AWS VPC Setup with Terraform!

AWS VPC Setup with Terraform!

Bhupendra Maurya Bhupendra Maurya

Bhupendra Maurya

Software Developer | Web Developer | React | Angular | JavaScript | Typescript | Node | AWS | HTML/CSS | Passionate about solving problems and constantly learning to enhance my skills in full-stack development

发布日期: 2024年5月19日
+ 关注

?? I'm excited to share a recent project where I leveraged Terraform to automate the creation of a secure and scalable AWS infrastructure. Here’s what we accomplished:

?? Created a VPC: Set up a Virtual Private Cloud (VPC) to isolate our AWS resources.

?? Subnets: Defined both public and private subnets within the VPC for better resource segmentation.

?? Internet Gateway: Attached an Internet Gateway to the VPC, allowing internet access to instances in the public subnet.

?? Routing: Configured route tables to manage traffic flow between subnets and the internet.

?? Security Groups: Established security groups to control inbound and outbound traffic, ensuring our instances are secure.

?? EC2 Instances: Launched EC2 instances in both public and private subnets, each with appropriate security settings.

Why Terraform?

Using Terraform allowed us to:

- Automate Infrastructure Provisioning: No more manual setups! Infrastructure as Code (IaC) ensures consistency and repeatability.

领英推荐

- Version Control: Keep track of changes with version control, making rollbacks and audits straightforward.

- Scalability: Easily scale the infrastructure as needed by adjusting the configuration files.

Key Takeaways:

- Efficiency: Automating the setup reduced the deployment time significantly.

- Security: Proper configuration of security groups and subnets ensures a secure environment.

- Flexibility: The infrastructure is now flexible and can be easily modified to meet future needs. 


terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.50.0"
    }
  }
}

provider "aws" {
  region = "us-east-2"
}

locals {
  dev_env = "dev"
}

# creating VPC
resource "aws_vpc" "dev_vpc" {
  cidr_block       = "10.0.0.0/16"
  instance_tenancy = "default"

  tags = {
    Name = "${local.dev_env}-vpc"
  }
}

# create subnets
resource "aws_subnet" "public_subnet" {
  vpc_id     = aws_vpc.dev_vpc.id
  cidr_block = "10.0.10.0/24"

  tags = {
    Name = "${local.dev_env}-public-subnet"
  }
}

resource "aws_subnet" "private_subnet" {
  vpc_id     = aws_vpc.dev_vpc.id
  cidr_block = "10.0.20.0/24"

  tags = {
    Name = "${local.dev_env}-private-subnet"
  }
}

# attach the VPC to IGW
resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.dev_vpc.id

  tags = {
    Name = "${local.dev_env}-igw"
  }
}

# public route table
resource "aws_route_table" "public_rt" {
  vpc_id = aws_vpc.dev_vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }

  tags = {
    Name = "${local.dev_env}-public-rt"
  }
}

# associate public subnet with public route table
resource "aws_route_table_association" "public_association" {
  subnet_id      = aws_subnet.public_subnet.id
  route_table_id = aws_route_table.public_rt.id
}

# private route table (no need to add a route as it's private)
resource "aws_route_table" "private_rt" {
  vpc_id = aws_vpc.dev_vpc.id

  tags = {
    Name = "${local.dev_env}-private-rt"
  }
}

# associate private subnet with private route table
resource "aws_route_table_association" "private_association" {
  subnet_id      = aws_subnet.private_subnet.id
  route_table_id = aws_route_table.private_rt.id
}

# create security group for public instance
resource "aws_security_group" "public_sg" {
  vpc_id = aws_vpc.dev_vpc.id

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "${local.dev_env}-public-sg"
  }
}

# create security group for private instance
resource "aws_security_group" "private_sg" {
  vpc_id = aws_vpc.dev_vpc.id

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["10.0.0.0/16"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "${local.dev_env}-private-sg"
  }
}

# create EC2 instances
resource "aws_instance" "public_instance" {
  ami             = "ami-02bf8ce06a8ed6092" # Replace with your desired AMI
  instance_type   = "t2.micro"
  subnet_id       = aws_subnet.public_subnet.id
  security_groups = [aws_security_group.public_sg.id]

  tags = {
    Name = "${local.dev_env}-public-instance"
  }
}

resource "aws_instance" "private_instance" {
  ami             = "ami-02bf8ce06a8ed6092" # Replace with your desired AMI
  instance_type   = "t2.micro"
  subnet_id       = aws_subnet.private_subnet.id
  security_groups = [aws_security_group.private_sg.id]

  tags = {
    Name = "${local.dev_env}-private-instance"
  }
}

#AWS #Terraform #CloudInfrastructure #DevOps #Automation #InfrastructureAsCode #IaaS #CloudComputing

要查看或添加评论,请登录

Bhupendra Maurya的更多文章

  • Amazon ECS (Elastic Container Service)
    2024年6月29日

    Amazon ECS (Elastic Container Service)

    AWS ECS stands for Amazon Elastic Container Service. It is a fully managed container orchestration service provided by…

    1 条评论
  • Nonrelational Databases
    2024年6月19日

    Nonrelational Databases

    Key-value databases Key-value databases logically store data in a single table. Within the table, the values are…

  • Subnets and Network Access Control Lists
    2024年6月4日

    Subnets and Network Access Control Lists

    Subnets A subnet is a section of a VPC in which you can group resources based on security or operational needs. Subnets…

  • ?? Extending Root Volume on an AWS EC2 Instance ??
    2024年5月25日

    ?? Extending Root Volume on an AWS EC2 Instance ??

    Today, I faced a critical situation with my AWS EC2 instance - I ran out of storage space on the root volume! ?? Here's…

  • Amazon Ec2 Lifecycle
    2024年5月14日

    Amazon Ec2 Lifecycle

    Amazon EC2 (Elastic Compute Cloud) lifecycle refers to the various states and transitions that an EC2 instance…

  • Simplify AWS Infrastructure Deployment with CloudFormation
    2024年4月27日

    Simplify AWS Infrastructure Deployment with CloudFormation

    Are you tired of manually configuring your AWS infrastructure? Say goodbye to tedious setup processes and hello to…

  • Comparing Purchasing Options
    2024年4月20日

    Comparing Purchasing Options

    1. On-Demand Instances With On-Demand Instances, you pay for compute capacity by the hour or by the second depending on…

    1 条评论
  • AWS Networking
    2024年4月16日

    AWS Networking

    #Subnet A subnet, or subnetwork, is a smaller network inside of a larger network. A subnet consists of a smaller…

  • Migrating an E-commerce startup
    2024年4月16日

    Migrating an E-commerce startup

    #Scenario: A growing e-commerce startup is experiencing significant traffic spikes during peak sales seasons. Their…

  • Docker volumes & Bind Mount
    2024年2月19日

    Docker volumes & Bind Mount

    To list all the volumes 2. To create a new volume 3.

    3 条评论

社区洞察

其他会员也浏览了