AWS Infra Using Terraform

Here we are going to create basic AWS infra using terraform.

we will be creating the following resources in AWS using Terraform.

1, VPC

2, Two private subnet

3, Route table and we will associate it with subnets.

4, Create your own keypair, NOTE: which uses your .ssh public file.

5, Internet Gateway.

6, Security Group.

7, Nginx EC2 Instance. with Elastic public IP.

Usage:

###Configure your AWS credentials##

##export AWS_ACCESS_KEY_ID=your_access_key_id export## ##AWS_SECRET_ACCESS_KEY=your_secret_access_key##

#terraform plan

#terraform apply


  • ********main.tf*******

############################################################

#DATA Declare the Data Source

############################################################

data “aws_availability_zones” “available” {}

data “aws_ami” “ubuntu” {

most_recent = true

filter {

name = “name”

values = [“ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*”]

}

filter {

name = “virtualization-type”

values = [“hvm”]

}

owners = [“099720109477”] # Canonical

}

############################################################

#PROVIDERS

############################################################

provider “aws” {

// access_key = “${var.aws_access_key}”

// secret_key = “${var.aws_secret_key}”

region = “${var.aws_region}”

shared_credentials_file = “~/.ssh/.aws/cerdentials”

profile = “${var.aws_configure_profile}”

}

##########################################

#RESOURCES

##########################################

##Create new vpc

resource “aws_vpc” “mvp-cluster” {

cidr_block = “${var.mvp-vpc-address-dev}”

enable_dns_hostnames = “true”

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

}

}

##Create Subnets private az

resource “aws_subnet” “mvp-cluster-private-az” {

vpc_id = “${aws_vpc.mvp-cluster.id}”

cidr_block = “${var.mvp-subnet-address-private01}”

availability_zone = “${data.aws_availability_zones.available.names[0]}”

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

}

}

##Create Subnets private01 az

resource “aws_subnet” “mvp-cluster-private01-az” {

vpc_id = “${aws_vpc.mvp-cluster.id}”

cidr_block = “${var.mvp-subnet-address-private02}”

availability_zone = “${data.aws_availability_zones.available.names[1]}”

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

Environment = “${var.environment}”

}

}

##InternetGateway

resource “aws_internet_gateway” “mvp-cluster-igw” {

vpc_id = “${aws_vpc.mvp-cluster.id}”

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

Environment = “${var.environment}”

}

}

#Route Table

resource “aws_route_table” “mvp-cluster-route” {

vpc_id = “${aws_vpc.mvp-cluster.id}”

route {

cidr_block = “0.0.0.0/0”

gateway_id = “${aws_internet_gateway.mvp-cluster-igw.id}”

}

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

Environment = “${var.environment}”

}

}

#Route Associate

resource “aws_route_table_association” “mvp-cluster-route-association-private-az” {

subnet_id = “${aws_subnet.mvp-cluster-private-az.id}”

route_table_id = “${aws_route_table.mvp-cluster-route.id}”

}

resource “aws_route_table_association” “mvp-cluster-route-association-private01-az” {

subnet_id = “${aws_subnet.mvp-cluster-private01-az.id}”

route_table_id = “${aws_route_table.mvp-cluster-route.id}”

}

resource “aws_key_pair” “tfdeployer” {

key_name = “${var.environment}-tfdeployer-key”

public_key = “${var.local_public_key}”

}

#Security Group

resource “aws_security_group” “mvp-cluster-nginx-sg” {

name = “nginx-sg-${var.environment}”

description = “All_ssh_and_http”

vpc_id = “${aws_vpc.mvp-cluster.id}”

ingress {

from_port = 80

to_port = 80

protocol = “tcp”

cidr_blocks = [“${var.public_ip}”]

}

ingress {

from_port = 22

to_port = 22

protocol = “tcp”

cidr_blocks = [“${var.public_ip}”]

}

egress {

from_port = 0

to_port = 0

protocol = “-1”

cidr_blocks = [“${var.public_ip}”]

}

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

}

}

#Instance

resource “aws_instance” “mvp-cluster-instance01” {

ami = “${data.aws_ami.ubuntu.id}”

instance_type = “t2.micro”

key_name = “${aws_key_pair.tfdeployer.key_name}”

vpc_security_group_ids = [“${aws_security_group.mvp-cluster-nginx-sg.id}”]

associate_public_ip_address = true

#availability_zone = “${data.aws_availability_zones.available.names[0]}”

subnet_id = “${aws_subnet.mvp-cluster-private-az.id}”

associate_public_ip_address = true

connection {

user = “ubuntu”

private_key = “${file(var.private_key_path)}”

}

provisioner “remote-exec” {

inline = [

“sudo apt-get install nginx -y”,

“sudo service nginx start”,

“echo ‘<html><head><title>Blue Team Server</title></head><body style=\”background-color:#1F778D\”><p style=\”text-align: center;\”><span style=\”color:#FFFFFF;\”><span style=\”font-size:28px;\”>Blue Team</span></span></p></body></html>’ | sudo tee /usr/share/nginx/html/index.html”

]

}

tags {

Name = “${var.cluster}-${var.environment}”

Cluster = “${var.cluster}”

Environment = “${var.environment}”

}

}

  • ************end of main.tf file************
  • ************variable.tf file***************

############################################################

#VARIABLES

############################################################

variable “mvp-vpc-address-dev” {

default = “10.1.0.0/16”

}

variable “mvp-subnet-address-private01” {

default = “10.1.1.0/24”

}

variable “mvp-subnet-address-private02” {

default = “10.1.2.0/24”

}

variable “public_ip” {

description = “local office public ip address”

}

variable “aws_region” {

default = “ap-south-1”

}

variable “aws_configure_profile” {

}

variable “environment” {

#default = “dev”

description = “Cluster Environment”

}

variable “cluster” {

#default = “mvp-catalyst”

}

variable “private_key_path” {

description = “key file for ${var.environment} cluster”

}

variable “local_public_key” {

description = “local_public_key public key file”

}