Skip to main content
HashnodeThe Cloud Engineer’s Log

Command Palette

Search for a command to run...

Day 07 – Using Data Sources in Terraform (VPC, Security Groups & AMI)

Published
2 min read
Day 07 – Using Data Sources in Terraform (VPC, Security Groups & AMI)
A
Abdul Raheem

Tech-driven, cloud-focused, and growth-minded ☁️ Building skills in cloud engineering with a DevOps base. Passionate about learning and solving real problems.

Part of seriesTerraform with AWS – Learn in Public

One of the best practices in Terraform is to avoid hardcoding IDs (like VPCs, Subnets, Security Groups, or AMIs). Instead, we can use Terraform Data Sources to dynamically fetch existing infrastructure or latest AMIs.

Today, I explored how to:

  • Fetch an existing VPC

  • Fetch an existing Security Group

  • Fetch the latest Amazon Linux 2 AMI

  • Deploy an EC2 instance using these data sources

🔹 What are Data Sources?

In Terraform, a Data Source allows you to query AWS for existing resources instead of creating new ones.

  • They are read-only (don’t modify infra).

  • Super useful when you need to reference existing infra (like a shared VPC).

  • Makes your Terraform DRY, reusable, and cloud-friendly.

🔹 Terraform Code

main.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "6.9.0"
    }
  }
}

provider "aws" {
  region = "ap-south-1"
}

# 1. Fetch existing VPC
data "aws_vpc" "default" {
  default = true
}

# 2. Fetch existing Security Group by name
data "aws_security_group" "default_sg" {
  filter {
    name   = "group-name"
    values = ["default"]
  }

  vpc_id = data.aws_vpc.default.id
}

# 3. Fetch latest Amazon Linux 2 AMI
data "aws_ami" "amazon_linux" {
  most_recent = true

  filter {
    name   = "name"
    values = ["amzn2-ami-hvm-*-x86_64-gp2"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["amazon"]
}

# 4. Launch EC2 using the data sources
resource "aws_instance" "example" {
  ami                         = data.aws_ami.amazon_linux.id
  instance_type               = "t2.micro"
  subnet_id                   = data.aws_vpc.default.id
  vpc_security_group_ids      = [data.aws_security_group.default_sg.id]
  associate_public_ip_address = true

  user_data = <<-EOF
              #!/bin/bash
              sudo yum install nginx -y
              sudo systemctl start nginx
              EOF

  tags = {
    Name = "Day07-DataSource-EC2"
  }
}

# Outputs
output "instance_ip" {
  value = aws_instance.example.public_ip
}

output "instance_url" {
  value = "http://${aws_instance.example.public_ip}"
}

🔹 Key Learnings

  1. Data Sources save time → No need to copy-paste IDs from the AWS Console.

  2. Future-proof AMIs → Always fetch the latest Amazon Linux 2 AMI.

  3. Reusable infra → Easily reference shared VPCs or security groups.

  4. Clean & professional Terraform code → DRY principle in practice.

👉 Follow my journey Here:

#terraform#aws#devops#ec2#vpc#learning#learning-journey#learning-in-public#iac#infrastructure-as-code
5 views

Comments

Join the discussion

No comments yet. Be the first to comment.

Terraform with AWS – Learn in Public

Part 7 of 18

Follow my hands-on journey with Terraform on AWS. From basics to production-ready deployments, learn step by step how to automate infrastructure, master core commands, and build real-world projects.

Up next

Terraform Learning Journey – Week 1 Recap

🌱 Week 1 Recap – Terraform Learning Journey I’ve completed my first 7 days of learning Terraform and it has been an exciting journey! From understanding the basics to deploying real infrastructure, here’s everything I did this week: 📅 Day-by-Day P...

More from this blog

T

The Cloud Engineer’s Log

36 posts

A practical logbook of cloud engineering—architecture, infrastructure as code, automation, and real-world problem solving in modern cloud environments.