Day 66 Task: Terraform Hands-on Project - Build Your Own AWS Infrastructure with Ease using Infrastructure as Code (IaC)

Day 66 Task: Terraform Hands-on Project - Build Your Own AWS Infrastructure with Ease using Infrastructure as Code (IaC)

ยท

5 min read

Welcome back to your Terraform journey.Subtasks:

Pre-requisite:-

Terraform must be installed locally or on an EC2 instance. I am using an EC2 instance.

AWS CLI must be configured.

As we already know we can write terraform configuration files as a single file like all the resources in main.tf or we can create different ".tf" files for different resources.

In this challenge, I am going to create different configuration files for different resources like VPC, SG, EC2, etc instead of main.tf.

Create a terraform.tf file and provide details for the provider.

Note - Use the terraform init command to initialize as we need to validate the script(s).

Task 1: Create a VPC

  • Create a VPC (Virtual Private Cloud) with CIDR block 10.0.0.0/16

    1. Create a vpc.tf file and mention the required CIDR block with the name tag of VPC.

       resource "aws_vpc" "tf_vpc" {
             cidr_block = "10.0.0.0/16"
      
             tags = {
               Name = "tf_vpc"
             }
           }
      

       terraform {
        required_providers { 
          aws = {
           source = "hashicorp/aws"
           version = "~>4.16"
       }
       }
       required_version = ">=1.2.0"
       }
      
    2. Below are the prerequisites for building any aws infrastructure is to define providers.

    3. Execute terraform apply to build the VPC.

    4. We can check in the AWS console for the new VPC created with name as "main".

Task 2: Create a private subnet

  • Create a private subnet with CIDR block 10.0.1.0/24 in the above VPC.

    1. Create a subnet.tf file to define the private subnet with the required configuration tag.

       resource "aws_subnet" "tf_private_subnet" {
             vpc_id     = aws_vpc.tf_vpc.id
             cidr_block = "10.0.2.0/24"
      
             tags = {
               Name = "tf_private_subnet"
             }
           }
      
    2. Use terraform apply to create the private subnet.

    3. We can verify the private subnet in the subnet section in AWS management console.

Task 3: Create a public subnet

  • Create a public subnet with CIDR block 10.0.2.0/24 in the above VPC.

    1. Similarly, in the subnet.tf file that we created above define the public subnet block.

       resource "aws_subnet" "tf_public_subnet" {
             vpc_id     = aws_vpc.tf_vpc.id
             cidr_block = "10.0.1.0/24"
      
             tags = {
               Name = "tf_public_subnet"
             }
           }
       resource "aws_subnet" "tf_private_subnet" {
             vpc_id     = aws_vpc.tf_vpc.id
             cidr_block = "10.0.2.0/24"
      
             tags = {
               Name = "tf_private_subnet"
             }
           }
      
    2. Use terraform apply to create the public subnet.

    3. We can verify the subnet creation in the AWS console.

Task 4: Create an Internet Gateway

  • Create an Internet Gateway (IGW) and attach it to the VPC.

    1. Create a internetgateway.tf file and define the internet gateway with the required configurations to attach it to VPC

         resource "aws_internet_gateway" "tf_igw" {
             vpc_id = aws_vpc.tf_vpc.id
      
             tags = {
               Name = "tf_igw"
             }
           }
      
    2. Use terraform apply to create the internet gateway.

    3. We can verify the internet gateway that is created in AWS console.

Task 5: Create a Route table

  • Create a route table for the public subnet and associate it with the public subnet. This route table should have a route to the Internet Gateway.

    1. Create a routetable.tf file to define the route table configuration in association with the public subnet.

       resource "aws_route_table" "tf_routetable" {
             vpc_id = aws_vpc.tf_vpc.id
      
             route {
               cidr_block = "0.0.0.0/0"
               gateway_id = aws_internet_gateway.tf_igw.id
             }
      
             tags = {
               Name = "tf_routetable"
             }
           }
      
           resource "aws_route_table_association" "public_subnet_association" {
             subnet_id      = aws_subnet.tf_public_subnet.id
             route_table_id = aws_route_table.tf_routetable.id
           }
      
           resource "aws_route_table_association" "private_subnet_association" {
             subnet_id      = aws_subnet.tf_private_subnet.id
             route_table_id = aws_route_table.tf_routetable.id
           }
      
    2. Use terraform apply to create the route table.

    3. We can verify the route table in AWS console along with the public subnet which is associated in the subnet association section.

Task 6: Create a security group

  • Security group: Allow SSH access and HTTP access from anywhere

Task 7: Create an Elastic IP

  • Create an Elastic IP and associate it with the EC2 instance.

Task 8: Create user data to install Apache

  • User data: Use a shell script to install Apache and host a simple website

Task 9: Create an EC2 instance

  • Launch an EC2 instance in the public subnet with the following details:

  • AMI: ami-0557a15b87f6559cf

  • Instance type: t2.micro

  • Open the website URL in a browser to verify that the website is hosted successfully.

  • create ec2.tf

resource "aws_security_group" "tf_sg" {
      name_prefix = "tf_sg"
      vpc_id      = aws_vpc.tf_vpc.id

      ingress {
        from_port   = 80
        to_port     = 80
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }

      ingress {
        from_port   = 443
        to_port     = 443
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }

      ingress {
        from_port   = 22
        to_port     = 22
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }

      egress {
        from_port        = 0
        to_port          = 0
        protocol         = "-1"
        cidr_blocks      = ["0.0.0.0/0"]
        ipv6_cidr_blocks = ["::/0"]
      }

    }
resource "aws_instance" "tf_ec2instance" {
      ami           = "ami-0fe8bec493a81c7da"
      instance_type = "t3.micro"
      key_name      = "terraform"
      subnet_id     = aws_subnet.tf_public_subnet.id
      security_groups = [
        aws_security_group.tf_sg.id
      ]
  user_data = <<-EOT
             #!/bin/bash
            sudo apt-get update -y
            sudo apt install apache2 -y
            sudo systemctl start apache2
            sudo systemctl enable apache2
             echo "<html><body><h1> Welcome to my website my self Nilesh Sahare </h1></body></html> "
   < /var/www/html/index.html
    EOT

  }
resource "aws_eip" "tf_eip" {
      instance = aws_instance.tf_ec2instance.id
      vpc = true 
      tags = {
       Name = "terraform_elastic_ip"
}
}

  1. Use terraform apply to spin up the infrastructure.

  2. Now, we can see in the AWS console for the new EC2 instance which is created.

  3. We can verify the security group along with the rules created.

We can verify the elastic IP which is created.

Task 10: Access the website

  • We can verify the website that is created through Apache web server.

  • Don't forget to use the terraform destroy command. to destroy ur all your resources.

  • Happy Learning :)

    If you find my blog valuable, I invite you to like, share, and join the discussion. Your feedback is immensely cherished as it fuels continuous improvement. Let's embark on this transformative DevOps adventure together! ๐Ÿš€ #devops #90daysofdevop #AWS

ย