Streamlining AWS Infrastructure with Terraform: A Modular Approach

Streamlining AWS Infrastructure with Terraform: A Modular Approach

Reza Chegini Reza Chegini

Reza Chegini

Certified GCP & AWS DevOps Engineer| Seeking Entry-Level Cloud Developer, DevOps, SRE Roles, Software Engineer or Developer | Aspiring DevOps & SRE

发布日期: 2025年1月11日
+ 关注

In today's cloud-native world, managing infrastructure efficiently and securely is paramount. I recently worked on creating a modular AWS Virtual Private Cloud (VPC) using Terraform to simplify resource provisioning and ensure scalability. This configuration is designed to create and manage a VPC with associated subnets, routing tables, NAT gateways, and other features, all while adhering to best practices.

In this post, I’ll walk through the highlights of the configuration, explaining each component and showcasing how Terraform's modular approach enhances the efficiency and manageability of AWS infrastructure. Let’s dive in! ??

1. Terraform Block

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "5.69.0"
    }
  }
}

  • Purpose: Specifies the Terraform provider required for the configuration.
  • Details:required_providers: Ensures the AWS provider (hashicorp/aws) is installed.version: Locks the provider to version 5.69.0 for consistency.

2. Provider Block

provider "aws" {
    region = var.aws_region
}

  • Purpose: Configures the AWS provider.
  • Details:The region is dynamically set using the variable var.aws_region.

3. Variable Declaration


variable "aws_region" {
  description = "Region in which AWS Resources to be created"
  type = string
  default = "us-east-1"  
}

  • Purpose: Defines the AWS region where resources will be created.
  • Details:description: Provides context about the variable.type: Specifies the data type as a string.default: Sets a default value (us-east-1), making the variable optional unless overridden.

4. Module for VPC


领英推荐

module "vpc" {
    source = "terraform-aws-modules/vpc/aws"
    version = "5.13.0"

    name = "vpc-dev"
    cidr = "10.0.0.0/16"
    azs = ["us-east-1a", "us-east-1b"]
    private_subnets     = ["10.0.1.0/24", "10.0.2.0/24"]
    public_subnets      = ["10.0.101.0/24", "10.0.102.0/24"]

    #database subnet
    create_database_subnet_group = true
    create_database_subnet_route_table = true
    database_subnets    = ["10.0.151.0/24", "10.0.152.0/24"]

    enable_nat_gateway = true
    single_nat_gateway = true

    enable_dns_hostnames = true
    enable_dns_support = true

    public_subnet_tags = {
       Type: "public_subnets",
    }

    private_subnet_tags = {
       Type: "private_subnets",
    }

    database_subnet_tags = {
       Type: "database_subnets",
    }

    tags = {
        owner: "Reza"
        Environment: "dev"
    }
    vpc_tags = {
        Name: "vpc-dev"
    }
}

. Source and Version

  • source: Points to the terraform-aws-modules/vpc/aws module from the Terraform registry.
  • version: Uses version 5.13.0 of the module for consistent behavior.

b. VPC Configuration

  • name: Assigns the name vpc-dev to the VPC.
  • cidr: Sets the CIDR block for the VPC (10.0.0.0/16).

c. Subnets

  • azs: Specifies the availability zones for the subnets (us-east-1a and us-east-1b).
  • private_subnets: Defines the CIDR blocks for private subnets.
  • public_subnets: Defines the CIDR blocks for public subnets.
  • database_subnets: Defines the CIDR blocks for database subnets.
  • create_database_subnet_group and create_database_subnet_route_table: Enables creation of database subnet groups and routing tables.

d. NAT Gateway

  • enable_nat_gateway: Enables NAT Gateway for private subnets.
  • single_nat_gateway: Configures a single NAT Gateway for cost efficiency.

e. DNS Settings

  • enable_dns_hostnames: Enables DNS hostnames within the VPC.
  • enable_dns_support: Enables DNS resolution in the VPC.

f. Tags

  • public_subnet_tags, private_subnet_tags, database_subnet_tags: Assign custom tags for the subnets.
  • tags: General tags for all resources.Example: Assigns the owner (Reza) and environment (dev).
  • vpc_tags: Specific tags for the VPC resource.


This Terraform configuration demonstrates the power of modular infrastructure management by:

  • Creating a VPC named vpc-dev with a CIDR block of 10.0.0.0/16.
  • Configuring public, private, and database subnets across two availability zones for flexibility and scalability.
  • Adding a NAT Gateway to enable internet access for private subnets.
  • Enabling DNS support and hostnames within the VPC to simplify connectivity.
  • Applying descriptive tags for seamless resource identification and management.

By leveraging Terraform's capabilities, this setup ensures a scalable, efficient, and well-organized AWS infrastructure.

Hamidreza Arabi

Senior Infrastructure And Network Expert

2 个月

Interesting
回复

要查看或添加评论,请登录

Reza Chegini的更多文章

社区洞察

其他会员也浏览了