Help Center/ Cloud Container Instance (CCI)/ Developer Guide/ Using Terraform to Manage CCI Resources/ Terraform Configuration Guide
Updated on 2025-10-24 GMT+08:00
View PDF
Share

Terraform Configuration Guide

What Is Terraform?

Terraform is an infrastructure as code tool that you can use to create, manage, and delete CCI resources safely and efficiently.

Installing Terraform

Terraform is distributed as a single binary. You only need to download a Terraform package and decompress it to the directory specified by the PATH environment variable of the OS.

Terraform supports multiple OSs, such as Linux, macOS, and Windows. You can log in to the Terraform official website, download the installation package of the corresponding OS, and add the executable Terraform file to the environment variable of the corresponding OS.

The following uses Linux as an example to describe how to install Terraform.

  1. Go to the Terraform official website and download a Terraform package that matches your OS.
  2. Decompress the package, grant the execute permission on Terraform, and save the package to the directory specified by PATH. $PATH indicates the specified directory (for example, /usr/local/bin). Replace it with the actual directory. 
    unzip terraform_1.xx.x_
chmod +x ./terraform
mv ./terraform $PATH
  3. Run the following command in the command-line interface (CLI) to check whether the directory is correctly configured: 
    terraform -version

    If the following information is displayed, the configuration is correct and the Terraform can run normally.

Authentication

Before using Terraform to manage CCI resources, you need to obtain the access key (AK) and secret key (SK) and configure them on Terraform for authentication.

You can configure Terraform using static credentials or environment variables.

Static credentials are simple to use. However, they require AKs and SKs to be stored in plaintext in configuration files, which may lead to secret leakage. Therefore, environment variables are recommended.

  • Static credentials 
    provider "huaweicloud" {
  region      = "cn-north-4"
  access_key  = "my-access-key"
  seccret_key = "my-secret-key"
}

    region: region where the resources are to be created and managed. You can query Huawei Cloud regions.

    access_key: access secret ID (AK). For details, see Access Keys.

    secret_key: access secret key (SK). For details, see Access Keys.

  • Environment variables

    Configure the region, AK, and SK as environment variables.

    export HW_REGION_NAME="cn-north-4"
export HW_ACCESS_KEY="my-access-key"
export HW_SECRET_KEY="my-secret-key"

    HW_REGION_NAME: region where the resources are to be created and managed. You can query Huawei Cloud regions.

    HW_ACCESS_KEY: access secret ID (AK). For details, see Access Keys.

    HW_SECRET_KEY: access secret key (SK). For details, see Access Keys.

Initializing the Working Directory

  1. Create a working directory. 
    mkdir test
  1. Create the versions.tf file in the working directory and specify the registry source and the version of Huawei Cloud Provider. The file content is as follows: 
    terraform {
  required_providers {
    huaweicloud = {
      source = "huaweicloud/huaweicloud"
      version = ">=1.xx.xx" # Provider version to be loaded. You can use `=` to specify the version or use `>=` to specify the minimum provider version. The latest version is preferentially loaded.
    }
  }
}

    For details about how to query the version, see Huawei Cloud Provider.

  1. Create the main.tf file and configure the Huawei Cloud provider. The file content is as follows: 
    # Configure the HuaweiCloud Provider
provider "huaweicloud" {
  region      = "cn-north-4"
  access_key  = "my-access-key"
  secret_key  = "my-secret-key"
}

    This is an example configuration (including the AK/SK for authentication) of the Huawei Cloud provider. For details on how to configure these parameters, see Authentication. If you provide credentials using environment variables, omit this part.

  2. Run the following command to perform initialization: 
    terraform init

    If the following command output is displayed, Huawei Cloud provider has been downloaded and installed when you run this command for the first time:

    If you need to modify the configuration in the versions.tf or main.tf file, run the following command to upgrade the file:

    terraform init -upgrade