Launched VPC Infrastructure using Terraform (With NAT gateways)

- Before creating VPC, first we have to mention provider of AWS for understanding API interactions. We have to initialize it so that it can download AWS provider plugin.

1) # terraform init 2) # terraform apply

Now we created VPC in CIDR block we need to mention the subnet range "192.168.0.0/16"

In that VPC we have to created 2 subnets: a) public subnet [ Accessible for Public World! ] b) private subnet [ Restricted for Public World! ]

 Created Private Subnet:

- Created Public Subnet:

For public subnet ,we have added "map_public_ip_on_launch" which indicates that instances launched into the subnet should be assigned a public IP address.

Created a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.

Created a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet also Associating Public subnet to this route table

You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances. For more information about NAT

#creating NAT getway

resource "aws_eip" "natip" {

 vpc = true

}

resource "aws_nat_gateway" "natgw1" {

allocation_id = "${aws_eip.natip.id}"

 subnet_id = "${aws_subnet.publicSn.id}"

 tags = {

  Name = "NATGW1"

 }

}

//-----------------------------------------------------------------------------

resource "aws_route_table" "vpcRouteTable1" {

 vpc_id = "${aws_vpc.main.id}"

 route {

  cidr_block = "0.0.0.0/0"

  nat_gateway_id = "${aws_nat_gateway.natgw1.id}"

 }

 tags = {

  Name = "myvpcroute1"

 }

}

resource "aws_route_table_association" "associate1" {

 subnet_id   = aws_subnet.privateSn.id

 route_table_id = aws_route_table.vpcRouteTable1.id

}

Launched an ec2 instance which has WordPress setup already having the security group allowing port 80 so that our client can connect to our WordPress site.Also attach the key to instance for further login into it.

Created Security Group and create our instance ( Wordpress instance) 

Launched an ec2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our WordPress instance can connect with the same.Also attach the key with the same.

 Created MySQL Security group and create our instance ( MYSQL instance)

the MySQL instance doesn’t have any public IP assigned. So, there is no way we can access the MySQL instance from the public world.

Finally Accessing the WordPress Site Now, open the public IP of the WordPress instance form the browser.

Github link : https://github.com/apurvwagh/VPC--Terraform-code.git

Thanks...