Infrastructure Deployment with Terraform: Creating VPC, Subnet, Internet Gateway, Security Group, S3 Bucket, and EC2 Instances in a Single Project
As the title suggested we are going to create multi-resources using Terraform as an IAC (Infrastructure As Code).
Altogether we are going to create 9 resources and Let us go through each tf file.
First, we have the main.tf file where we have our "required providers"
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "3.0.2"
}
}
}
Second, we have our providers.tf file to define our AWS build region
provider "aws" {
region = "us-west-1"
}
Third, we have vpc.tf for creating vpc
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
instance_tenancy = "default"
tags = {
Name = "main"
}
}
Forth, we have subnet.tf for creating a subnet attached to our vpc id
resource "aws_subnet" "main" {
vpc_id = aws_vpc.main.id
cidr_block = "10.0.0.0/16"
tags = {
Name = "main"
}
}
Fifth, we have security_group.tf
However, by default, the instances within the VPC have no inbound or outbound network access. To enable network connectivity for your instances, you need to define security group rules that allow the desired inbound and outbound traffic. Security groups are associated with your instances and subnets within the VPC, and they regulate the traffic flow by allowing or denying access based on the defined rules. By combining security groups with VPC and subnet configurations, you can create fine-grained network access controls for your instances.
resource "aws_security_group" "allow_tls" {
name = "allow_tls"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "TLS from VPC"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["10.0.0.0/16"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "allow_tls"
}
}
Next, we have route_table.tf
The route_table.tf file is typically used in Terraform to define and configure route tables in your AWS infrastructure. A route table is used to determine how network traffic is directed within a Virtual Private Cloud (VPC) and between a VPC and other networks. It acts as a routing control mechanism, allowing you to define rules (routes) that determine where network traffic should be sent.
resource "aws_route_table" "main" {
vpc_id = aws_vpc.main.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.exampleGW.id
}
}
resource "aws_route_table_association" "main" {
subnet_id = aws_subnet.main.id
route_table_id = aws_route_table.main.id
}
Next, we have internet_gateway.tf
By defining an internet gateway resource in your infrastructure, you enable connectivity between your VPC and the internet, allowing your resources to access external services, download software updates, and communicate with other networks on the internet.
resource "aws_internet_gateway" "exampleGW" {
vpc_id = aws_vpc.main.id
tags = {
Name = "exampleGW"
}
}
Next, is EC2.tf
The EC2.tf file is used to define and configure EC2 (Elastic Compute Cloud) instances in your infrastructure. EC2 is a web service provided by AWS that allows you to provision virtual servers in the cloud.
Here we have configured the code to create "2 T2 Micro Instance"
resource "aws_instance" "name_web" {
count = 2
ami = "ami-014d05e6b24240371"
instance_type = "t2.micro"
vpc_security_group_ids = [aws_security_group.allow_tls.id]
subnet_id = aws_subnet.main.id
tags = {
Name = "HelloWorld"
}
}
And at last, we have S3_bucket.tf
The S3_bucket.tf file is used to define and configure an S3 (Simple Storage Service) bucket in your infrastructure using Terraform.
resource "aws_s3_bucket" "example" {
bucket = "mybucketforterraform1234"
tags = {
Name = "mybucketforterraform1234"
}
}
Now, open the work directory folder in your terminal and connect your AWS console using AWS configure CLI - provide the access key and secret key which you get from "IAM User - security credentials - generate access key" and don't forget to give the required permissions to the user
After the connection is successful with our AWS Console, Next we execute the command "terraform init" to initialize the Terraform working directory.
After initialization, we can run terraform validate command to check whether the configuration is valid or not. Here we have successful validation.
Next, we can terraform plan to see what action Terraform will perform along with what resources it will build.
Now, finally, if everything checks out we run the command terraform apply
terraform apply is used to create, update, or delete resources according to the Terraform configuration, ensuring that the infrastructure matches the desired configuration. It evaluates any changes, prompts for confirmation, and then apply the changes if approved
After the terraform apply is completed with creating resources, we can check the number of resources is been created using the command terraform state list
Now, if you want more information about a particular single resource we can use the command terraform state show
Then we can use the command terraform state show resources_name
we can get the resource name from terraform state list command, here as we can see we use the terraform state show command for "S3 Bucket"
And another show command for the EC2 instance
Let us see in our AWS console if the resources are being created or not
Here, we can see our "2 EC2 Instances" are being created
An S3 Bucket
VPC
Subnet
Route Table
Internet Gateway
And lastly "Security Group"
At last in order to delete all the resources that we have created we will run the command "terraform destroy"
This Terraform project was very interesting and helped in motivating and learning how we can use Terraform as IAC and created several resources with a number of cloud platforms available.
I hope you will find some useful content in my writing, Thank you for reading the blog!!!