actions if you run "terraform apply" now.

 

5. terraform apply

  • terraform apply 명령어를 통하여 실제로 변경된 리소스를 적용시킵니다.
  • 중간에 yes를 입력하면 실제로 적용됩니다.
  • 리소스 하나가 추가되었다는 것을 확인할 수 있습니다.
$ terraform apply

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_vpc.foo will be created
  + resource "aws_vpc" "foo" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_classiclink                   = (known after apply)
      + enable_classiclink_dns_support       = (known after apply)
      + enable_dns_hostnames                 = (known after apply)
      + enable_dns_support                   = true
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags_all                             = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + vpc_foo = {
      + arn                                  = (known after apply)
      + assign_generated_ipv6_cidr_block     = null
      + cidr_block                           = "10.0.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_classiclink                   = (known after apply)
      + enable_classiclink_dns_support       = (known after apply)
      + enable_dns_hostnames                 = (known after apply)
      + enable_dns_support                   = true
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv4_ipam_pool_id                    = null
      + ipv4_netmask_length                  = null
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + ipv6_ipam_pool_id                    = null
      + ipv6_netmask_length                  = null
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = null
      + tags_all                             = (known after apply)
    }

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_vpc.foo: Creating...
aws_vpc.foo: Creation complete after 1s [id=vpc-038f32f20c627cfb6]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

 

output으로 확인한 aws_vpc.foo의 정보는 다음과 같습니다.

Outputs:

vpc_foo = {
  "arn" = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-038f32f20c627cfb6"
  "assign_generated_ipv6_cidr_block" = false
  "cidr_block" = "10.0.0.0/16"
  "default_network_acl_id" = "acl-0aa5d4b9ebe2d167a"
  "default_route_table_id" = "rtb-0685b612efb87ca6a"
  "default_security_group_id" = "sg-057ef07db31661834"
  "dhcp_options_id" = "dopt-6e85c905"
  "enable_classiclink" = false
  "enable_classiclink_dns_support" = false
  "enable_dns_hostnames" = false
  "enable_dns_support" = true
  "id" = "vpc-038f32f20c627cfb6"
  "instance_tenancy" = "default"
  "ipv4_ipam_pool_id" = tostring(null)
  "ipv4_netmask_length" = tonumber(null)
  "ipv6_association_id" = ""
  "ipv6_cidr_block" = ""
  "ipv6_cidr_block_network_border_group" = ""
  "ipv6_ipam_pool_id" = ""
  "ipv6_netmask_length" = 0
  "main_route_table_id" = "rtb-0685b612efb87ca6a"
  "owner_id" = "138996337336"
  "tags" = tomap(null) /* of string */
  "tags_all" = tomap({})
}

 

실제로 AWS Management Console에 접속하여 VPC 리소스를 확인하면 실제로 VPC가 생성되어 있는 것을 확인할 수 있습니다. 또한 생성된 VPC의 ID는 출력에서 확인한 "id" 정보와 같습니다.

생성된 VPC 정보 수정 - Name tag 추가

생성된 VPC에 Name tag를 추가하여 보겠습니다.

1. main.tf 파일을 다음과 같이 수정합니다.

# main.tf
provider "aws" {
  region = "ap-northeast-2"
}

resource "aws_vpc" "foo" {
  cidr_block = "10.0.0.0/16"
  # 아래 내용 추가
  tags = {
    "Name" = "myVPC"
  }

}

output "vpc_foo" {
  value= aws_vpc.foo
}

 

2. terraform plan

terraform plan 명령어를 통해 변경될 내용을 확인합니다.

Plan: 0 to add, 1 to change, 0 to destroy. : 추가/삭제되는 내용은 없으며 1개가 change 되었다고 나옵니다.

$ terraform plan
aws_vpc.foo: Refreshing state... [id=vpc-038f32f20c627cfb6]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:

  # aws_vpc.foo has changed
  ~ resource "aws_vpc" "foo" {
        id                               = "vpc-038f32f20c627cfb6"
      + tags                             = {}
        # (16 unchanged attributes hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may
include actions to undo or respond to these changes.

──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_vpc.foo will be updated in-place
  ~ resource "aws_vpc" "foo" {
        id                               = "vpc-038f32f20c627cfb6"
      ~ tags                             = {
          + "Name" = "myVPC"
        }
      ~ tags_all                         = {
          + "Name" = "myVPC"
        }
        # (15 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Changes to Outputs:
  ~ vpc_foo = {
        id                                   = "vpc-038f32f20c627cfb6"
      ~ tags                                 = null -> {
          + "Name" = "myVPC"
        }
      ~ tags_all                             = {
          + "Name" = "myVPC"
        }
        # (21 unchanged elements hidden)
    }

──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform
apply" now.

 

3. terraform apply

작성한 코드를 terraform apply 명령어를 통해 실제 AWS 리소스에 적용합니다.

$ terraform apply
aws_vpc.foo: Refreshing state... [id=vpc-038f32f20c627cfb6]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:

  # aws_vpc.foo has changed
  ~ resource "aws_vpc" "foo" {
        id                               = "vpc-038f32f20c627cfb6"
      + tags                             = {}
        # (16 unchanged attributes hidden)
    }


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may
include actions to undo or respond to these changes.

──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_vpc.foo will be updated in-place
  ~ resource "aws_vpc" "foo" {
        id                               = "vpc-038f32f20c627cfb6"
      ~ tags                             = {
          + "Name" = "myVPC"
        }
      ~ tags_all                         = {
          + "Name" = "myVPC"
        }
        # (15 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Changes to Outputs:
  ~ vpc_foo = {
        id                                   = "vpc-038f32f20c627cfb6"
      ~ tags                                 = null -> {
          + "Name" = "myVPC"
        }
      ~ tags_all                             = {
          + "Name" = "myVPC"
        }
        # (21 unchanged elements hidden)
    }

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_vpc.foo: Modifying... [id=vpc-038f32f20c627cfb6]
aws_vpc.foo: Modifications complete after 0s [id=vpc-038f32f20c627cfb6]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

Outputs:

vpc_foo = {
  "arn" = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-038f32f20c627cfb6"
  "assign_generated_ipv6_cidr_block" = false
  "cidr_block" = "10.0.0.0/16"
  "default_network_acl_id" = "acl-0aa5d4b9ebe2d167a"
  "default_route_table_id" = "rtb-0685b612efb87ca6a"
  "default_security_group_id" = "sg-057ef07db31661834"
  "dhcp_options_id" = "dopt-6e85c905"
  "enable_classiclink" = false
  "enable_classiclink_dns_support" = false
  "enable_dns_hostnames" = false
  "enable_dns_support" = true
  "id" = "vpc-038f32f20c627cfb6"
  "instance_tenancy" = "default"
  "ipv4_ipam_pool_id" = tostring(null)
  "ipv4_netmask_length" = tonumber(null)
  "ipv6_association_id" = ""
  "ipv6_cidr_block" = ""
  "ipv6_cidr_block_network_border_group" = ""
  "ipv6_ipam_pool_id" = ""
  "ipv6_netmask_length" = 0
  "main_route_table_id" = "rtb-0685b612efb87ca6a"
  "owner_id" = "138996337336"
  "tags" = tomap({
    "Name" = "myVPC"
  })
  "tags_all" = tomap({
    "Name" = "myVPC"
  })
}

변경된 Name tag

Name 태그가 생성된 것을 확인할 수 있으며 실제 AWS 콘솔에서도 확인할 수 있습니다. 이때 리소스가 수정된 것이기 때문에 리소스의 id는 변경되지 않습니다.

생성된 VPC 정보 수정 - CIDR 변경

이번에는 Name tag가 아니라 CIDR Block을 변경하여 보겠습니다.

1. main.tf를 다음과 같이 변경합니다.

# main.tf
provider "aws" {
  region = "ap-northeast-2"
}

resource "aws_vpc" "foo" {
  cidr_block = "10.1.0.0/16" # 기존 10.0.0.0/16
  tags = {
    "Name" = "myVPC"
  }

}

output "vpc_foo" {
  value= aws_vpc.foo
}

 

2. terraform plan

terraform plan을 통해 변경될 내용을 확인하면 다음과 같습니다. 이번에는 이전에 수정한 것과는 다르게 하나의 리소스가 삭제되고 하나의 리소스가 추가되는 것으로 나타납니다.

AWS VPC의 CIDR는 변경이 불가능하기 때문에 기존 리소스를 삭제하고 새로운 VPC를 생성하여 CIDR를 바꾼 것입니다.

$ terraform plan
aws_vpc.foo: Refreshing state... [id=vpc-038f32f20c627cfb6]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # aws_vpc.foo must be replaced
-/+ resource "aws_vpc" "foo" {
      ~ arn                                  = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-038f32f20c627cfb6" -> (known after apply)
      - assign_generated_ipv6_cidr_block     = false -> null
      ~ cidr_block                           = "10.0.0.0/16" -> "10.1.0.0/16" # forces replacement
      ~ default_network_acl_id               = "acl-0aa5d4b9ebe2d167a" -> (known after apply)
      ~ default_route_table_id               = "rtb-0685b612efb87ca6a" -> (known after apply)
      ~ default_security_group_id            = "sg-057ef07db31661834" -> (known after apply)
      ~ dhcp_options_id                      = "dopt-6e85c905" -> (known after apply)
      ~ enable_classiclink                   = false -> (known after apply)
      ~ enable_classiclink_dns_support       = false -> (known after apply)
      ~ enable_dns_hostnames                 = false -> (known after apply)
      ~ id                                   = "vpc-038f32f20c627cfb6" -> (known after apply)
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      - ipv6_netmask_length                  = 0 -> null
      ~ main_route_table_id                  = "rtb-0685b612efb87ca6a" -> (known after apply)
      ~ owner_id                             = "138996337336" -> (known after apply)
        tags                                 = {
            "Name" = "myVPC"
        }
        # (3 unchanged attributes hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Changes to Outputs:
  ~ vpc_foo = {
      ~ arn                                  = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-038f32f20c627cfb6" -> (known after apply)
      ~ assign_generated_ipv6_cidr_block     = false -> null
      ~ cidr_block                           = "10.0.0.0/16" -> "10.1.0.0/16"
      ~ default_network_acl_id               = "acl-0aa5d4b9ebe2d167a" -> (known after apply)
      ~ default_route_table_id               = "rtb-0685b612efb87ca6a" -> (known after apply)
      ~ default_security_group_id            = "sg-057ef07db31661834" -> (known after apply)
      ~ dhcp_options_id                      = "dopt-6e85c905" -> (known after apply)
      ~ enable_classiclink                   = false -> (known after apply)
      ~ enable_classiclink_dns_support       = false -> (known after apply)
      ~ enable_dns_hostnames                 = false -> (known after apply)
      ~ id                                   = "vpc-038f32f20c627cfb6" -> (known after apply)
      ~ ipv6_association_id                  = "" -> (known after apply)
      ~ ipv6_cidr_block                      = "" -> (known after apply)
      ~ ipv6_cidr_block_network_border_group = "" -> (known after apply)
      ~ ipv6_ipam_pool_id                    = "" -> null
      ~ ipv6_netmask_length                  = 0 -> null
      ~ main_route_table_id                  = "rtb-0685b612efb87ca6a" -> (known after apply)
      ~ owner_id                             = "138996337336" -> (known after apply)
        tags                                 = {
            "Name" = "myVPC"
        }
        # (5 unchanged elements hidden)
    }

──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform
apply" now.

 

3. terraform apply

terraform apply를 통해 리소스를 적용합니다. 출력은 생략하도록 하겠습니다.

$ terraform apply

 

AWS Management Console에서 확인해보면 CIDR가 변경된 것을 확인할 수 있습니다.

이때 이전의 수정과는 달리 VPC 삭제시키고 새로 생성하였기 때문에 VPC ID가 이전과 달라진 것을 확인할 수 있습니다.

변경된 리소스

테라폼에서 리소스를 수정하는 경우에 때에 따라 기존 리소스를 삭제시키고 새로 생성할 수도 있습니다. 기존 리소스가 삭제되기 때문에 이는 기존 리소스와 관련된 다른 리소스들에 문제를 야기할 수도 있기 때문에 정확히 인지를 하고 사용할 필요가 있습니다.

따라서 terraform plan을 통하여 리소스가 어떻게 변경되는지 정확하게 파악을 해야 합니다.

리소스 삭제

Terraform으로 생성한 리소스는 terraform destroy 명령어를 통해 모두 삭제시킬 수 있습니다.

워크스페이스 내 모든 리소스가 삭제되게 됩니다.

$ terraform destroy
aws_vpc.foo: Refreshing state... [id=vpc-06fecf5d3668efc87]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # aws_vpc.foo will be destroyed
  - resource "aws_vpc" "foo" {
      - arn                              = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-06fecf5d3668efc87" -> null
      - assign_generated_ipv6_cidr_block = false -> null
      - cidr_block                       = "10.1.0.0/16" -> null
      - default_network_acl_id           = "acl-013d8d0849c52021d" -> null
      - default_route_table_id           = "rtb-0df94b81cbf86c586" -> null
      - default_security_group_id        = "sg-034ea53455c68a199" -> null
      - dhcp_options_id                  = "dopt-6e85c905" -> null
      - enable_classiclink               = false -> null
      - enable_classiclink_dns_support   = false -> null
      - enable_dns_hostnames             = false -> null
      - enable_dns_support               = true -> null
      - id                               = "vpc-06fecf5d3668efc87" -> null
      - instance_tenancy                 = "default" -> null
      - ipv6_netmask_length              = 0 -> null
      - main_route_table_id              = "rtb-0df94b81cbf86c586" -> null
      - owner_id                         = "138996337336" -> null
      - tags                             = {
          - "Name" = "myVPC"
        } -> null
      - tags_all                         = {
          - "Name" = "myVPC"
        } -> null
    }

Plan: 0 to add, 0 to change, 1 to destroy.

Changes to Outputs:
  - vpc_foo = {
      - arn                                  = "arn:aws:ec2:ap-northeast-2:138996337336:vpc/vpc-06fecf5d3668efc87"
      - assign_generated_ipv6_cidr_block     = false
      - cidr_block                           = "10.1.0.0/16"
      - default_network_acl_id               = "acl-013d8d0849c52021d"
      - default_route_table_id               = "rtb-0df94b81cbf86c586"
      - default_security_group_id            = "sg-034ea53455c68a199"
      - dhcp_options_id                      = "dopt-6e85c905"
      - enable_classiclink                   = false
      - enable_classiclink_dns_support       = false
      - enable_dns_hostnames                 = false
      - enable_dns_support                   = true
      - id                                   = "vpc-06fecf5d3668efc87"
      - instance_tenancy                     = "default"
      - ipv4_ipam_pool_id                    = null
      - ipv4_netmask_length                  = null
      - ipv6_association_id                  = ""
      - ipv6_cidr_block                      = ""
      - ipv6_cidr_block_network_border_group = ""
      - ipv6_ipam_pool_id                    = ""
      - ipv6_netmask_length                  = 0
      - main_route_table_id                  = "rtb-0df94b81cbf86c586"
      - owner_id                             = "138996337336"
      - tags                                 = {
          - "Name" = "myVPC"
        }
      - tags_all                             = {
          - "Name" = "myVPC"
        }
    } -> null

Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: yes

aws_vpc.foo: Destroying... [id=vpc-06fecf5d3668efc87]
aws_vpc.foo: Destruction complete after 0s

Destroy complete! Resources: 1 destroyed.

AWS Management Console에서도 VPC가 삭제된 것을 확인할 수 있습니다.


Terraform의 AWS Provider를 이용하여 AWS의 VPC를 생성/변경/삭제해보았습니다.