0
0
Terraformcloud~10 mins

Connection blocks for SSH in Terraform - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Connection blocks for SSH
Define resource requiring SSH
Add connection block with SSH details
Terraform uses SSH to connect
Run remote commands or provisioners
Close SSH connection
Resource provisioned
Terraform uses connection blocks to specify SSH details, enabling it to connect to remote machines and run commands during provisioning.
Execution Sample
Terraform
resource "null_resource" "example" {
  connection {
    type        = "ssh"
    host        = "192.168.1.10"
    user        = "ubuntu"
    private_key = file("~/.ssh/id_rsa")
  }

  provisioner "remote-exec" {
    inline = ["echo Hello from Terraform"]
  }
}
This Terraform code connects via SSH to a remote machine and runs a simple echo command.
Process Table
StepActionSSH Connection DetailsProvisioner CommandResult
1Start resource creationNot connected yetNo command runWaiting to connect
2Read connection blocktype=ssh, host=192.168.1.10, user=ubuntu, key=~/.ssh/id_rsaNo command runReady to connect
3Establish SSH connectionConnected to 192.168.1.10 as ubuntuNo command runSSH session open
4Run provisioner commandSSH session activeecho Hello from TerraformCommand executed successfully
5Close SSH connectionDisconnectedNo command runSSH session closed
6Resource creation completeNo connectionNo command runResource provisioned
💡 SSH connection closed after running provisioner commands; resource creation finished.
Status Tracker
VariableStartAfter Step 2After Step 3After Step 4Final
connection.typeundefinedsshsshsshssh
connection.hostundefined192.168.1.10192.168.1.10192.168.1.10192.168.1.10
connection.userundefinedubuntuubuntuubuntuubuntu
connection.private_keyundefined~/.ssh/id_rsa~/.ssh/id_rsa~/.ssh/id_rsa~/.ssh/id_rsa
ssh_sessionclosedclosedopenopenclosed
provisioner.command_statusnot runnot runnot runsuccesssuccess
Key Moments - 3 Insights
Why does Terraform need the private_key in the connection block?
Terraform uses the private_key to authenticate the SSH connection securely, as shown in step 2 of the execution_table where the key is read before connecting.
What happens if the SSH connection fails at step 3?
If SSH connection fails, Terraform cannot run the provisioner commands and resource creation will stop or error out, as the SSH session must be open to proceed.
Why is the SSH session closed after running commands?
Terraform closes the SSH session after running provisioner commands to free resources and maintain security, as seen in step 5 of the execution_table.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the SSH connection status at step 3?
ANot connected yet
BDisconnected
CConnected to 192.168.1.10 as ubuntu
DConnection failed
💡 Hint
Check the 'SSH Connection Details' column at step 3 in the execution_table.
At which step does Terraform run the remote command?
AStep 2
BStep 4
CStep 3
DStep 5
💡 Hint
Look at the 'Provisioner Command' and 'Result' columns in the execution_table.
If the private_key path is incorrect, what will most likely happen?
ASSH connection will fail at step 3
BProvisioner command runs successfully
CSSH session closes immediately at step 2
DResource creation completes without SSH
💡 Hint
Refer to the importance of private_key in the connection block and step 3 connection establishment.
Concept Snapshot
Terraform connection blocks specify how to connect to remote machines.
Use type = "ssh", host, user, and private_key to set SSH details.
Terraform opens SSH, runs provisioner commands, then closes connection.
This enables remote configuration during resource creation.
Full Transcript
Terraform uses connection blocks to connect to remote machines via SSH. The connection block includes the SSH type, host IP, username, and private key path. Terraform reads these details, opens an SSH session, runs any remote commands defined in provisioners, then closes the SSH connection. This process allows Terraform to configure resources on remote servers securely and automatically during deployment.