Creating VPC , Subnets , Routing table on AWS using Terraform
Samarth Pant
![Samarth Pant]()
Samarth Pant
Information Technology Analyst @ TCS | Contextual Master | OpenTofu | Terraform |
Terraform:
Terraform is an open-source infrastructure as a code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files.
Detailed Stepwise view of creating resources on AWS:
- Creating providers.tf file:
In this file, the cloud providers which we want to use are defined(in this case only AWS ) and the credentials are taken from profile created through AWS CLI.
provider "aws" {
region = var.aws_region #referenciing region from the var.tf file
profile = "default" #referencing profile configured voa AWS-CLI
}
- Creating a var.tf file:
In this step, I created a file called var.tf in which I stored all the values which a user can modify as per his/her need of launching the infrastructure. The reference of var.tf file is used to use variables defined in the file whenever required.
variable "aws_region" {
default = "ap-south-1" #region where VPC wll eb launched
}
variable "vpc_cidr" {
default = "10.0.0.0/16" #CIDR declaration for VPC
}
variable "subnets_cidr" {
type = list
default = ["10.0.1.0/24" , "10.0.2.0/24"] #CIDR declaration for 2 subnets
}
variable "availability_zones" {
type = list
default = ["ap-south-1a" , "ap-south-1b"] #defining AZs for Subnets
}
- Creating a vpc.tf file :
In this file various resources are created like:
- VPC(a space on the cloud where user can provision resource):
#creating VPC
resource "aws_vpc" "vpc" {
cidr_block = var.vpc_cidr
tags = {
Name = "my-vpc"
}
}
- Subnets(a place inside VPC for a user to provision resources on the cloud):
resource "aws_subnet" "sbnt" {
count = length(var.subnets_cidr) #number of times the block will run is equal to length of subnet's_cidr list
vpc_id = aws_vpc.vpc.id
/*when block runs for first time, first value form list subnet's_cidr will be
passed and when block runs for second time
second value form list subnet's_cidr will be passed*/
cidr_block = element(var.subnets_cidr , count.index)
availability_zone = element(var.availability_zones , count.index)
map_public_ip_on_launch = true
tags = {
Name = "My-Subnet-${count.index + 1}"
}
}
- Internet Gateway(it serves two purposes: to provide a target in users VPC route tables for internet-routable traffic, and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses.):
#creating internet gateway for our subnets to be able to connect to internet
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.vpc.id
tags = {
Name = "My-IGW"
}
}
- Routing Table(it contains a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed):
#creating route table
resource "aws_route_table" "rt" {
vpc_id = aws_vpc.vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
tags = {
Name = "My-Public-Routing-Table"
}
}
- Attaching Routing table to Subnets
#attaching route table to subnets created in order to provide access to internet.
resource "aws_route_table_association" "a" {
count = length(var.subnets_cidr)
subnet_id = element(aws_subnet.sbnt.*.id , count.index)
route_table_id = aws_route_table.rt.id
}
Product @HSBC | IIM Indore’24 | Cyber Risk Advisory Intern @Deloitte USI | Ex-Cloud Security Engineer @TCS
3 年Helpful! ?