DEV Community

Cover image for Terraform code to create a VPC , Subnet , EC2 Instance , keypairs , Security group and Nat Gateway with Website Hosting in AWS
Surya Shankar
Surya Shankar

Posted on • Edited on

Terraform code to create a VPC , Subnet , EC2 Instance , keypairs , Security group and Nat Gateway with Website Hosting in AWS

In a DevOps scenario, building AWS services via tools like Terraform is a more scalable and automated approach to cloud resource provisioning.

Understanding AWS VPCs

An AWS VPC is a single network that allows you to launch AWS services within a single isolated network. Technically, an AWS VPC is almost the same as owning a datacenter but with built-in additional benefits of scalability, fault-tolerance, unlimited storage, etc.

Image description

Building the Terraform Configuration for an AWS VPC

1. To start, create a folder to store your Terraform configuration files in. This tutorial will create a folder called terraform-ec2 in your home directory.

The Terraform configuration below:

Creates a VPC
Creates an Internet Gateway and attaches it to the VPC to allow traffic within the VPC to be reachable by the outside world.
Creates a public and private subnet

Subnets are networks within networks. They are designed to help network traffic flow be more efficient and provide smaller, more manageable ‘chunks’ of IP addresses
Enter fullscreen mode Exit fullscreen mode

Creates a route table for the public and private subnets and associates the table with both subnets
Creates a NAT Gateway to enable private subnets to reach out to the internet without needing an externally routable IP address assigned to each resource.
Creates two server/instance [ public and private ]
Deploy a website inside public server with the help of scripting file [.sh].

Create a file inside ~/terraform-ec2 directory, paste in the following code, and name it as provider.tf to define the AWS provider

Image description

Vars.tf is a Terraform variables file that contains all the variables that the configuration file references.
You can see variables references in the configuration file by:

variable "region" {}
 variable "main_vpc_cidr" {}
 variable "public_subnets" {}
 variable "private_subnets" {}
Enter fullscreen mode Exit fullscreen mode

Image description

Create one more file inside the ~/terraform-ec2 directory, name it terraform.tfvars, and paste the code below. This variables file contains the values that Terraform will use to replace the variable references inside of the configuration file.

main_vpc_cidr = "11.0.0.0/16"
 public_subnets = "11.0.1.0/24"
 private_subnets = "11.0.2.0/24"
Enter fullscreen mode Exit fullscreen mode

Image description

The instance.tf file contains all the resources which are required to be provisioned such as vpc subnets and instance.

Creating VPC & Internet Gateway.
Image description

Creating public and private subnets
Image description

Creating routes table for public and private subnets
Image description

Subnets association and Creating Nat gateway
Image description

Creating keypairs for Ec2 instances
To create a key inside our folder we need to type following commands

ssh-keygen -t rsa
./id_rsa
Enter fullscreen mode Exit fullscreen mode

Image description
It will create two files id_rsa[private] and id_rsa.pub[public]

Image description

Creating a web_server.sh file for Website deployment
Image description

Creating EC2 public server with keys pair
Image description

Creating EC2 private server
Image description

Creating Security Groups and assign it to EC2 instance
Image description

Run the terraform init command in the same directory. The terraform init command initializes the plugins and providers which are required to work with resources.
Image description

Now, run the terraform plan command. This is an optional, yet recommended action to ensure your configuration’s syntax is correct and gives you an overview of which resources will be provisioned in your infrastructure
Image description
Image description

Next, tell Terraform actually to provision the AWS VPC and resources using terraform apply. When you invoke terraform apply, Terraform will read the configuration (instance.tf) and the other files to compile a configuration. It will then send that configuration up to AWS as instructions to build the VPC and other components.
Image description
Image description
Image description

Now our resources are created successfully lets verify it in aws console

VPC
Image description
Subnets
Image description
Routes tables
Image description
Internet gateway
Image description
Nat Gateway
Image description
Public & private servers
Image description

Put your public server ip in browser and check your website
Image description

You can also try to ssh into public server
Image description

As private server don't have any public ip...so inorder to ssh into it we can either use openvpn or a jump server [ so here public server acts like a jump server]

Image description

Now we are in private server.. we can't able ping as there is no internet inside this server
Image description

Using Nat gateway we can go to internet from this server
A NAT gateway is a Network Address Translation (NAT) service. You can use a NAT gateway so that instances in a private subnet can connect to services outside your VPC but external services cannot initiate a connection with those instances.
Image description

Now you can delete all resources at a time using terraform destroy commands.
Image description

The terraform destroy command is a convenient way to destroy all remote objects managed by a particular Terraform configuration.
Image description
Image description

Top comments (1)

Collapse
 
thenaman047 profile image
TheNaman047

Quite informative article.

Just one suggestion, it would be great if you use code blocks in the articles instead of Screenshots. Also a public github repo with this code would be really useful.

Thanks.