Skip to main content
Terraform Quick Start
Last update:

Terraform Quick Start

  1. Install Terraform.
  2. Create a service user.
  3. Set up providers.

All resources created with Terraform are charged according to the service payment model. Charging for a resource starts after the resource is created.

The cost of resources created using Terraform does not differ from the cost of resources created using the dashboard.

1. Install Terraform

  1. Download the Terraform distribution for your operating system from the HashiCorp website or from the mirror. We recommend downloading Terraform 1.9.

  2. If you downloaded the Terraform distribution from a mirror, export the path to it in the PATH environment variable:

    export PATH=$PATH:<path>

    Specify <path> — the path to the Terraform binary file.

  3. Install Terraform. For Linux and macOS, use the Install Terraform instructions in the HashiCorp documentation.

2. Create a service user

To work with the examples, you need to create a service user with two roles:

  • Account Administrator — The role is needed to initialize the Selectel provider and create resources;
  • and User Administrator — to create additional users and differentiate access in projects.

  1. In the Control Panel, go to Access ControlUser Management.
  2. Click Add User.
  3. Select the user type Service user.
  4. Enter a user name. This will be used for authorization.
  5. Enter a password for the user or generate one. Once a user has been created, you cannot view the password — you can only generate a new one. The password must be no shorter than eight characters and contain Latin letters of different cases and digits.
  6. Select the user role of Account Administrator.
  7. Click Add Role and select the User Administrator role.
  8. Click Add User. It will be added to the list on the Service Users tab . The account will be active immediately.

3. Set up the ISPs

If the version of Terraform Selectel Provider you are using is lower than 6.0.0, you can upgrade it. For more information, see Upgrading Terraform Selectel Provider to version 6.0.0 on the Terraform Registry.

  1. Ensure that in the Control Panel you have created a service user with the Account Administrator and User Administrator roles.

  2. Create a directory to store the configuration files and a separate file with a .tf extension to configure the providers.

  3. Add Selectel and OpenStack providers to the file to configure the providers:

    terraform {
      required_providers {
        selectel  = {
          source  = "selectel/selectel"
          version = "~> 6.0"
        }
        openstack = {
          source  = "terraform-provider-openstack/openstack"
          version = "2.1.0"
        }
      }
    }

    Here version — versions of providers. The current version can be found in Selectel (in Terraform Registry and GitHub) and OpenStack (in Terraform Registry and GitHub) documentation.

    Learn more about the products, services, and services that can be managed with providers in the Selectel and OpenStack Providers instruction.

  4. Initialize the Selectel provider:

    provider "selectel" {
      domain_name = "123456"
      username    = "user"
      password    = "password"
      auth_region = "ru-9"
      auth_url    = "https://cloud.api.selcloud.ru/identity/v3/"
    }

    Here:

    • domain_name — Selectel account number. You can look it up in control panel in the upper right corner;
    • username — username service user with the roles Account Administrator and User Administrator. Can be viewed in the control panel section Access ControlUser Management → tab Service Users (the section is available only to the Account Owner and User Administrator);
    • password — password of the service user. You can view it when creating a user or change it to a new one;
    • auth_region — pool for example ru-9. All resources will be created in this pool. The list of available pools can be found in the instructions Availability matrices.

  5. Create a project:

    resource "selectel_vpc_project_v2" "project_1" {
      name = "project"
    }

    View a detailed description of the selectel_vpc_project_v2 resource.

  6. Create a service user to access the project and assign the Project Administrator role to it:

    resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
      name         = "username"
      password     = "password"
      role {
        role_name  = "member"
        scope      = "project"
        project_id = selectel_vpc_project_v2.project_1.id 
      }
    }

    Here:

    • username — username;
    • password — user password. The password must be no shorter than eight characters and contain Latin letters of different cases and digits;
    • project_id — Project ID. You can view it in control panel: section Cloud Platform → open the projects menu (the name of the current project) → in the line of the required project press .

    View a detailed description of the selectel_iam_serviceuser_v1 resource.

  7. Initialize the OpenStack provider:

    provider "openstack" {
      auth_url    = "https://cloud.api.selcloud.ru/identity/v3"
      domain_name = "123456"
      tenant_id   = selectel_vpc_project_v2.project_1.id
      user_name   = selectel_iam_serviceuser_v1.serviceuser_1.name
      password    = selectel_iam_serviceuser_v1.serviceuser_1.password
      region      = "ru-9"
    }

    Here:

    • domain_name — Selectel account number. You can look it up in control panel in the upper right corner;
    • region — pool for example ru-9. All resources will be created in this pool. The list of available pools can be found in the instructions Availability matrices.

  8. If you create resources at the same time as configuring providers, add the depends_on argument for OpenStack resources . For example, for the resource openstack_networking_network_v2:

    resource "openstack_networking_network_v2" "network_1" {
      name           = "private-network"
      admin_state_up = "true"

      depends_on = [
        selectel_vpc_project_v2.project_1,
        selectel_iam_serviceuser_v1.serviceuser_1
      ]
    }

  9. Optional: if you want to use a mirror, create a separate Terraform CLI configuration file and add a block to it:

    provider_installation {
      network_mirror {
        url = "https://tf-proxy.selectel.ru/mirror/v1/"
        include = ["registry.terraform.io/*/*"]
      }
      direct {
        exclude = ["registry.terraform.io/*/*"]
      }
    }

    See the CLI Configuration File instructions in HashiCorp's CLI Configuration File documentation for more information on configuring mirrors.

  10. Open the CLI.

  11. Initialize the Terraform configuration in the directory:

    terraform init

  12. Check that the configuration files have been compiled without errors:

    terraform validate

  13. Format the configuration files:

    terraform fmt

  14. Check the resources that will be created:

    terraform plan

  15. Apply the changes and create the resources:

    terraform apply

  16. Confirm the creation — type yes and press Enter. The created resources are displayed in the control panel.

  17. If there were not enough quotas to create resources, increase the quotas.