Creation of VPC, Subnet and Internet Gateway On AWS Using Terraform:-
Statement: We have to create a web portal for our company with all the security as much as possible.
So here are the steps for proper understanding:-
1) Write a Infrastructure as code using terraform, which automatically create a VPC.
2) In that VPC we have to create 2 subnets:
a) public subnet [ Accessible for Public World! ]
b) private subnet [ Restricted for Public World! ]
3) Create a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.
4) Create a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet.
5) Launch an ec2 instance which has Wordpress setup already having the security group allowing port 80 so that our client can connect to our wordpress site. Also attach the key to instance for further login into it.
6) Launch an ec2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our wordpress vm can connect with the same. Also attach the key with the same.
Now, let's start with the practical part:-
Step 1- In the first step, we have to create VPC by using terraform code.
Output of Step 1 -
* A Virtual Private Cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.
* The terraform init command is used to initialize a working directory containing Terraform configuration file.
Step 2 - We have to create two Subnets into our VPC. One is public subnet and the other is private subnet.
For Subnet 1 -
For Subnet 2 -
Output of Step 2 -
* Subnet is a logical subdivision of an IP network.
*A public subnet has a route table that says, “send all outbound traffic (anything to the CIDR block 0.0.0.0/0) via this internet gateway.”
*A private subnet either does not allow outbound traffic to the internet or has a route that says, “send all outbound traffic via this NAT gateway.”
Step 3 - Now we have to create an internet gateway into our VPC.
Output of Step 3 -
* Internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet.
Step 4 - We have to create a routing table for Internet gateway so that instance can connect to the outside/internet world.
Output of Step 4 -
* A route table contains a set of rules called routes, that are used to determine where network traffic from your subnet or gateway is directed.
Step 5 - Now we have to associate the route table created by us in the previous step to the public subnet.
Output of Step 5 -
Step 6 - We have to create a Key-pair using terraform code.
Output of Step 6 -
* AWS uses Key-Pair to encrypt and decrypt login information.
Step 7 - Here, we have to create two security groups - one is for Wordpress and other is for MYSQL.
For Security-Group1 -
For Security-Group2 -
Output of Step 7 -
Step 8 - Now we have to launch an EC2 instance for Wordpress which has a key-pair attached to it and has a security group which allow port 80.
Output of Step 8 -
Step 9 - Now we have to launch an EC2 instance for MYSQL in the private subnet which has a key pair and a security group associated with it that allows only 3306 port.
Output of Step 9 -
Step 10 - Now, we have to type the Public IP address of the Wordpress instance on the browser and then it shows something like that -
Step 11 - Here, for destroying the complete environment we have to use the below command.
THANKS FOR READING THE BLOG!!!!
For the complete code , go to my Github Repository by using the link given below:-https://github.com/Megha-Varshney/VPC/blob/master/Task3