≥deliver infrastructure as code≤

brew install warrensbox/tap/tfswitch
brew install git
Terraform % tfswitch -l                         
Use the arrow keys to navigate: ↓ ↑ → ← 
? Select Terraform version: 
  ▸ 0.14.0-alpha20200923 *recent
    0.12.27 *recent
    0.12.28 *recent
↓   0.13.3
sudo mkdir tf_code
cd tf_code
sudo git init

sudo touch first_code.tf
sudo nano first_code.tf
provider "aws" {
    region = "ca-central"
#define resource to be created ≤"resource {type} {tf-friendly-name}"≥:
resource "aws_instance" "ec2" {
    ami = "ami-032598fcc7e9d1c7a"
    instance_type = "t2.micro"
resource "aws_s3_bucket" "tf_lab" {
    bucket = "tf-lab-2020"
    acl = "private"

Stage the file in git:

git add first_code.tf

Commit file in git:

git commit -m "first tf code"

Initialize terraform. It will read the tf file and download the necessary binaries to work with the specified provider.

sudo terraform init

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v3.8.0...
- Installed hashicorp/aws v3.8.0 (signed by HashiCorp)

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, we recommend adding version constraints in a required_providers block
in your configuration, with the constraint strings suggested below.

* hashicorp/aws: version = "~> 3.8.0"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

To apply the infrastructure changes noted in the plan execute a terraform apply.

For AWS SSO v2, set your environment variables using the export command. Edit the ~/.aws/credentials file as such:

aws_access_key_id = 
aws_secret_access_key = 
aws_session_token = 

Terraform reads only the default profile from the credential file and doesn't seem to acknowledge the export AWS keys/token. Also, the parameters should be in lowercase.

You could always quickly empty the contents of the credentials file by typing the following command in the ~/.aws directory:

.aws % sudo true > credentials

To view a graphical relationship between the resources being created, run this command:

terraform graph
#and paste the output in webgraphviz.com 

If you only want to see the changes Terraform would do with out applying it, run:

terraform plan
terraform apply -no

Everytime you add a new module/provider, or at the 1st run, type:

terraform init

For Azure tenants with multiple subscriptions, you ca specify the subscription to be targeted as such:

provider "azurerm" {
  subscription_id = "xxxxxxxxxx"