Skip to main content
HashnodeInfra with Ijas

Command Palette

Search for a command to run...

How to Use Terraform to Create an AWS S3 Bucket: A Beginner’s Guide

Updated
7 min read
How to Use Terraform to Create an AWS S3 Bucket: A Beginner’s Guide
I
IJAS AHAMMED

Software Engineer with hands-on project experience in building backend systems and web applications using Node.js, TypeScript, React, and Kubernetes.

Part of seriesTerraform

What is Terraform?

Terraform is an open-source tool that lets you write code to create and manage cloud infrastructure. Instead of clicking through AWS console to create resources manually, you write configuration files that describe what you want, and Terraform builds it for you.

Think of it like this: Instead of building a LEGO house brick by brick, you write down instructions, and Terraform builds it automatically every time.

What is Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) means managing your servers, databases, networks, and other infrastructure using code files instead of manual configuration.

Benefits:

  • Repeatable: Create the same infrastructure multiple times without errors

  • Version Control: Track changes using Git, just like application code

  • Documentation: Your code becomes living documentation

  • Collaboration: Teams can review and collaborate on infrastructure changes

Use Cases:

  • Setting up development, staging, and production environments that are identical

  • Quickly spinning up infrastructure for new projects

  • Disaster recovery - rebuild everything from code if something breaks

  • Sharing infrastructure setups across teams

What is a Terraform Provider?

A provider is a plugin that allows Terraform to interact with a specific cloud platform or service (like AWS, Azure, Google Cloud, etc.).

Think of providers as translators - they translate your Terraform code into API calls that the cloud platform understands.

Setup Guide

1. Create IAM User with S3 Full Access

Before we can create S3 buckets, we need AWS credentials with proper permissions.

Steps:

  1. Log into AWS Console → Go to IAM service

  2. Click "Users" → "Create user"

  3. Username: Enter terraform-demo-user

  4. Click "Next"

  5. Attach policies directly → Search and select AmazonS3FullAccess

  6. Click "Next""Create user"

  7. Click on the user → Go to "Security credentials" tab

  8. Click "Create access key"

  9. Select "Command Line Interface (CLI)"

  10. Check the confirmation box → "Next"

  11. "Create access key"

  12. IMPORTANT: Save both:

    • Access Key ID

    • Secret Access Key (you won't see this again!)

2. Configure AWS CLI

Install AWS CLI (if not already installed):

# For Mac (using Homebrew)
brew install awscli

Configure with your access keys:

aws configure

You'll be prompted to enter:

AWS Access Key ID: [paste your access key]
AWS Secret Access Key: [paste your secret key]
Default region name: ap-south-1
Default output format: json

Verify it works:

aws s3 ls

4. Create Terraform Alias (Optional)

# Add to your shell config file (~/.zshrc for Mac)
echo 'alias tf="terraform"' >> ~/.zshrc

# Reload your shell
source ~/.zshrc

# Test it
tf version

5. Setup VS Code

  1. Open VS Code

  2. Go to Extensions (Cmd+Shift+X)

  3. Search for "HashiCorp Terraform"

  4. Install the official extension

Benefits:

  • Syntax highlighting

  • Auto-completion

  • Format on save

  • Validation

Understanding the Terraform Configuration

Create a file named main.tf:

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 6.0"
    }
  }
}

# Configure the AWS Provider
provider "aws" {
  region  = "ap-south-1"
}

# Create S3 Bucket
resource "aws_s3_bucket" "my_first_bucket" {
  bucket = "ijas-tf-test-bucket-12345"

  tags = {
    Name        = "My bucket"
    Environment = "Dev"
  }
}

The terraform {} block is used to configure Terraform itself. Inside it, required_providers tells Terraform which providers are needed for the project. In this case, aws is the name we use to refer to the AWS provider, and source specifies that it should be downloaded from HashiCorp’s official registry.

The line version = "~> 6.0" means Terraform can use any 6.x version of the provider, allowing minor updates but not major ones. The ~> symbol is called a pessimistic constraint, which lets Terraform update safely without breaking changes.

The provider "aws" block is used to set up the AWS provider. Inside it, the region tells Terraform where to create your AWS resources, in this case, Mumbai. Terraform automatically uses the login details you already set up earlier with aws configure, so you don’t need to write your credentials again.

The resource keyword is used to define an infrastructure item in Terraform. "aws_s3_bucket" specifies that you’re creating an S3 bucket using the AWS provider. "my_first_bucket" is just a local name you give this resource inside your Terraform code. The bucket field sets the real S3 bucket name in AWS, which must be globally unique. Finally, tags are optional labels you add to help organize resources and track costs.

Terraform Workflow

Step 1: Initialise Terraform

terraform init
# or using alias
tf init

What happens:

  • Downloads the AWS provider plugin

  • Sets up the backend (where state is stored)

  • Prepares the working directory

Output you'll see:

Initializing the backend...
Initializing provider plugins...
- Finding hashicorp/aws versions matching "~> 6.0"...
- Installing hashicorp/aws v6.x.x...
Terraform has been successfully initialized!

Step 2: Plan the Changes

terraform plan
# or
tf plan

What it does:

  • Compares your code with the current state

  • Shows what will be created, modified, or destroyed

  • Like a "preview" before making actual changes

Output:

Terraform will perform the following actions:

  # aws_s3_bucket.my_first_bucket will be created
  + resource "aws_s3_bucket" "my_first_bucket" {
      + bucket                      = "ijas-tf-test-bucket-12345"
      + tags                        = {
          + "Environment" = "Dev"
          + "Name"        = "My bucket"
        }
      ...
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Symbols:

  • + = Will be created

  • ~ = Will be modified

  • - = Will be destroyed

Optional: Save the Plan

tf plan -out=tfplan

Why use this?

  • Saves the exact plan to a file

  • When you run tf apply tfplan, it executes exactly what was planned

  • Prevents surprises if something changes between plan and apply

  • Good practice for production environments

Step 3: Apply the Changes

terraform apply
# or
tf apply

Terraform will show the plan again and ask:

Do you want to perform these actions?
  Enter a value:

Type yes and press Enter.

Skip the confirmation:

tf apply -auto-approve

What happens:

  1. Terraform makes API calls to AWS

  2. Creates the S3 bucket

  3. Saves the state to terraform.tfstate file

Step 4: Verify in AWS Console

  1. Go to AWS Console → S3

  2. You'll see your bucket: ijas-tf-test-bucket-12345

  3. Click on it → Properties tab → Tags

  4. You'll see the tags you defined

Step 5: Modify and Reapply

Let's change a tag in main.tf:

resource "aws_s3_bucket" "my_first_bucket" {
  bucket = "ijas-tf-test-bucket-12345"

  tags = {
    Name        = "My bucket"
    Environment = "Development"  # Changed from "Dev"
    Owner       = "Ijas"          # Added new tag
  }
}

Run:

tf plan

You'll see:

  # aws_s3_bucket.my_first_bucket will be updated in-place
  ~ resource "aws_s3_bucket" "my_first_bucket" {
      ~ tags = {
          ~ "Environment" = "Dev" -> "Development"
          + "Owner"       = "Ijas"
            "Name"        = "My bucket"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Apply the changes:

tf apply -auto-approve

Go back to AWS Console → refresh → see the updated tags!

Step 6: Destroy Resources

When you're done experimenting:

terraform destroy
# or
tf destroy

Terraform shows what will be destroyed:

Plan: 0 to add, 0 to change, 1 to destroy.

Do you really want to destroy all resources?
  Enter a value:

Type yes or use:

tf destroy -auto-approve

What happens:

  1. Terraform deletes the S3 bucket from AWS

  2. Updates the state file (now empty)

Key Concepts Summary

ConceptSimple Explanation
TerraformTool to write code that builds cloud infrastructure
IaCManaging infrastructure through code files instead of clicking
ProviderPlugin that connects Terraform to cloud platforms (AWS, Azure, etc.)
ResourceA piece of infrastructure you want to create (S3 bucket, EC2 instance)
StateTerraform's memory of what exists in the cloud
PlanPreview of changes before applying them
ApplyActually create/update/delete resources
DestroyDelete all resources managed by Terraform

Common Commands Cheat Sheet

# Initialize project (run once)
tf init

# Preview changes
tf plan
tf plan -out=tfplan  # Save plan to file

# Apply changes
tf apply
tf apply -auto-approve  # Skip confirmation
tf apply tfplan  # Apply saved plan

# Show current state
tf show

# List resources
tf state list

# Destroy everything
tf destroy
tf destroy -auto-approve

# Format code (clean up spacing/indentation)
tf fmt

# Validate syntax
tf validate
#terraform#aws#devops

Comments

Join the discussion

No comments yet. Be the first to comment.

Terraform

Part 1 of 5

In this series, I will share my journey of learning terraform and implementing using AWS resources. I would try my best to keep the contents simple and easy to follow. Hope you enjoy!

Up next

How to Easily Manage Terraform State Files Using Remote Backends

Prerequisites This tutorial builds on concepts from my previous Terraform article. If you haven’t read it yet, please start here: Link If you've just finished creating your first S3 bucket with Terra

More from this blog

Infra with Ijas

6 posts

Infra with Ijas is a practical tech journal for sharing my understanding and learning journey on cloud infrastructure, DevOps, and modern engineering workflows.