Terraform: run script on new server

July 22, 2018

I'm provisioning a new machine on AWS using terraform, and I want to use puppet to configure it. I don't need to have a puppet server, I just want to put a puppet file onto the machine and then execute it with puppet.


The initial terraform script installs puppet, and copies a file from the local machine onto the new server. It then creates a new user and copies the ssh keys, before executing puppet apply on the newly copied file.

resource "aws_instance" "bbr-web" {
    ami = "${lookup(var.ec2ami, var.region)}"
    instance_type = "t2.micro"
    key_name = "${lookup(var.keypair, var.region)}"

    security_groups = [

    tags {
        Name = "bbr-web"    

    provisioner "file" {
        source = "../web/puppet/bootstrap.pp"
        destination = "bootstrap.pp"

    provisioner "remote-exec" {
        inline = [
            "sudo apt-get update",
            "sudo apt-get upgrade",
            "sudo addgroup ${var.prefix}",
            "sudo adduser ${var.prefix} --ingroup ${var.prefix} --disabled-password --gecos \"\"",
            "sudo bash -c echo ${var.prefix}:${var.web_ssh_password} | chpasswd",
            "sudo mkdir /home/${var.prefix}/.ssh",
            "sudo cp ~/.ssh/authorized_keys /home/${var.prefix}/.ssh",
            "sudo chown -R bbr:bbr /home/${var.prefix}/.ssh",

            "sudo apt-get install puppet -y",
            "sudo puppet apply ~/bootstrap.pp",

   connection {
        type = "ssh"
        agent = false
        private_key = "${file("${var.ec2_private_key}")}"
        user = "admin"