Automate a dynamic Infrastructure over AWS using Terraform
- What is Terraform :
Terraform is an open-source infrastructure as code software tool that enables you to safely and predictably create, change, and improve infrastructure. Users define and provide data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language, or optionally JSON.
- Deliver Infrastructure As Code :
- WRITE - Write infrastructure as code using declarative configuration files. HashiCorp Configuration Language (HCL) allows for concise descriptions of resources using blocks, arguments, and expressions.
- PLAN - Run terraform plan to check whether the execution plan for a configuration matches your expectations before provisioning or changing infrastructure.
- APPLY - Apply changes to hundreds of cloud providers with terraform apply to reach the desired state of the configuration.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
- The following resources are being used:
VPC , Security Group , Internet Gateway , Subnets , Route Table and S3
STEP 1 : Create a provider.tf file for providing the region as well as the access and secret key of your AWS a/c or you can also use your "default" profile. I also created a var.tf file for storing all the variables used in the code at one single place.
The var.tf file :
variable "aws_region" {
default = "ap-south-1"
}
variable "vpc_cidr" {
default = "10.0.0.0/16"
}
variable "subnet_cidr" {
default = [ "10.0.1.0/24" , "10.0.2.0/24"]
type = list
}
variable "azs" {
type = list
default = [ "ap-south-1a" , "ap-south-1b" , "ap-south-1c"]
}
variable "ami" {
default = "ami-010aff33ed5991201"
}
variable "ec2_type" {
default = "t2.micro"
}
The provider.tf file: Terraform's resources are implemented by provider plugins. The Terraform Registry is the main directory of publicly available Terraform providers.
provider "aws" {
region = var.aws_region
profile = "default"
}
STEP 2 : Now create a file for the setup of all the resources needed, which in my case is named as vpc.tf
Create a VPC : Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've defined. Amazon VPC is the networking layer for Amazon EC2.
#Creating a VPC
resource "aws_vpc" "my_vpc" {
cidr_block = var.vpc_cidr
tags = {
Name = "My VPC"
}
} }
Create a Security group linked to this VPC : A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance.
#Creating a Security Group
resource "aws_default_security_group" "sg" {
vpc_id = aws_vpc.my_vpc.id
ingress {
protocol = -1
self = true
from_port = 0
to_port = 0
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
}
tags = {
Name = "MY SG"
}
}
Create an Internet Gateway : An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet.
#Creating IN Gateway
resource "aws_internet_gateway" "gw" {
vpc_id = aws_vpc.my_vpc.id
tags = {
Name = "My gw"
}
} }
Creating the Subnets : Since I need to launch two subnets in the above created VPC, so to make it more dynamic I used Terraform loops and function for this purpose.
#Creating Subnets
resource "aws_subnet" "my_subnet" {
count = length(var.subnet_cidr)
vpc_id = aws_vpc.my_vpc.id
cidr_block = element(var.subnet_cidr,count.index)
availability_zone= element(var.azs,count.index)
map_public_ip_on_launch = true
tags = {
Name = "Subnet-${count.index+1}"
}
}
Create a Route Table : A route table contains a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed.
#Creating Route tables
resource "aws_route_table" "rt" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.gw.id
}
tags = {
Name = "RT"
}
}
Association of the Route Table : The association between a route table and a subnet, internet gateway, or virtual private gateway.
#Associating RT
resource "aws_route_table_association" "rt_ass" {
count = length(var.subnet_cidr)
subnet_id = element(aws_subnet.my_subnet.*.id,count.index)
route_table_id = aws_route_table.rt.id
}
STEP 3 : Now, I created a S3 bucket for uploading my student login form created in my local system.
S3 bucket : Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface.
#Crearing a bucket
resource "aws_s3_bucket" "bucket" {
bucket = "s3-website-test.myhashicorp.com"
website {
index_document = "myweb.html"
}
}
#Uploading files
resource "aws_s3_bucket_object" "object" {
bucket = "s3-website-test.myhashicorp.com"
key = "webpage.html"
source = "C:/Users/sujag/Desktop/Terraform/dynamic_iaas/web.html"
}
STEP 4 : Now, apply the code for the whole setup
terraform init terraform plan terraform apply --auto-approve
Results :
Also , we can destroy the whole infrastructure in one single click
terraform destroy
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
THANK YOU !