Provisioning 2-tiers and 3-tiers AWS VPC infrastructure using Terraform
Published in
66 min readMay 3, 2021
In this project, we will be building and provisioning a 2-tiers AWS VPC and 3-tiers AWS VPC from scratch. If you may use it as a reference for your own AWS VPC or use it as a learning tutorial. Feel free to take advantage of it! :)
For your convenience, 2 free giveaways :)
Git Repos for you!
What and why are AWS VPC being used?
Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 for most resources in your virtual private cloud, helping to ensure secure and easy access to resources and applications.
As one of AWS’s foundational services, Amazon VPC makes it easy to customize your VPC’s network configuration. You can create a public-facing subnet for your web servers that have access to the internet. It also lets you place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access. Amazon VPC lets you to use multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.
What and why are Terraform being used?
Terraform
Terraform is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files
Tips: My personal takeaway of Terraform
- provision infrastructure seamlessly
- update infrastructure with ease
- destroy infrastructure without hassle
- check codes errors with click of a button
- plan out infrastructures prior to deployment
- track records from state file
Prerequites:
- An AWS account — with non-root user (take security into consideration)
- In terms of system, we will be using RHEL 8.3 by Oracle Virtual Box on Windows 10 using putty
- AWSCLI installed
- Install Terraform
Let us work on them one by one.
Creating a non-root user
Based on AWS best practice, root user is not recommended to perform everyday tasks, even the administrative ones. The root user, rather is used to to create your first IAM user, groups and roles. Then you need to securely lock away the root user credentials and use them to perform only a few account and service management tasks.
Notes: If you would like to learn more about why we should not use root user for operations and more about AWS account, please find more here.
Set up RHEL 8.3 by Oracle Virtual Box on Windows 10 using putty
First, we will download Oracle Virtual Box on Windows 10, please click Windows hosts
Second, we will also download RHEL iso
Let us make it work now!
Click Oracle VirtualBox and open the application and follow instructions here, you will install RHEL 8.3 as shown below
Notes: In case you are unable to install RHEL 8.3 successfully, please find solutions here. Also, after you create your developer’s account with Red Hat, you have to wait for sometime before register it. Otherwise, you may receive errors as well.
Now it’s time for us to connect to RHEL 8.3 from Windows 10 using VirtualBox.
Click activities and open terminal
Notes: In order to be able to connect to RHEL 8.3 from Windows 10 using putty later, we must enable what it is shown below.
Now we will get the ip that we will be using to connect to RHEL 8.3 from Windows 10 using Putty (highlighted ip address for enp0s3 is the right one to use)
Then we will install Putty.
ssh-keygen with a password
Creating a password-protected key looks something like this:
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/pzhao/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/pzhao/.ssh/id_rsa.
Your public key has been saved in /home/pzhao/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RXPnUZg/fGgRGTOxEfbo3VOMo/Yp4Gi80has/iR4m/A pzhao@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| o . %X.|
| . o +=@ |
| . B++|
| . oo==|
| .S . o...=|
| . .oo o . ..|
| o oo=.. . o |
| +o*o. . |
| .E+o |
+----[SHA256]-----+To find out private key
$ cat .ssh/id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEAwoavXHvZCYPO/sbMD0ibtkvF+9/NmSm2m/Z8wRy7O2A012YS98ap
8aq18PXfKPyyAMNF3hdG3xi1KMD7DSIb/C1gunjTREEJRfYjydOjFBFtZWY78Mj4eQkrPJ
.
.
.
-----END OPENSSH PRIVATE KEY-----Notes: You may take advantage of GUI of RHEL to send Private Key as an email, then open the mail and copy the private key from email
Open the Notepad in Windows 10 and save private key as ansiblekey.pem file
Then open PuTTY Key Generator and load the private key ansiblekey.pem
Then save it as a private key as ansible.ppk file
We now open Putty and input IP address we saved previously as Host Name (or IP address) 192.168.0.18
We then move on to Session and input IP address
For convenience, we may save it as a predefined session as shown below
You should see the pop up below if you log in for the very first time
Then you input your username and password to login. You see below image after log in.
Installing AWS CLI
To install AWS CLI after logging into Redhat8
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/installTo verify the installation
$ aws --version
aws-cli/2.0.46 Python/3.7.4 Darwin/19.6.0 exe/x86_64To use aws cli, we need to configure it using aws access key, aws secret access key, aws region and aws output format
$ aws configure
AWS Access Key ID [****************46P7]:
AWS Secret Access Key [****************SoXF]:
Default region name [us-east-1]:
Default output format [json]:Installing Terraform
To install terraform, simply use the following command:
Install yum-config-manager to manage your repositories.
$ sudo yum install -y yum-utilsUse yum-config-manager to add the official HashiCorp Linux repository.
$ sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repoInstall terraform
$ sudo yum -y install terraformNotes: In case of a wrong symbolic link set up, please check out this link. Also, you may need to re login after changing the symbolic link.
To check out installation of terraform
$ terraform version
Terraform v0.14.3
+ provider registry.terraform.io/hashicorp/aws v3.21.0— Here we go after our prerequisites are all set! —
Terraforming an AWS VPC — 2 Tiers
To kick off our project, we need to make a directory for the project and change into the directory
$ mkdir terraform-vpc-2-tiers && cd terraform-vpc-2-tiers/First thing first, we will create a vpc.tf file to build up our vpc infrastructure
vim terraform-vpc-2-tiers
Notes:
Tip 1: (*****)
The referred aws_db_subnet_group must be created to ensure that aws_db_instance and aws_instance will sitting inside the same VPC created. Otherwise, you may have your aws_db_instance created in a default VPC. For more reference, please visit here
resource "aws_db_subnet_group" "rds_subnet_group" {
name = "rds_subnet_group"
subnet_ids = [aws_subnet.private_subnet_1.id, aws_subnet.private_subnet_2.id]
tags = {
Name = "RDS Mysql subnet group"
}
}Tip 2: (*****)
Error as shown below may occur if you don’t provide vpc_security_group_ids in aws_db_instance
“Terraform InvalidParameterCombination: DB Security Groups can only be associated with VPC DB Instances”
resource "aws_db_instance" "rds_mysql_instance" {
count = var.rds_mysql_instance_count
allocated_storage = var.rds_allocated_storage
engine = var.rds_engine
engine_version = var.rds_engine_version
instance_class = var.rds_instance_class
name = var.rds_name
username = var.rds_username
password = var.rds_password
parameter_group_name = var.rds_parameter_group_name
skip_final_snapshot = var.rds_skip_final_snapshot
publicly_accessible = var.rds_publicly_accessible
vpc_security_group_ids = [aws_security_group.rds_sg.id]
db_subnet_group_name = aws_db_subnet_group.rds_subnet_group.id
}Tip 3: (***)
In order to accomplish terraforming multiple aws instances multiple subnets, we may adopt locals with element as shown below. For more reference, please visit here
locals {
subs = concat([aws_subnet.public_subnet_1.id], [aws_subnet.public_subnet_2.id])
}
resource "aws_instance" "terraform_ec2" {
count = var.ec2_count
ami = var.ec2_ami
instance_type = var.ec2_instance_type
key_name = aws_key_pair.ec2_key.key_name
vpc_security_group_ids = [aws_security_group.ec2_sg.id]
subnet_id = element(local.subs, 2)
associate_public_ip_address = var.associate_public_ip_address_bool
}Tip 4:
publicly_accessible in aws_db_instance must be false since we want to keep our database in the safe side without allowing everyone to log into it from outside of our custom VPC
resource "aws_db_instance" "rds_mysql_instance" {
count = var.rds_mysql_instance_count
allocated_storage = var.rds_allocated_storage
engine = var.rds_engine
engine_version = var.rds_engine_version
instance_class = var.rds_instance_class
name = var.rds_name
username = var.rds_username
password = var.rds_password
parameter_group_name = var.rds_parameter_group_name
skip_final_snapshot = var.rds_skip_final_snapshot
publicly_accessible = var.rds_publicly_accessible
vpc_security_group_ids = [aws_security_group.rds_sg.id]
db_subnet_group_name = aws_db_subnet_group.rds_subnet_group.id
}Tip 5:
Just a quick reminder. In case you want to do self-reference in Security Group definition, you may apply codes below. Though this was not used in our code, it’s worth of learning it. For more reference, please visit here
ingress {
from_port = 0
to_port = 0
protocol = -1
self = true
}Then, we will be creating our variables.tf, terraform.tfvars, outputs.tf as well as terraform.gitignore respectively
vim variables.tf
Notes: Variables’ order follows the order of resouces in vpc.tf file to provide seamless updates
Create the terraform.tfvars file
vim terraform.tfvars
Notes: All variables referred in this file are following the same order in variables.tf file so that updates will be done with ease
Create outputs.tf file
vim outputs.tf
Notes: This is just a template for outputs intended. However, you may follow the pattern to build up your custom VPC’s outputs depending on needs and requirements of your organization
Lastly, we will create terraform.gitignore file
vim terraform.gitignore
Notes: The intention of this file is to ensure the best security practice when using Terraform with Git. All the designated files referred in this file will be masked
Now let us get started for terraforming our AWS VPC — 2 Tiers infrastructure
Terraform init — Start off terraforming
$ terraform initInitializing the backend...Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Finding latest version of hashicorp/tls...
- Installing hashicorp/aws v3.38.0...
- Installed hashicorp/aws v3.38.0 (self-signed, key ID 34365D9472D7468F)
- Installing hashicorp/tls v3.1.0...
- Installed hashicorp/tls v3.1.0 (self-signed, key ID 34365D9472D7468F)Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.htmlTerraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.Terraform has been successfully initialized!You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform validate — validating codes and syntax of our files in the directory
$ terraform validate
Success! The configuration is valid.Notes: In case of any issues shown, we can troubleshoot accordingly
Terraform plan — plan our infrastructure prior to provisioning our infrastructure to follow the best practice of Terrform (be aware of what is out there for you!)
$ terraform planTerraform used the selected providers to generate the following execution plan.
Resource actions are indicated with the following symbols:
+ createTerraform will perform the following actions:# aws_db_instance.rds_mysql_instance[0] will be created
+ resource "aws_db_instance" "rds_mysql_instance" {
+ address = (known after apply)
+ allocated_storage = 10
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = (known after apply)
+ identifier_prefix = (known after apply)
+ instance_class = "db.t3.micro"
+ kms_key_id = (known after apply)
+ latest_restorable_time = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "rdsdb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ snapshot_identifier = (known after apply)
+ status = (known after apply)
+ storage_type = (known after apply)
+ tags_all = (known after apply)
+ timezone = (known after apply)
+ username = "devops"
+ vpc_security_group_ids = (known after apply)
}# aws_db_instance.rds_mysql_instance[1] will be created
+ resource "aws_db_instance" "rds_mysql_instance" {
+ address = (known after apply)
+ allocated_storage = 10
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = (known after apply)
+ identifier_prefix = (known after apply)
+ instance_class = "db.t3.micro"
+ kms_key_id = (known after apply)
+ latest_restorable_time = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "rdsdb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ snapshot_identifier = (known after apply)
+ status = (known after apply)
+ storage_type = (known after apply)
+ tags_all = (known after apply)
+ timezone = (known after apply)
+ username = "devops"
+ vpc_security_group_ids = (known after apply)
}# aws_db_subnet_group.rds_subnet_group will be created
+ resource "aws_db_subnet_group" "rds_subnet_group" {
+ arn = (known after apply)
+ description = "Managed by Terraform"
+ id = (known after apply)
+ name = "rds_subnet_group"
+ name_prefix = (known after apply)
+ subnet_ids = (known after apply)
+ tags = {
+ "Name" = "RDS Mysql subnet group"
}
+ tags_all = {
+ "Name" = "RDS Mysql subnet group"
}
}# aws_eip.eip_1[0] will be created
+ resource "aws_eip" "eip_1" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags_all = (known after apply)
+ vpc = (known after apply)
}# aws_eip.eip_2[0] will be created
+ resource "aws_eip" "eip_2" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags_all = (known after apply)
+ vpc = (known after apply)
}# aws_instance.terraform_ec2[0] will be created
+ resource "aws_instance" "terraform_ec2" {
+ ami = "ami-048f6ed62451373d9"
+ arn = (known after apply)
+ associate_public_ip_address = true
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "terraform_vpc_key"
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}+ enclave_options {
+ enabled = (known after apply)
}+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}# aws_instance.terraform_ec2[1] will be created
+ resource "aws_instance" "terraform_ec2" {
+ ami = "ami-048f6ed62451373d9"
+ arn = (known after apply)
+ associate_public_ip_address = true
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "terraform_vpc_key"
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}+ enclave_options {
+ enabled = (known after apply)
}+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}# aws_internet_gateway.default will be created
+ resource "aws_internet_gateway" "default" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}# aws_key_pair.ec2_key will be created
+ resource "aws_key_pair" "ec2_key" {
+ arn = (known after apply)
+ fingerprint = (known after apply)
+ id = (known after apply)
+ key_name = "terraform_vpc_key"
+ key_pair_id = (known after apply)
+ public_key = (known after apply)
+ tags_all = (known after apply)
}# aws_lb.alb will be created
+ resource "aws_lb" "alb" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_deletion_protection = false
+ enable_http2 = true
+ id = (known after apply)
+ idle_timeout = 60
+ internal = false
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "alb"
+ security_groups = (known after apply)
+ subnets = (known after apply)
+ tags = {
+ "Environment" = "test"
}
+ tags_all = {
+ "Environment" = "test"
}
+ vpc_id = (known after apply)
+ zone_id = (known after apply)+ subnet_mapping {
+ allocation_id = (known after apply)
+ ipv6_address = (known after apply)
+ outpost_id = (known after apply)
+ private_ipv4_address = (known after apply)
+ subnet_id = (known after apply)
}
}# aws_nat_gateway.natgateway_1[0] will be created
+ resource "aws_nat_gateway" "natgateway_1" {
+ allocation_id = (known after apply)
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
}# aws_nat_gateway.natgateway_2[0] will be created
+ resource "aws_nat_gateway" "natgateway_2" {
+ allocation_id = (known after apply)
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
}# aws_route_table.nategateway_route_table_1[0] will be created
+ resource "aws_route_table" "nategateway_route_table_1" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = ""
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = (known after apply)
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "tagkey_name_natgateway_route_table_1"
}
+ tags_all = {
+ "Name" = "tagkey_name_natgateway_route_table_1"
}
+ vpc_id = (known after apply)
}# aws_route_table.nategateway_route_table_2[0] will be created
+ resource "aws_route_table" "nategateway_route_table_2" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = ""
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = (known after apply)
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "tagkey_name_natgateway_route_table_2"
}
+ tags_all = {
+ "Name" = "tagkey_name_natgateway_route_table_2"
}
+ vpc_id = (known after apply)
}# aws_route_table.public_subnet_1_to_internet will be created
+ resource "aws_route_table" "public_subnet_1_to_internet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "public_route_table_1"
}
+ tags_all = {
+ "Name" = "public_route_table_1"
}
+ vpc_id = (known after apply)
}# aws_route_table.public_subnet_2_to_internet will be created
+ resource "aws_route_table" "public_subnet_2_to_internet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "public_route_table_2"
}
+ tags_all = {
+ "Name" = "public_route_table_2"
}
+ vpc_id = (known after apply)
}# aws_route_table_association.internet_for_public_subnet_1 will be created
+ resource "aws_route_table_association" "internet_for_public_subnet_1" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.internet_for_public_subnet_2 will be created
+ resource "aws_route_table_association" "internet_for_public_subnet_2" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.private_subnet_1_to_natgateway[0] will be created
+ resource "aws_route_table_association" "private_subnet_1_to_natgateway" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.private_subnet_2_to_natgateway[0] will be created
+ resource "aws_route_table_association" "private_subnet_2_to_natgateway" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_security_group.ec2_sg will be created
+ resource "aws_security_group" "ec2_sg" {
+ arn = (known after apply)
+ description = "security group of ec2"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "72.137.76.221/32",
]
+ description = "SSH"
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
]
+ name = "ec2_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "ec_sg"
}
+ tags_all = {
+ "Name" = "ec_sg"
}
+ vpc_id = (known after apply)
}# aws_security_group.rds_sg will be created
+ resource "aws_security_group" "rds_sg" {
+ arn = (known after apply)
+ description = "security group of rds mysql"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = (known after apply)
+ description = "MySQL"
+ from_port = 3306
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 3306
},
]
+ name = "rds_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "rds_sg"
}
+ tags_all = {
+ "Name" = "rds_sg"
}
+ vpc_id = (known after apply)
}# aws_subnet.private_subnet_1 will be created
+ resource "aws_subnet" "private_subnet_1" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.3.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "private_subnet_1_name"
}
+ tags_all = {
+ "Name" = "private_subnet_1_name"
}
+ vpc_id = (known after apply)
}# aws_subnet.private_subnet_2 will be created
+ resource "aws_subnet" "private_subnet_2" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.4.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "private_subnet_2_name"
}
+ tags_all = {
+ "Name" = "private_subnet_2_name"
}
+ vpc_id = (known after apply)
}# aws_subnet.public_subnet_1 will be created
+ resource "aws_subnet" "public_subnet_1" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.1.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "public_subnet_name_1"
}
+ tags_all = {
+ "Name" = "public_subnet_name_1"
}
+ vpc_id = (known after apply)
}# aws_subnet.public_subnet_2 will be created
+ resource "aws_subnet" "public_subnet_2" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.2.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "mytest_public_subnet_name_2"
}
+ tags_all = {
+ "Name" = "mytest_public_subnet_name_2"
}
+ vpc_id = (known after apply)
}# aws_vpc.terraform_vpc will be created
+ resource "aws_vpc" "terraform_vpc" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = false
+ cidr_block = "10.0.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_classiclink = (known after apply)
+ enable_classiclink_dns_support = (known after apply)
+ enable_dns_hostnames = (known after apply)
+ enable_dns_support = true
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "terraform_vpc"
}
+ tags_all = {
+ "Name" = "terraform_vpc"
}
}# tls_private_key.public_key will be created
+ resource "tls_private_key" "public_key" {
+ algorithm = "RSA"
+ ecdsa_curve = "P224"
+ id = (known after apply)
+ private_key_pem = (sensitive value)
+ public_key_fingerprint_md5 = (known after apply)
+ public_key_openssh = (known after apply)
+ public_key_pem = (known after apply)
+ rsa_bits = 4096
}Plan: 28 to add, 0 to change, 0 to destroy.Changes to Outputs:
+ alb = {
+ access_logs = []
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ customer_owned_ipv4_pool = null
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_cross_zone_load_balancing = null
+ enable_deletion_protection = false
+ enable_http2 = true
+ id = (known after apply)
+ idle_timeout = 60
+ internal = false
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "alb"
+ name_prefix = null
+ security_groups = (known after apply)
+ subnet_mapping = (known after apply)
+ subnets = (known after apply)
+ tags = {
+ "Environment" = "test"
}
+ tags_all = {
+ "Environment" = "test"
}
+ timeouts = null
+ vpc_id = (known after apply)
+ zone_id = (known after apply)
}
+ private_subnet_1 = "10.0.3.0/24"
+ public_subnet_1 = "10.0.1.0/24"
+ public_subnet_2 = "10.0.2.0/24"
+ rds_instance_type = "db.t3.micro"
+ vpc = "10.0.0.0/16"───────────────────────────────────────────────────────────────────────────────Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.
Time for the magic!
Terraform apply — double check all resources prior to typing yes to proceed
$ terraform applyTerraform used the selected providers to generate the following execution plan.
Resource actions are indicated with the following symbols:
+ createTerraform will perform the following actions:# aws_db_instance.rds_mysql_instance[0] will be created
+ resource "aws_db_instance" "rds_mysql_instance" {
+ address = (known after apply)
+ allocated_storage = 10
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = (known after apply)
+ identifier_prefix = (known after apply)
+ instance_class = "db.t3.micro"
+ kms_key_id = (known after apply)
+ latest_restorable_time = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "rdsdb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ snapshot_identifier = (known after apply)
+ status = (known after apply)
+ storage_type = (known after apply)
+ tags_all = (known after apply)
+ timezone = (known after apply)
+ username = "devops"
+ vpc_security_group_ids = (known after apply)
}# aws_db_instance.rds_mysql_instance[1] will be created
+ resource "aws_db_instance" "rds_mysql_instance" {
+ address = (known after apply)
+ allocated_storage = 10
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = (known after apply)
+ identifier_prefix = (known after apply)
+ instance_class = "db.t3.micro"
+ kms_key_id = (known after apply)
+ latest_restorable_time = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "rdsdb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ snapshot_identifier = (known after apply)
+ status = (known after apply)
+ storage_type = (known after apply)
+ tags_all = (known after apply)
+ timezone = (known after apply)
+ username = "devops"
+ vpc_security_group_ids = (known after apply)
}# aws_db_subnet_group.rds_subnet_group will be created
+ resource "aws_db_subnet_group" "rds_subnet_group" {
+ arn = (known after apply)
+ description = "Managed by Terraform"
+ id = (known after apply)
+ name = "rds_subnet_group"
+ name_prefix = (known after apply)
+ subnet_ids = (known after apply)
+ tags = {
+ "Name" = "RDS Mysql subnet group"
}
+ tags_all = {
+ "Name" = "RDS Mysql subnet group"
}
}# aws_eip.eip_1[0] will be created
+ resource "aws_eip" "eip_1" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags_all = (known after apply)
+ vpc = (known after apply)
}# aws_eip.eip_2[0] will be created
+ resource "aws_eip" "eip_2" {
+ allocation_id = (known after apply)
+ association_id = (known after apply)
+ carrier_ip = (known after apply)
+ customer_owned_ip = (known after apply)
+ domain = (known after apply)
+ id = (known after apply)
+ instance = (known after apply)
+ network_border_group = (known after apply)
+ network_interface = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ public_ipv4_pool = (known after apply)
+ tags_all = (known after apply)
+ vpc = (known after apply)
}# aws_instance.terraform_ec2[0] will be created
+ resource "aws_instance" "terraform_ec2" {
+ ami = "ami-048f6ed62451373d9"
+ arn = (known after apply)
+ associate_public_ip_address = true
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "terraform_vpc_key"
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}+ enclave_options {
+ enabled = (known after apply)
}+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}# aws_instance.terraform_ec2[1] will be created
+ resource "aws_instance" "terraform_ec2" {
+ ami = "ami-048f6ed62451373d9"
+ arn = (known after apply)
+ associate_public_ip_address = true
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = "terraform_vpc_key"
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
+ tenancy = (known after apply)
+ vpc_security_group_ids = (known after apply)+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}+ enclave_options {
+ enabled = (known after apply)
}+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}# aws_internet_gateway.default will be created
+ resource "aws_internet_gateway" "default" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ tags_all = (known after apply)
+ vpc_id = (known after apply)
}# aws_key_pair.ec2_key will be created
+ resource "aws_key_pair" "ec2_key" {
+ arn = (known after apply)
+ fingerprint = (known after apply)
+ id = (known after apply)
+ key_name = "terraform_vpc_key"
+ key_pair_id = (known after apply)
+ public_key = (known after apply)
+ tags_all = (known after apply)
}# aws_lb.alb will be created
+ resource "aws_lb" "alb" {
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_deletion_protection = false
+ enable_http2 = true
+ id = (known after apply)
+ idle_timeout = 60
+ internal = false
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "alb"
+ security_groups = (known after apply)
+ subnets = (known after apply)
+ tags = {
+ "Environment" = "test"
}
+ tags_all = {
+ "Environment" = "test"
}
+ vpc_id = (known after apply)
+ zone_id = (known after apply)+ subnet_mapping {
+ allocation_id = (known after apply)
+ ipv6_address = (known after apply)
+ outpost_id = (known after apply)
+ private_ipv4_address = (known after apply)
+ subnet_id = (known after apply)
}
}# aws_nat_gateway.natgateway_1[0] will be created
+ resource "aws_nat_gateway" "natgateway_1" {
+ allocation_id = (known after apply)
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
}# aws_nat_gateway.natgateway_2[0] will be created
+ resource "aws_nat_gateway" "natgateway_2" {
+ allocation_id = (known after apply)
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
+ tags_all = (known after apply)
}# aws_route_table.nategateway_route_table_1[0] will be created
+ resource "aws_route_table" "nategateway_route_table_1" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = ""
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = (known after apply)
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "tagkey_name_natgateway_route_table_1"
}
+ tags_all = {
+ "Name" = "tagkey_name_natgateway_route_table_1"
}
+ vpc_id = (known after apply)
}# aws_route_table.nategateway_route_table_2[0] will be created
+ resource "aws_route_table" "nategateway_route_table_2" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = ""
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = (known after apply)
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "tagkey_name_natgateway_route_table_2"
}
+ tags_all = {
+ "Name" = "tagkey_name_natgateway_route_table_2"
}
+ vpc_id = (known after apply)
}# aws_route_table.public_subnet_1_to_internet will be created
+ resource "aws_route_table" "public_subnet_1_to_internet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "public_route_table_1"
}
+ tags_all = {
+ "Name" = "public_route_table_1"
}
+ vpc_id = (known after apply)
}# aws_route_table.public_subnet_2_to_internet will be created
+ resource "aws_route_table" "public_subnet_2_to_internet" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner_id = (known after apply)
+ propagating_vgws = (known after apply)
+ route = [
+ {
+ carrier_gateway_id = ""
+ cidr_block = "0.0.0.0/0"
+ destination_prefix_list_id = ""
+ egress_only_gateway_id = ""
+ gateway_id = (known after apply)
+ instance_id = ""
+ ipv6_cidr_block = ""
+ local_gateway_id = ""
+ nat_gateway_id = ""
+ network_interface_id = ""
+ transit_gateway_id = ""
+ vpc_endpoint_id = ""
+ vpc_peering_connection_id = ""
},
]
+ tags = {
+ "Name" = "public_route_table_2"
}
+ tags_all = {
+ "Name" = "public_route_table_2"
}
+ vpc_id = (known after apply)
}# aws_route_table_association.internet_for_public_subnet_1 will be created
+ resource "aws_route_table_association" "internet_for_public_subnet_1" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.internet_for_public_subnet_2 will be created
+ resource "aws_route_table_association" "internet_for_public_subnet_2" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.private_subnet_1_to_natgateway[0] will be created
+ resource "aws_route_table_association" "private_subnet_1_to_natgateway" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_route_table_association.private_subnet_2_to_natgateway[0] will be created
+ resource "aws_route_table_association" "private_subnet_2_to_natgateway" {
+ id = (known after apply)
+ route_table_id = (known after apply)
+ subnet_id = (known after apply)
}# aws_security_group.ec2_sg will be created
+ resource "aws_security_group" "ec2_sg" {
+ arn = (known after apply)
+ description = "security group of ec2"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = [
+ "72.137.76.221/32",
]
+ description = "SSH"
+ from_port = 22
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 22
},
]
+ name = "ec2_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "ec_sg"
}
+ tags_all = {
+ "Name" = "ec_sg"
}
+ vpc_id = (known after apply)
}# aws_security_group.rds_sg will be created
+ resource "aws_security_group" "rds_sg" {
+ arn = (known after apply)
+ description = "security group of rds mysql"
+ egress = [
+ {
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = []
+ self = false
+ to_port = 0
},
]
+ id = (known after apply)
+ ingress = [
+ {
+ cidr_blocks = (known after apply)
+ description = "MySQL"
+ from_port = 3306
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = 3306
},
]
+ name = "rds_sg"
+ name_prefix = (known after apply)
+ owner_id = (known after apply)
+ revoke_rules_on_delete = false
+ tags = {
+ "Name" = "rds_sg"
}
+ tags_all = {
+ "Name" = "rds_sg"
}
+ vpc_id = (known after apply)
}# aws_subnet.private_subnet_1 will be created
+ resource "aws_subnet" "private_subnet_1" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1a"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.3.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "private_subnet_1_name"
}
+ tags_all = {
+ "Name" = "private_subnet_1_name"
}
+ vpc_id = (known after apply)
}# aws_subnet.private_subnet_2 will be created
+ resource "aws_subnet" "private_subnet_2" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-east-1b"
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.4.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "private_subnet_2_name"
}
+ tags_all = {
+ "Name" = "private_subnet_2_name"
}
+ vpc_id = (known after apply)
}# aws_subnet.public_subnet_1 will be created
+ resource "aws_subnet" "public_subnet_1" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.1.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "public_subnet_name_1"
}
+ tags_all = {
+ "Name" = "public_subnet_name_1"
}
+ vpc_id = (known after apply)
}# aws_subnet.public_subnet_2 will be created
+ resource "aws_subnet" "public_subnet_2" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = (known after apply)
+ availability_zone_id = (known after apply)
+ cidr_block = "10.0.2.0/24"
+ id = (known after apply)
+ ipv6_cidr_block_association_id = (known after apply)
+ map_public_ip_on_launch = false
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "mytest_public_subnet_name_2"
}
+ tags_all = {
+ "Name" = "mytest_public_subnet_name_2"
}
+ vpc_id = (known after apply)
}# aws_vpc.terraform_vpc will be created
+ resource "aws_vpc" "terraform_vpc" {
+ arn = (known after apply)
+ assign_generated_ipv6_cidr_block = false
+ cidr_block = "10.0.0.0/16"
+ default_network_acl_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_group_id = (known after apply)
+ dhcp_options_id = (known after apply)
+ enable_classiclink = (known after apply)
+ enable_classiclink_dns_support = (known after apply)
+ enable_dns_hostnames = (known after apply)
+ enable_dns_support = true
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_association_id = (known after apply)
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Name" = "terraform_vpc"
}
+ tags_all = {
+ "Name" = "terraform_vpc"
}
}# tls_private_key.public_key will be created
+ resource "tls_private_key" "public_key" {
+ algorithm = "RSA"
+ ecdsa_curve = "P224"
+ id = (known after apply)
+ private_key_pem = (sensitive value)
+ public_key_fingerprint_md5 = (known after apply)
+ public_key_openssh = (known after apply)
+ public_key_pem = (known after apply)
+ rsa_bits = 4096
}Plan: 28 to add, 0 to change, 0 to destroy.Changes to Outputs:
+ alb = {
+ access_logs = []
+ arn = (known after apply)
+ arn_suffix = (known after apply)
+ customer_owned_ipv4_pool = null
+ dns_name = (known after apply)
+ drop_invalid_header_fields = false
+ enable_cross_zone_load_balancing = null
+ enable_deletion_protection = false
+ enable_http2 = true
+ id = (known after apply)
+ idle_timeout = 60
+ internal = false
+ ip_address_type = (known after apply)
+ load_balancer_type = "application"
+ name = "alb"
+ name_prefix = null
+ security_groups = (known after apply)
+ subnet_mapping = (known after apply)
+ subnets = (known after apply)
+ tags = {
+ "Environment" = "test"
}
+ tags_all = {
+ "Environment" = "test"
}
+ timeouts = null
+ vpc_id = (known after apply)
+ zone_id = (known after apply)
}
+ private_subnet_1 = "10.0.3.0/24"
+ public_subnet_1 = "10.0.1.0/24"
+ public_subnet_2 = "10.0.2.0/24"
+ rds_instance_type = "db.t3.micro"
+ vpc = "10.0.0.0/16"Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.Enter a value: yestls_private_key.public_key: Creating...
aws_eip.eip_1[0]: Creating...
aws_eip.eip_2[0]: Creating...
aws_vpc.terraform_vpc: Creating...
tls_private_key.public_key: Creation complete after 2s [id=e6918d443f51c9d4bf59ee4a6c417aa92035b376]
aws_key_pair.ec2_key: Creating...
aws_eip.eip_2[0]: Creation complete after 1s [id=eipalloc-0cb9d6211858f3fb0]
aws_eip.eip_1[0]: Creation complete after 1s [id=eipalloc-03d293570f19b3b54]
aws_key_pair.ec2_key: Creation complete after 0s [id=terraform_vpc_key]
aws_vpc.terraform_vpc: Creation complete after 3s [id=vpc-0f77a2db4b3b3d469]
aws_subnet.private_subnet_2: Creating...
aws_subnet.private_subnet_1: Creating...
aws_subnet.public_subnet_2: Creating...
aws_internet_gateway.default: Creating...
aws_subnet.public_subnet_1: Creating...
aws_security_group.ec2_sg: Creating...
aws_subnet.public_subnet_2: Creation complete after 1s [id=subnet-04094ea011aac87bb]
aws_nat_gateway.natgateway_2[0]: Creating...
aws_subnet.private_subnet_2: Creation complete after 1s [id=subnet-0d463e4c9647ee828]
aws_subnet.private_subnet_1: Creation complete after 1s [id=subnet-06b96e4743d478b4c]
aws_db_subnet_group.rds_subnet_group: Creating...
aws_internet_gateway.default: Creation complete after 2s [id=igw-016643a339cc29c0b]
aws_route_table.public_subnet_2_to_internet: Creating...
aws_route_table.public_subnet_1_to_internet: Creating...
aws_subnet.public_subnet_1: Creation complete after 2s [id=subnet-049ef2037a68b79ef]
aws_nat_gateway.natgateway_1[0]: Creating...
aws_route_table.public_subnet_1_to_internet: Creation complete after 1s [id=rtb-0e85365d579595a23]
aws_route_table_association.internet_for_public_subnet_1: Creating...
aws_route_table.public_subnet_2_to_internet: Creation complete after 1s [id=rtb-056fd797e3d1fc3f3]
aws_route_table_association.internet_for_public_subnet_2: Creating...
aws_db_subnet_group.rds_subnet_group: Creation complete after 2s [id=rds_subnet_group]
aws_route_table_association.internet_for_public_subnet_2: Creation complete after 0s [id=rtbassoc-04eb9997701d52947]
aws_security_group.ec2_sg: Creation complete after 3s [id=sg-077fb8e2e41085176]
aws_route_table_association.internet_for_public_subnet_1: Creation complete after 0s [id=rtbassoc-0f5a5e465c22b3073]
aws_instance.terraform_ec2[1]: Creating...
aws_instance.terraform_ec2[0]: Creating...
aws_lb.alb: Creating...
aws_nat_gateway.natgateway_2[0]: Still creating... [10s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [10s elapsed]
aws_lb.alb: Still creating... [10s elapsed]
aws_instance.terraform_ec2[1]: Still creating... [10s elapsed]
aws_instance.terraform_ec2[0]: Still creating... [10s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [20s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [20s elapsed]
aws_instance.terraform_ec2[0]: Still creating... [20s elapsed]
aws_lb.alb: Still creating... [20s elapsed]
aws_instance.terraform_ec2[1]: Still creating... [20s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [30s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [30s elapsed]
aws_instance.terraform_ec2[1]: Still creating... [30s elapsed]
aws_instance.terraform_ec2[0]: Still creating... [30s elapsed]
aws_lb.alb: Still creating... [30s elapsed]
aws_instance.terraform_ec2[1]: Creation complete after 35s [id=i-02b517cee6406aff3]
aws_nat_gateway.natgateway_2[0]: Still creating... [40s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [40s elapsed]
aws_lb.alb: Still creating... [40s elapsed]
aws_instance.terraform_ec2[0]: Still creating... [40s elapsed]
aws_instance.terraform_ec2[0]: Creation complete after 45s [id=i-0edaf42e00a692bf7]
aws_security_group.rds_sg: Creating...
aws_security_group.rds_sg: Creation complete after 3s [id=sg-02b699909ddcc1c3b]
aws_db_instance.rds_mysql_instance[1]: Creating...
aws_db_instance.rds_mysql_instance[0]: Creating...
aws_nat_gateway.natgateway_2[0]: Still creating... [50s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [50s elapsed]
aws_lb.alb: Still creating... [50s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [10s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m0s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [1m0s elapsed]
aws_lb.alb: Still creating... [1m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [20s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [20s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m10s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [1m10s elapsed]
aws_lb.alb: Still creating... [1m10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [30s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m20s elapsed]
aws_nat_gateway.natgateway_1[0]: Still creating... [1m20s elapsed]
aws_lb.alb: Still creating... [1m20s elapsed]
aws_nat_gateway.natgateway_1[0]: Creation complete after 1m29s [id=nat-02be26a33d89bcc79]
aws_route_table.nategateway_route_table_1[0]: Creating...
aws_db_instance.rds_mysql_instance[1]: Still creating... [40s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [40s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m30s elapsed]
aws_route_table.nategateway_route_table_1[0]: Creation complete after 1s [id=rtb-0696f7a804e0bea29]
aws_route_table_association.private_subnet_1_to_natgateway[0]: Creating...
aws_route_table_association.private_subnet_1_to_natgateway[0]: Creation complete after 1s [id=rtbassoc-0bd3ec2c0ee774107]
aws_lb.alb: Still creating... [1m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [50s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [50s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m40s elapsed]
aws_lb.alb: Still creating... [1m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m0s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m0s elapsed]
aws_nat_gateway.natgateway_2[0]: Still creating... [1m50s elapsed]
aws_nat_gateway.natgateway_2[0]: Creation complete after 1m50s [id=nat-01fbf47dc8755aa36]
aws_route_table.nategateway_route_table_2[0]: Creating...
aws_route_table.nategateway_route_table_2[0]: Creation complete after 2s [id=rtb-0f7e2bcfb370ed4b2]
aws_route_table_association.private_subnet_2_to_natgateway[0]: Creating...
aws_route_table_association.private_subnet_2_to_natgateway[0]: Creation complete after 0s [id=rtbassoc-0c971b8193d18740f]
aws_lb.alb: Still creating... [1m50s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m10s elapsed]
aws_lb.alb: Still creating... [2m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m20s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m20s elapsed]
aws_lb.alb: Still creating... [2m10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m30s elapsed]
aws_lb.alb: Still creating... [2m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m40s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m40s elapsed]
aws_lb.alb: Still creating... [2m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [1m50s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [1m50s elapsed]
aws_lb.alb: Still creating... [2m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m0s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m0s elapsed]
aws_lb.alb: Still creating... [2m50s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m10s elapsed]
aws_lb.alb: Still creating... [3m0s elapsed]
aws_lb.alb: Creation complete after 3m7s [id=arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m20s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m40s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [2m50s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still creating... [2m50s elapsed]
aws_db_instance.rds_mysql_instance[0]: Creation complete after 2m58s [id=terraform-20210503165502861400000002]
aws_db_instance.rds_mysql_instance[1]: Still creating... [3m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [3m10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [3m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [3m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still creating... [3m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Creation complete after 3m50s [id=terraform-20210503165502853900000001]Apply complete! Resources: 28 added, 0 changed, 0 destroyed.Outputs:alb = {
"access_logs" = tolist([
{
"bucket" = ""
"enabled" = false
"prefix" = ""
},
])
"arn" = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda"
"arn_suffix" = "app/alb/bac91d6e78ce3bda"
"customer_owned_ipv4_pool" = ""
"dns_name" = "alb-1449855605.us-east-1.elb.amazonaws.com"
"drop_invalid_header_fields" = false
"enable_cross_zone_load_balancing" = tobool(null)
"enable_deletion_protection" = false
"enable_http2" = true
"id" = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda"
"idle_timeout" = 60
"internal" = false
"ip_address_type" = "ipv4"
"load_balancer_type" = "application"
"name" = "alb"
"name_prefix" = tostring(null)
"security_groups" = toset([
"sg-077fb8e2e41085176",
])
"subnet_mapping" = toset([
{
"allocation_id" = ""
"ipv6_address" = ""
"outpost_id" = ""
"private_ipv4_address" = ""
"subnet_id" = "subnet-04094ea011aac87bb"
},
{
"allocation_id" = ""
"ipv6_address" = ""
"outpost_id" = ""
"private_ipv4_address" = ""
"subnet_id" = "subnet-049ef2037a68b79ef"
},
])
"subnets" = toset([
"subnet-04094ea011aac87bb",
"subnet-049ef2037a68b79ef",
])
"tags" = tomap({
"Environment" = "test"
})
"tags_all" = tomap({
"Environment" = "test"
})
"timeouts" = null /* object */
"vpc_id" = "vpc-0f77a2db4b3b3d469"
"zone_id" = "Z35SXDOTRQ7X7K"
}
private_subnet_1 = "10.0.3.0/24"
public_subnet_1 = "10.0.1.0/24"
public_subnet_2 = "10.0.2.0/24"
rds_instance_type = "db.t3.micro"
vpc = "10.0.0.0/16"
For your convience, terraforming AWS VPC — 2 Tier repo is provided here
Now let us cross check resouces created in AWS console
Heading VPC page and locate custom vpc named terraform_vpc
On Subnets page, locate 2 public subnets and 2 private subnets highlighted
On Route Table page, locate 5 route tables. But why 5 not 4 since we created 4 route tables in our vpc.tf file. The fifth one is the main route table created for our VPC as the main route table
On Internet Gateway page, locate igw created and it’s attached to vpc created
On Elastic IPs page, locate 2 EIPs since we created both for high availability
Network ACLs was created automatically for us though we did not provision one in our file
On Security Group page, locate 2 custom sg created along with one default sg
Heading to EC2 page, locate 2 instances created for high availability as well
On Key Pairs page, locate our keypair named terraform_vpc_key
On Load Balancers page, locate the alb created
Heading to RDS page, locate 2 rds instances created
As all resources cross checked, we will attempt to login to our rds through ec2 instance we created
Heading to EC2 page and select either one of the two EC2 instances created
Select Connect
On Connect page, ready to log into EC2
Notes: Here is the catch. How could we locate and manage our EC2 Key Pair since we created it using Terraform
Here’re the meats!
Terraform uses a state file to store all resouces created, so we can grep it from the file as shown below
$ cat terraform.tfstate | grep -i private_key_pem
"private_key_pem": "-----BEGIN RSA PRIVATE KEY-----\nMIIJKQIBAAKCAgEAxpHBCu14eMa7sZALF8QH+Z6mu9vWx0rX5eLU+RvSE9CajbGu\nvK0njGPw1bGG21WMzhwgJ/GDq1OZqD/xhdRw3vjk8ojAYCa0My4FL1jG0WHstgOk\nSYW44T0cfdbwVVObxE/RXP/iohdVU7LX31REpSwjV6IccxKIwPsFd0BFOcxhaE4L\nRv7wG14yWCHYFv5iomKg8arNKXBG5EIF0SbKiKWaFumCGF6xQoqbeEQ05svLqY3e\nouOMJrJNLwdIkqI83pMrk4ioxtG0PKhwNWminqZDCpnwBM8nLeP1sg+Sb7Q8IB+Y\nt/pUyxjZENYoVI4gsAmlNb+sd5HSBEyO0hWOb7fX0CxGp6PZxTBiaN8rNZYTQoCf\nyfym76MxqoTi/J0jE/moUQtvMRDNYRl2BDb9kfsoZSFOrFwSK+Bb0RWuhA2KGaax\nIgf3+ZZPcBPbOI//6Je0rQx+hF4O42QDMx/UPNf83r1PCmzcO3IsMzl75juuX5F5\nHf6YvIDFksAmQRo8orQlDOOWUL+yhznc0JGEq3u87MbGrnUiWgd5p/w9uO9ocMrP\nznt4mQZ33EU5/2YxrVjbfKUJX3q4uFgstq3Ng5n/Jd4rPFEnHNnXBE/VAUIYOvXp\nOPTRijTyQNl8VJv52p0yQ7OroYCi9bUzU4VKKNpyojxgIvMOw8fVW4ZMoLkCAwEA\nAQKCAgAmWJ9e7N0G9dnpQFfkDwc7PVgVjy667ckjq9pVAPpguTgfhOCprwakJeis\nW8wfLzYx11yeWhWDUHGr/C04Gv5xEL+l1qLP7ql9+LUnn41FghOkUq+3Qwug85w8\n8PUYhTzffEqCGyg5BSiFMVRe3HclLpDkq3my/zFJkzBLBy5XKxDkg63J2BGmN1qh\nimegiR+jHEjYYpOcHQKTsexNp6AVI2XOZumoqyCwKPQ9FW7h4xlBdRQ5gJfgIS6m\nllF9f7chhGo14340ZurXi++fYPb2jEUGFxQy2Y5HXm5kJH2y9KtnyLJFVSJq1jGU\n/sZrDcdiN3qgFpPHw3E7Q02RZHhM45eNfUDgNTu940/NbLXt3DGpvCcf08bkkfmA\nJXKxzHrgu4KOOyUHs9NfQRIpTfCIJq+MG56Iio9CsMO9ABhjFYpUMG5+mk0hrtG+\nC79HG21IKkjjFO/08KC2pYKL5seK8BV9dQOcocsMX7nmMB8ImTxaM9AIiMVCUjKi\nIAGVR99+s+vxmfrdsLhQRzlpCpuXXwc9o8Qr2ePrfw+d6O4HmmDbHs/jAxij6F+E\nQOP84Hhf/MC23oK/M6RfOQZWpvZA7KIXPFL4ywbROmyNwwlxhbx83ZaPouHqVYvl\nkux/KeE4AiZrsq0ivcMLZHp9jQDM6gfy7jrOE7anvyZ0vrjDwQKCAQEA7BRqWqVM\nmDVuZ/HXYTJFKvYSh2MlG8N0WzwmYVvSuhDtAbrNfFHE+VG8m13NYNGnFIJLXd/6\nrmRX4AF/1H32C8hcVcVcCLWXgs/9FzCkbJLP9B5WUf5z6sLKx93r8maljLMJYTUi\nbK9rWt+15N4du0Dr0f8D/baTu42mSg/E7OYMB4b+6lE6m6YR4+amGrmzF7Cg8iyn\nzAAwiCf6cm7HLUJAMSuuvuoTo/CP4eqw4JamJaAdZdeOJpILoVNCyXzFasZt/QGc\nmNc8wx0efnLsbqMy2p4PFHj0pW1Q4CB6fuEUNVvyrFRCgeHtESAWiwYIQ9F9t72y\nzfOu83PkNrQQkwKCAQEA11MSi8HFZlflhxxoIvYi3QuXQlzEDRdrPknxjPo7tDXP\nIe9COub+MsS5HZ72bhV2kWAjPyvwmsAB9TgOgc8TELJU4tQqy5AjXykZtn2I6wYb\nEzjcHNNdJDbpjl3i+9djCJwWhdRKRziAQeR7L52bWSq2aib/7yC4o8iA9YcBU25n\nrV9667+XXONV87PQaRsxdeBZM2RPMgnHso2c3BhmbDaVlTYMlNY6R5jX3nNGqhIe\nZgeEKFhgkoqfLIrQgf27Npq0ByVQJRAxnwYchYFh3oBOdN9ygSoJRe0/nRRI/lfY\nyPYTrTC/ixjhASos97XZKxURTF3moKQSxTS5jXY1AwKCAQEAim4qMv7sm+/wznis\nH61Xi6qBEOxdDRueNgVeSAaM2Vglcbc02Oolw0BfhQcK7/PfshH42ZIFr47dTFf0\nuggmZ6BULGMu5Vh+AFGviZKXR6cK042adjfrhsQ0HeCOgzQXbRpqrJp4lhyCqeW2\nBf8Mlgmqfhe4ImSV2gtkb9cxVOxML3nELmf1IuHNacKMse0kDAchSQBQYDnYO26d\n184Hcw1/EJYZwI8Hd0EPTZzNnNQZlsR9mIM+MnW+5hkpd3Z3WHYEdrAkQCct1QdV\nIzaGVxXRMwots4Z9hidEnjfNPGsE64kAEnbSDNEKrtkO/vRJkmLcAgr1NvjmJJFX\nR5BsiwKCAQAzWK/3e8Gi4hrt2SxMCf3OUFFFlfF6XbdJJ0DeqV1LX/mA0hktCqBb\nYuXx1lJVdfDMQeylx8icXmUZIMD023hkZuIvJQD/geOtcZOcHNtlkBMsxkZW6WAw\nnpebR3A1Net7xhzo1PLRgPu0utNVS3QcEz9kmOA3Gcpt5AY8hnEegBlhEn+xcAKc\nN+nrL1nndoCY52LeCnGIMSTZw0NAiOEDtRB+gGEHrP5AzIXNmhejvqZZFjnBlTGS\nQFQsvv1xwhu+ra14dsFh1TbAASkT/QJlmJsc65vWiTuk3SpqPsgZPsGHSobuqc1D\nUi91o6UNfOPIjkGNwGaasAV52VTWEvYZAoIBAQDRJGv9RVxj13TTpL2H2vz4WWKS\nQ4Fp+Y9oMscGoyr3ePevw1OCUr1P52iB7N+BfuT/kLaI5z5p+uhgolcf9fg/+Sm1\nNhaDyc52Jkvog/RVoI67ZUoZtD17q0mdNMjZCxQnYRdzGp+lipmAd7hAAjv9PHTi\nWD/9xQXnM3XpBGX8ilVha7x24pWhCV5bo6V+Bp8Q+yT9OrqwN+wvzeA0wNmMwtda\nVb2iMz1vJYaALy8WNAjSb5zdFOlOOwI2JTBtSWgN92mc21lA/LsKfMMRGczBjohX\n1kkXHqE52KE0S4jtC5Ko7cr5nXmb1Hnm8HPCg3B0JYjj79XgDRVinZ8wRpnZ\n-----END RSA PRIVATE KEY-----\n",Boy! It consists of a whole bunch of \n , how could we reformat Key Pair?
Don’t worry, Code Editors such as Notepad may answer your call :)
For free download of it, please visit here
Here’s the trick to manage it
Copying everything into Nodepad ++ as shown below
Notes: You need to copy from — — -BEGIN RSA PRIVATE KEY — — - to — — -END RSA PRIVATE KEY — — -\n with double quotes. Then, press CTRL + F
******Super important Key Pair Management****
As show above, in find what, you need to type in \\n and in replace with, you need to type in \r\n , which means we delete \n, then start a new line
Now Replace All, magic is done as shown below
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAxpHBCu14eMa7sZALF8QH+Z6mu9vWx0rX5eLU+RvSE9CajbGu
vK0njGPw1bGG21WMzhwgJ/GDq1OZqD/xhdRw3vjk8ojAYCa0My4FL1jG0WHstgOk
SYW44T0cfdbwVVObxE/RXP/iohdVU7LX31REpSwjV6IccxKIwPsFd0BFOcxhaE4L
Rv7wG14yWCHYFv5iomKg8arNKXBG5EIF0SbKiKWaFumCGF6xQoqbeEQ05svLqY3e
ouOMJrJNLwdIkqI83pMrk4ioxtG0PKhwNWminqZDCpnwBM8nLeP1sg+Sb7Q8IB+Y
t/pUyxjZENYoVI4gsAmlNb+sd5HSBEyO0hWOb7fX0CxGp6PZxTBiaN8rNZYTQoCf
yfym76MxqoTi/J0jE/moUQtvMRDNYRl2BDb9kfsoZSFOrFwSK+Bb0RWuhA2KGaax
Igf3+ZZPcBPbOI//6Je0rQx+hF4O42QDMx/UPNf83r1PCmzcO3IsMzl75juuX5F5
Hf6YvIDFksAmQRo8orQlDOOWUL+yhznc0JGEq3u87MbGrnUiWgd5p/w9uO9ocMrP
znt4mQZ33EU5/2YxrVjbfKUJX3q4uFgstq3Ng5n/Jd4rPFEnHNnXBE/VAUIYOvXp
OPTRijTyQNl8VJv52p0yQ7OroYCi9bUzU4VKKNpyojxgIvMOw8fVW4ZMoLkCAwEA
AQKCAgAmWJ9e7N0G9dnpQFfkDwc7PVgVjy667ckjq9pVAPpguTgfhOCprwakJeis
W8wfLzYx11yeWhWDUHGr/C04Gv5xEL+l1qLP7ql9+LUnn41FghOkUq+3Qwug85w8
8PUYhTzffEqCGyg5BSiFMVRe3HclLpDkq3my/zFJkzBLBy5XKxDkg63J2BGmN1qh
imegiR+jHEjYYpOcHQKTsexNp6AVI2XOZumoqyCwKPQ9FW7h4xlBdRQ5gJfgIS6m
llF9f7chhGo14340ZurXi++fYPb2jEUGFxQy2Y5HXm5kJH2y9KtnyLJFVSJq1jGU
/sZrDcdiN3qgFpPHw3E7Q02RZHhM45eNfUDgNTu940/NbLXt3DGpvCcf08bkkfmA
JXKxzHrgu4KOOyUHs9NfQRIpTfCIJq+MG56Iio9CsMO9ABhjFYpUMG5+mk0hrtG+
C79HG21IKkjjFO/08KC2pYKL5seK8BV9dQOcocsMX7nmMB8ImTxaM9AIiMVCUjKi
IAGVR99+s+vxmfrdsLhQRzlpCpuXXwc9o8Qr2ePrfw+d6O4HmmDbHs/jAxij6F+E
QOP84Hhf/MC23oK/M6RfOQZWpvZA7KIXPFL4ywbROmyNwwlxhbx83ZaPouHqVYvl
kux/KeE4AiZrsq0ivcMLZHp9jQDM6gfy7jrOE7anvyZ0vrjDwQKCAQEA7BRqWqVM
mDVuZ/HXYTJFKvYSh2MlG8N0WzwmYVvSuhDtAbrNfFHE+VG8m13NYNGnFIJLXd/6
rmRX4AF/1H32C8hcVcVcCLWXgs/9FzCkbJLP9B5WUf5z6sLKx93r8maljLMJYTUi
bK9rWt+15N4du0Dr0f8D/baTu42mSg/E7OYMB4b+6lE6m6YR4+amGrmzF7Cg8iyn
zAAwiCf6cm7HLUJAMSuuvuoTo/CP4eqw4JamJaAdZdeOJpILoVNCyXzFasZt/QGc
mNc8wx0efnLsbqMy2p4PFHj0pW1Q4CB6fuEUNVvyrFRCgeHtESAWiwYIQ9F9t72y
zfOu83PkNrQQkwKCAQEA11MSi8HFZlflhxxoIvYi3QuXQlzEDRdrPknxjPo7tDXP
Ie9COub+MsS5HZ72bhV2kWAjPyvwmsAB9TgOgc8TELJU4tQqy5AjXykZtn2I6wYb
EzjcHNNdJDbpjl3i+9djCJwWhdRKRziAQeR7L52bWSq2aib/7yC4o8iA9YcBU25n
rV9667+XXONV87PQaRsxdeBZM2RPMgnHso2c3BhmbDaVlTYMlNY6R5jX3nNGqhIe
ZgeEKFhgkoqfLIrQgf27Npq0ByVQJRAxnwYchYFh3oBOdN9ygSoJRe0/nRRI/lfY
yPYTrTC/ixjhASos97XZKxURTF3moKQSxTS5jXY1AwKCAQEAim4qMv7sm+/wznis
H61Xi6qBEOxdDRueNgVeSAaM2Vglcbc02Oolw0BfhQcK7/PfshH42ZIFr47dTFf0
uggmZ6BULGMu5Vh+AFGviZKXR6cK042adjfrhsQ0HeCOgzQXbRpqrJp4lhyCqeW2
Bf8Mlgmqfhe4ImSV2gtkb9cxVOxML3nELmf1IuHNacKMse0kDAchSQBQYDnYO26d
184Hcw1/EJYZwI8Hd0EPTZzNnNQZlsR9mIM+MnW+5hkpd3Z3WHYEdrAkQCct1QdV
IzaGVxXRMwots4Z9hidEnjfNPGsE64kAEnbSDNEKrtkO/vRJkmLcAgr1NvjmJJFX
R5BsiwKCAQAzWK/3e8Gi4hrt2SxMCf3OUFFFlfF6XbdJJ0DeqV1LX/mA0hktCqBb
YuXx1lJVdfDMQeylx8icXmUZIMD023hkZuIvJQD/geOtcZOcHNtlkBMsxkZW6WAw
npebR3A1Net7xhzo1PLRgPu0utNVS3QcEz9kmOA3Gcpt5AY8hnEegBlhEn+xcAKc
N+nrL1nndoCY52LeCnGIMSTZw0NAiOEDtRB+gGEHrP5AzIXNmhejvqZZFjnBlTGS
QFQsvv1xwhu+ra14dsFh1TbAASkT/QJlmJsc65vWiTuk3SpqPsgZPsGHSobuqc1D
Ui91o6UNfOPIjkGNwGaasAV52VTWEvYZAoIBAQDRJGv9RVxj13TTpL2H2vz4WWKS
Q4Fp+Y9oMscGoyr3ePevw1OCUr1P52iB7N+BfuT/kLaI5z5p+uhgolcf9fg/+Sm1
NhaDyc52Jkvog/RVoI67ZUoZtD17q0mdNMjZCxQnYRdzGp+lipmAd7hAAjv9PHTi
WD/9xQXnM3XpBGX8ilVha7x24pWhCV5bo6V+Bp8Q+yT9OrqwN+wvzeA0wNmMwtda
Vb2iMz1vJYaALy8WNAjSb5zdFOlOOwI2JTBtSWgN92mc21lA/LsKfMMRGczBjohX
1kkXHqE52KE0S4jtC5Ko7cr5nXmb1Hnm8HPCg3B0JYjj79XgDRVinZ8wRpnZ
-----END RSA PRIVATE KEY-----Then you may use it straight away for Mac. However, you may need to save this terraform_vpc_key.pem file as a terraform_vpc_key.ppk file if using Putty with Windows 10
Notes: Keep in mind, this file name must match with what’s in the EC2 connect page.
For Windows 10 user, locate your PuTTYgen and click it
Then load your terraform_vpc_key.pem file
terraform_vpc_key.pem
Click Save private key and save it
Now let’s log into our EC2 instance
In AWS Console for EC2 Connect page, copy ec2-user@<your own ipv4 address as shown below> and paste into Putty session
Then, click SSH --> Auth
Lastly, browse your .ppk file and load it
Click Open
Install Mysql on our Amazon Linux 2 server prior to connecting to our RDS mysql database
Firstly, update our server
$ sudo yum update -y
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.7 kB 00:00
No packages marked for updateSecondly, download the MySQL 5.7 yum repository on Amazon Linux 2 using wget
$ sudo wget https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
--2021-05-03 18:30:37-- https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
Resolving dev.mysql.com (dev.mysql.com)... 137.254.60.11
Connecting to dev.mysql.com (dev.mysql.com)|137.254.60.11|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://repo.mysql.com//mysql57-community-release-el7-11.noarch.rpm [following]
--2021-05-03 18:30:37-- https://repo.mysql.com//mysql57-community-release-el7-11.noarch.rpm
Resolving repo.mysql.com (repo.mysql.com)... 23.210.0.235
Connecting to repo.mysql.com (repo.mysql.com)|23.210.0.235|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 25680 (25K) [application/x-redhat-package-manager]
Saving to: ‘mysql57-community-release-el7-11.noarch.rpm’100%[======================================>] 25,680 --.-K/s in 0.001s2021-05-03 18:30:37 (30.0 MB/s) - ‘mysql57-community-release-el7-11.noarch.rpm’ saved [25680/25680]
Thirdly, install MySQL 5.7 Yum Repository on Amazon Linux 2 using below command
$ sudo yum localinstall mysql57-community-release-el7-11.noarch.rpm -y
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Examining mysql57-community-release-el7-11.noarch.rpm: mysql57-community-release-el7-11.noarch
Marking mysql57-community-release-el7-11.noarch.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package mysql57-community-release.noarch 0:el7-11 will be installed
--> Finished Dependency Resolution
amzn2-core/2/x86_64 | 3.7 kB 00:00Dependencies Resolved================================================================================
Package Arch Version
Repository Size
================================================================================
Installing:
mysql57-community-release
noarch el7-11 /mysql57-community-release-el7-11.noarch 31 kTransaction Summary
================================================================================
Install 1 PackageTotal size: 31 k
Installed size: 31 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : mysql57-community-release-el7-11.noarch 1/1
Verifying : mysql57-community-release-el7-11.noarch 1/1Installed:
mysql57-community-release.noarch 0:el7-11Complete!
Fourthly, install MySQL 5.7 on Amazon Linux 2 using below commands
$ sudo yum install mysql-community-server -y
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.7 kB 00:00
41 packages excluded due to repository priority protections
Resolving Dependencies
--> Running transaction check
---> Package mysql-community-server.x86_64 0:5.7.34-1.el7 will be installed
--> Processing Dependency: mysql-community-common(x86-64) = 5.7.34-1.el7 for package: mysql-community-server-5.7.34-1.el7.x86_64
--> Processing Dependency: mysql-community-client(x86-64) >= 5.7.9 for package: mysql-community-server-5.7.34-1.el7.x86_64
--> Running transaction check
---> Package mysql-community-client.x86_64 0:5.7.34-1.el7 will be installed
--> Processing Dependency: mysql-community-libs(x86-64) >= 5.7.9 for package: mysql-community-client-5.7.34-1.el7.x86_64
--> Processing Dependency: libncurses.so.5()(64bit) for package: mysql-community-client-5.7.34-1.el7.x86_64
--> Processing Dependency: libtinfo.so.5()(64bit) for package: mysql-community-client-5.7.34-1.el7.x86_64
---> Package mysql-community-common.x86_64 0:5.7.34-1.el7 will be installed
--> Running transaction check
---> Package mariadb-libs.x86_64 1:5.5.68-1.amzn2 will be obsoleted
--> Processing Dependency: libmysqlclient.so.18()(64bit) for package: 2:postfix-2.10.1-6.amzn2.0.3.x86_64
--> Processing Dependency: libmysqlclient.so.18(libmysqlclient_18)(64bit) for package: 2:postfix-2.10.1-6.amzn2.0.3.x86_64
---> Package mysql-community-libs.x86_64 0:5.7.34-1.el7 will be obsoleting
---> Package ncurses-compat-libs.x86_64 0:6.0-8.20170212.amzn2.1.3 will be installed
--> Running transaction check
---> Package mysql-community-libs-compat.x86_64 0:5.7.34-1.el7 will be obsoleting
--> Finished Dependency ResolutionDependencies Resolved================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
mysql-community-libs x86_64 5.7.34-1.el7 mysql57-community 2.4 M
replacing mariadb-libs.x86_64 1:5.5.68-1.amzn2
mysql-community-libs-compat
x86_64 5.7.34-1.el7 mysql57-community 1.2 M
replacing mariadb-libs.x86_64 1:5.5.68-1.amzn2
mysql-community-server x86_64 5.7.34-1.el7 mysql57-community 173 M
Installing for dependencies:
mysql-community-client x86_64 5.7.34-1.el7 mysql57-community 25 M
mysql-community-common x86_64 5.7.34-1.el7 mysql57-community 310 k
ncurses-compat-libs x86_64 6.0-8.20170212.amzn2.1.3 amzn2-core 308 kTransaction Summary
================================================================================
Install 3 Packages (+3 Dependent packages)Total download size: 203 M
Downloading packages:
warning: /var/cache/yum/x86_64/2/mysql57-community/packages/mysql-community-common-5.7.34-1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Public key for mysql-community-common-5.7.34-1.el7.x86_64.rpm is not installed
(1/6): mysql-community-common-5.7.34-1.el7.x86_64.rpm | 310 kB 00:00
(2/6): mysql-community-libs-5.7.34-1.el7.x86_64.rpm | 2.4 MB 00:00
(3/6): mysql-community-libs-compat-5.7.34-1.el7.x86_64.rpm | 1.2 MB 00:00
(4/6): ncurses-compat-libs-6.0-8.20170212.amzn2.1.3.x86_64 | 308 kB 00:00
(5/6): mysql-community-client-5.7.34-1.el7.x86_64.rpm | 25 MB 00:00
(6/6): mysql-community-server-5.7.34-1.el7.x86_64.rpm | 173 MB 00:04
--------------------------------------------------------------------------------
Total 43 MB/s | 203 MB 00:04
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
Importing GPG key 0x5072E1F5:
Userid : "MySQL Release Engineering <mysql-build@oss.oracle.com>"
Fingerprint: a4a9 4068 76fc bd3c 4567 70c8 8c71 8d3b 5072 e1f5
Package : mysql57-community-release-el7-11.noarch (installed)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : mysql-community-common-5.7.34-1.el7.x86_64 1/7
Installing : mysql-community-libs-5.7.34-1.el7.x86_64 2/7
Installing : ncurses-compat-libs-6.0-8.20170212.amzn2.1.3.x86_64 3/7
Installing : mysql-community-client-5.7.34-1.el7.x86_64 4/7
Installing : mysql-community-server-5.7.34-1.el7.x86_64 5/7
Installing : mysql-community-libs-compat-5.7.34-1.el7.x86_64 6/7
Erasing : 1:mariadb-libs-5.5.68-1.amzn2.x86_64 7/7
Verifying : ncurses-compat-libs-6.0-8.20170212.amzn2.1.3.x86_64 1/7
Verifying : mysql-community-common-5.7.34-1.el7.x86_64 2/7
Verifying : mysql-community-libs-compat-5.7.34-1.el7.x86_64 3/7
Verifying : mysql-community-server-5.7.34-1.el7.x86_64 4/7
Verifying : mysql-community-client-5.7.34-1.el7.x86_64 5/7
Verifying : mysql-community-libs-5.7.34-1.el7.x86_64 6/7
Verifying : 1:mariadb-libs-5.5.68-1.amzn2.x86_64 7/7Installed:
mysql-community-libs.x86_64 0:5.7.34-1.el7
mysql-community-libs-compat.x86_64 0:5.7.34-1.el7
mysql-community-server.x86_64 0:5.7.34-1.el7Dependency Installed:
mysql-community-client.x86_64 0:5.7.34-1.el7
mysql-community-common.x86_64 0:5.7.34-1.el7
ncurses-compat-libs.x86_64 0:6.0-8.20170212.amzn2.1.3Replaced:
mariadb-libs.x86_64 1:5.5.68-1.amzn2Complete!
As we wrap up our installation, we will start our mysqld in our server
$ sudo systemctl start mysqld.serviceThen, we check out our mysqld
$ sudo systemctl status mysqld.service
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2021-05-03 18:48:40 UTC; 4s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Process: 362 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid $MYSQLD_OPTS (code=exited, status=0/SUCCESS)
Process: 313 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
Main PID: 367 (mysqld)
CGroup: /system.slice/mysqld.service
└─367 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysq...May 03 18:48:35 ip-10-0-1-222.ec2.internal systemd[1]: Starting MySQL Server...
May 03 18:48:40 ip-10-0-1-222.ec2.internal systemd[1]: Started MySQL Server.
Hint: Some lines were ellipsized, use -l to show in full.
For the full installation of “How to Install MySQL 5.7 on Amazon Linux 2”, please visit here
Validate that our mysql is installed
$ mysql -V
mysql Ver 14.14 Distrib 5.7.34, for Linux (x86_64) using EditLine wrapperNow let us attepmt to log into our RDS Mysql database
Jumping back to our AWS console RDS page, and locate either one of our database instance
Copy Endpoint & port’s Endpoints
Paste the endpoint into our terminal as shown below. Also, to find out our username and password of our RDS mysql, we need to take advantage of our terraform.tfstate file and grep the info
For username
$ cat terraform.tfstate | grep -i username
"username": "devops",
"username": "devops",For password
$ cat terraform.tfstate | grep -i password
"password": "blueteam",
"password": "blueteam",
"get_password_data": false,
"password_data": "",
"get_password_data": false,
"password_data": "",Then, we are ready to log into the database
-h for your endpoint, -P for port, -u for user, -p to prompt password for you to type
$ mysql -h terraform-20210503165502853900000001.cmafadkjqola.us-east-1.rds.amazonaws.com -P 3306 -u devops -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 27
Server version: 5.7.26 Source distributionCopyright (c) 2000, 2021, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql>
We made it!
At the end of this VPC — 2 Tiers infrastrucure, we’ll clean it up using one command
terraform destroy
Here we go!
$ terraform destroy
tls_private_key.public_key: Refreshing state... [id=e6918d443f51c9d4bf59ee4a6c417aa92035b376]
aws_key_pair.ec2_key: Refreshing state... [id=terraform_vpc_key]
aws_eip.eip_1[0]: Refreshing state... [id=eipalloc-03d293570f19b3b54]
aws_eip.eip_2[0]: Refreshing state... [id=eipalloc-0cb9d6211858f3fb0]
aws_vpc.terraform_vpc: Refreshing state... [id=vpc-0f77a2db4b3b3d469]
aws_subnet.private_subnet_2: Refreshing state... [id=subnet-0d463e4c9647ee828]
aws_internet_gateway.default: Refreshing state... [id=igw-016643a339cc29c0b]
aws_subnet.public_subnet_1: Refreshing state... [id=subnet-049ef2037a68b79ef]
aws_subnet.public_subnet_2: Refreshing state... [id=subnet-04094ea011aac87bb]
aws_security_group.ec2_sg: Refreshing state... [id=sg-077fb8e2e41085176]
aws_subnet.private_subnet_1: Refreshing state... [id=subnet-06b96e4743d478b4c]
aws_route_table.public_subnet_2_to_internet: Refreshing state... [id=rtb-056fd797e3d1fc3f3]
aws_route_table.public_subnet_1_to_internet: Refreshing state... [id=rtb-0e85365d579595a23]
aws_db_subnet_group.rds_subnet_group: Refreshing state... [id=rds_subnet_group]
aws_nat_gateway.natgateway_1[0]: Refreshing state... [id=nat-02be26a33d89bcc79]
aws_instance.terraform_ec2[0]: Refreshing state... [id=i-0edaf42e00a692bf7]
aws_instance.terraform_ec2[1]: Refreshing state... [id=i-02b517cee6406aff3]
aws_nat_gateway.natgateway_2[0]: Refreshing state... [id=nat-01fbf47dc8755aa36]
aws_lb.alb: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda]
aws_route_table_association.internet_for_public_subnet_1: Refreshing state... [id=rtbassoc-0f5a5e465c22b3073]
aws_route_table_association.internet_for_public_subnet_2: Refreshing state... [id=rtbassoc-04eb9997701d52947]
aws_route_table.nategateway_route_table_2[0]: Refreshing state... [id=rtb-0f7e2bcfb370ed4b2]
aws_route_table.nategateway_route_table_1[0]: Refreshing state... [id=rtb-0696f7a804e0bea29]
aws_route_table_association.private_subnet_1_to_natgateway[0]: Refreshing state... [id=rtbassoc-0bd3ec2c0ee774107]
aws_route_table_association.private_subnet_2_to_natgateway[0]: Refreshing state... [id=rtbassoc-0c971b8193d18740f]
aws_security_group.rds_sg: Refreshing state... [id=sg-02b699909ddcc1c3b]
aws_db_instance.rds_mysql_instance[0]: Refreshing state... [id=terraform-20210503165502861400000002]
aws_db_instance.rds_mysql_instance[1]: Refreshing state... [id=terraform-20210503165502853900000001]Terraform used the selected providers to generate the following execution plan.
Resource actions are indicated with the following symbols:
- destroyTerraform will perform the following actions:# aws_db_instance.rds_mysql_instance[0] will be destroyed
- resource "aws_db_instance" "rds_mysql_instance" {
- address = "terraform-20210503165502861400000002.cmafadkjqola.us-east-1.rds.amazonaws.com" -> null
- allocated_storage = 10 -> null
- arn = "arn:aws:rds:us-east-1:464392538707:db:terraform-20210503165502861400000002" -> null
- auto_minor_version_upgrade = true -> null
- availability_zone = "us-east-1b" -> null
- backup_retention_period = 0 -> null
- backup_window = "09:19-09:49" -> null
- ca_cert_identifier = "rds-ca-2019" -> null
- copy_tags_to_snapshot = false -> null
- db_subnet_group_name = "rds_subnet_group" -> null
- delete_automated_backups = true -> null
- deletion_protection = false -> null
- enabled_cloudwatch_logs_exports = [] -> null
- endpoint = "terraform-20210503165502861400000002.cmafadkjqola.us-east-1.rds.amazonaws.com:3306" -> null
- engine = "mysql" -> null
- engine_version = "5.7.26" -> null
- hosted_zone_id = "Z2R2ITUGPM61AM" -> null
- iam_database_authentication_enabled = false -> null
- id = "terraform-20210503165502861400000002" -> null
- identifier = "terraform-20210503165502861400000002" -> null
- instance_class = "db.t3.micro" -> null
- iops = 0 -> null
- latest_restorable_time = "0001-01-01T00:00:00Z" -> null
- license_model = "general-public-license" -> null
- maintenance_window = "sun:05:09-sun:05:39" -> null
- max_allocated_storage = 0 -> null
- monitoring_interval = 0 -> null
- multi_az = false -> null
- name = "rdsdb" -> null
- option_group_name = "default:mysql-5-7" -> null
- parameter_group_name = "default.mysql5.7" -> null
- password = (sensitive value)
- performance_insights_enabled = false -> null
- performance_insights_retention_period = 0 -> null
- port = 3306 -> null
- publicly_accessible = false -> null
- replicas = [] -> null
- resource_id = "db-6N4SKYUJDI2WWEQRTK3W6PFL7M" -> null
- security_group_names = [] -> null
- skip_final_snapshot = true -> null
- status = "available" -> null
- storage_encrypted = false -> null
- storage_type = "gp2" -> null
- tags = {} -> null
- tags_all = {} -> null
- username = "devops" -> null
- vpc_security_group_ids = [
- "sg-02b699909ddcc1c3b",
] -> null
}# aws_db_instance.rds_mysql_instance[1] will be destroyed
- resource "aws_db_instance" "rds_mysql_instance" {
- address = "terraform-20210503165502853900000001.cmafadkjqola.us-east-1.rds.amazonaws.com" -> null
- allocated_storage = 10 -> null
- arn = "arn:aws:rds:us-east-1:464392538707:db:terraform-20210503165502853900000001" -> null
- auto_minor_version_upgrade = true -> null
- availability_zone = "us-east-1a" -> null
- backup_retention_period = 0 -> null
- backup_window = "07:50-08:20" -> null
- ca_cert_identifier = "rds-ca-2019" -> null
- copy_tags_to_snapshot = false -> null
- db_subnet_group_name = "rds_subnet_group" -> null
- delete_automated_backups = true -> null
- deletion_protection = false -> null
- enabled_cloudwatch_logs_exports = [] -> null
- endpoint = "terraform-20210503165502853900000001.cmafadkjqola.us-east-1.rds.amazonaws.com:3306" -> null
- engine = "mysql" -> null
- engine_version = "5.7.26" -> null
- hosted_zone_id = "Z2R2ITUGPM61AM" -> null
- iam_database_authentication_enabled = false -> null
- id = "terraform-20210503165502853900000001" -> null
- identifier = "terraform-20210503165502853900000001" -> null
- instance_class = "db.t3.micro" -> null
- iops = 0 -> null
- latest_restorable_time = "0001-01-01T00:00:00Z" -> null
- license_model = "general-public-license" -> null
- maintenance_window = "mon:04:48-mon:05:18" -> null
- max_allocated_storage = 0 -> null
- monitoring_interval = 0 -> null
- multi_az = false -> null
- name = "rdsdb" -> null
- option_group_name = "default:mysql-5-7" -> null
- parameter_group_name = "default.mysql5.7" -> null
- password = (sensitive value)
- performance_insights_enabled = false -> null
- performance_insights_retention_period = 0 -> null
- port = 3306 -> null
- publicly_accessible = false -> null
- replicas = [] -> null
- resource_id = "db-XNQFOCRN2FQHXGKMJLSTKZY454" -> null
- security_group_names = [] -> null
- skip_final_snapshot = true -> null
- status = "available" -> null
- storage_encrypted = false -> null
- storage_type = "gp2" -> null
- tags = {} -> null
- tags_all = {} -> null
- username = "devops" -> null
- vpc_security_group_ids = [
- "sg-02b699909ddcc1c3b",
] -> null
}# aws_db_subnet_group.rds_subnet_group will be destroyed
- resource "aws_db_subnet_group" "rds_subnet_group" {
- arn = "arn:aws:rds:us-east-1:464392538707:subgrp:rds_subnet_group" -> null
- description = "Managed by Terraform" -> null
- id = "rds_subnet_group" -> null
- name = "rds_subnet_group" -> null
- subnet_ids = [
- "subnet-06b96e4743d478b4c",
- "subnet-0d463e4c9647ee828",
] -> null
- tags = {
- "Name" = "RDS Mysql subnet group"
} -> null
- tags_all = {
- "Name" = "RDS Mysql subnet group"
} -> null
}# aws_eip.eip_1[0] will be destroyed
- resource "aws_eip" "eip_1" {
- association_id = "eipassoc-0a539aa69165c874c" -> null
- domain = "vpc" -> null
- id = "eipalloc-03d293570f19b3b54" -> null
- network_border_group = "us-east-1" -> null
- network_interface = "eni-011dcf874b2293b99" -> null
- private_dns = "ip-10-0-1-226.ec2.internal" -> null
- private_ip = "10.0.1.226" -> null
- public_dns = "ec2-54-162-177-240.compute-1.amazonaws.com" -> null
- public_ip = "54.162.177.240" -> null
- public_ipv4_pool = "amazon" -> null
- tags = {} -> null
- tags_all = {} -> null
- vpc = true -> null
}# aws_eip.eip_2[0] will be destroyed
- resource "aws_eip" "eip_2" {
- association_id = "eipassoc-04417241cefb229bb" -> null
- domain = "vpc" -> null
- id = "eipalloc-0cb9d6211858f3fb0" -> null
- network_border_group = "us-east-1" -> null
- network_interface = "eni-0797ea7e8b523b828" -> null
- private_dns = "ip-10-0-2-15.ec2.internal" -> null
- private_ip = "10.0.2.15" -> null
- public_dns = "ec2-54-197-125-131.compute-1.amazonaws.com" -> null
- public_ip = "54.197.125.131" -> null
- public_ipv4_pool = "amazon" -> null
- tags = {} -> null
- tags_all = {} -> null
- vpc = true -> null
}# aws_instance.terraform_ec2[0] will be destroyed
- resource "aws_instance" "terraform_ec2" {
- ami = "ami-048f6ed62451373d9" -> null
- arn = "arn:aws:ec2:us-east-1:464392538707:instance/i-0edaf42e00a692bf7" -> null
- associate_public_ip_address = true -> null
- availability_zone = "us-east-1b" -> null
- cpu_core_count = 1 -> null
- cpu_threads_per_core = 1 -> null
- disable_api_termination = false -> null
- ebs_optimized = false -> null
- get_password_data = false -> null
- hibernation = false -> null
- id = "i-0edaf42e00a692bf7" -> null
- instance_initiated_shutdown_behavior = "stop" -> null
- instance_state = "running" -> null
- instance_type = "t2.micro" -> null
- ipv6_address_count = 0 -> null
- ipv6_addresses = [] -> null
- key_name = "terraform_vpc_key" -> null
- monitoring = false -> null
- primary_network_interface_id = "eni-0fca62d10e1459c6a" -> null
- private_dns = "ip-10-0-1-222.ec2.internal" -> null
- private_ip = "10.0.1.222" -> null
- public_ip = "34.229.83.211" -> null
- secondary_private_ips = [] -> null
- security_groups = [] -> null
- source_dest_check = true -> null
- subnet_id = "subnet-049ef2037a68b79ef" -> null
- tags = {} -> null
- tags_all = {} -> null
- tenancy = "default" -> null
- vpc_security_group_ids = [
- "sg-077fb8e2e41085176",
] -> null- credit_specification {
- cpu_credits = "standard" -> null
}- enclave_options {
- enabled = false -> null
}- metadata_options {
- http_endpoint = "enabled" -> null
- http_put_response_hop_limit = 1 -> null
- http_tokens = "optional" -> null
}- root_block_device {
- delete_on_termination = true -> null
- device_name = "/dev/xvda" -> null
- encrypted = false -> null
- iops = 100 -> null
- tags = {} -> null
- throughput = 0 -> null
- volume_id = "vol-04d7b7a5a80d9f7db" -> null
- volume_size = 8 -> null
- volume_type = "gp2" -> null
}
}# aws_instance.terraform_ec2[1] will be destroyed
- resource "aws_instance" "terraform_ec2" {
- ami = "ami-048f6ed62451373d9" -> null
- arn = "arn:aws:ec2:us-east-1:464392538707:instance/i-02b517cee6406aff3" -> null
- associate_public_ip_address = true -> null
- availability_zone = "us-east-1b" -> null
- cpu_core_count = 1 -> null
- cpu_threads_per_core = 1 -> null
- disable_api_termination = false -> null
- ebs_optimized = false -> null
- get_password_data = false -> null
- hibernation = false -> null
- id = "i-02b517cee6406aff3" -> null
- instance_initiated_shutdown_behavior = "stop" -> null
- instance_state = "running" -> null
- instance_type = "t2.micro" -> null
- ipv6_address_count = 0 -> null
- ipv6_addresses = [] -> null
- key_name = "terraform_vpc_key" -> null
- monitoring = false -> null
- primary_network_interface_id = "eni-044244c7fb5e83211" -> null
- private_dns = "ip-10-0-1-252.ec2.internal" -> null
- private_ip = "10.0.1.252" -> null
- public_ip = "52.207.244.217" -> null
- secondary_private_ips = [] -> null
- security_groups = [] -> null
- source_dest_check = true -> null
- subnet_id = "subnet-049ef2037a68b79ef" -> null
- tags = {} -> null
- tags_all = {} -> null
- tenancy = "default" -> null
- vpc_security_group_ids = [
- "sg-077fb8e2e41085176",
] -> null- credit_specification {
- cpu_credits = "standard" -> null
}- enclave_options {
- enabled = false -> null
}- metadata_options {
- http_endpoint = "enabled" -> null
- http_put_response_hop_limit = 1 -> null
- http_tokens = "optional" -> null
}- root_block_device {
- delete_on_termination = true -> null
- device_name = "/dev/xvda" -> null
- encrypted = false -> null
- iops = 100 -> null
- tags = {} -> null
- throughput = 0 -> null
- volume_id = "vol-0b15a8e7bc6ea81d1" -> null
- volume_size = 8 -> null
- volume_type = "gp2" -> null
}
}# aws_internet_gateway.default will be destroyed
- resource "aws_internet_gateway" "default" {
- arn = "arn:aws:ec2:us-east-1:464392538707:internet-gateway/igw-016643a339cc29c0b" -> null
- id = "igw-016643a339cc29c0b" -> null
- owner_id = "464392538707" -> null
- tags = {} -> null
- tags_all = {} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_key_pair.ec2_key will be destroyed
- resource "aws_key_pair" "ec2_key" {
- arn = "arn:aws:ec2:us-east-1:464392538707:key-pair/terraform_vpc_key" -> null
- fingerprint = "c4:67:45:56:7a:6d:08:d4:e1:41:2a:c6:da:07:52:e4" -> null
- id = "terraform_vpc_key" -> null
- key_name = "terraform_vpc_key" -> null
- key_pair_id = "key-03bfc77a8c983479a" -> null
- public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGkcEK7Xh4xruxkAsXxAf5nqa729bHStfl4tT5G9IT0JqNsa68rSeMY/DVsYbbVYzOHCAn8YOrU5moP/GF1HDe+OTyiMBgJrQzLgUvWMbRYey2A6RJhbjhPRx91vBVU5vET9Fc/+KiF1VTstffVESlLCNXohxzEojA+wV3QEU5zGFoTgtG/vAbXjJYIdgW/mKiYqDxqs0pcEbkQgXRJsqIpZoW6YIYXrFCipt4RDTmy8upjd6i44wmsk0vB0iSojzekyuTiKjG0bQ8qHA1aaKepkMKmfAEzyct4/WyD5JvtDwgH5i3+lTLGNkQ1ihUjiCwCaU1v6x3kdIETI7SFY5vt9fQLEano9nFMGJo3ys1lhNCgJ/J/KbvozGqhOL8nSMT+ahRC28xEM1hGXYENv2R+yhlIU6sXBIr4FvRFa6EDYoZprEiB/f5lk9wE9s4j//ol7StDH6EXg7jZAMzH9Q81/zevU8KbNw7ciwzOXvmO65fkXkd/pi8gMWSwCZBGjyitCUM45ZQv7KHOdzQkYSre7zsxsaudSJaB3mn/D2472hwys/Oe3iZBnfcRTn/ZjGtWNt8pQlferi4WCy2rc2Dmf8l3is8UScc2dcET9UBQhg69ek49NGKNPJA2XxUm/nanTJDs6uhgKL1tTNThUoo2nKiPGAi8w7Dx9VbhkyguQ==" -> null
- tags = {} -> null
- tags_all = {} -> null
}# aws_lb.alb will be destroyed
- resource "aws_lb" "alb" {
- arn = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda" -> null
- arn_suffix = "app/alb/bac91d6e78ce3bda" -> null
- dns_name = "alb-1449855605.us-east-1.elb.amazonaws.com" -> null
- drop_invalid_header_fields = false -> null
- enable_deletion_protection = false -> null
- enable_http2 = true -> null
- id = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda" -> null
- idle_timeout = 60 -> null
- internal = false -> null
- ip_address_type = "ipv4" -> null
- load_balancer_type = "application" -> null
- name = "alb" -> null
- security_groups = [
- "sg-077fb8e2e41085176",
] -> null
- subnets = [
- "subnet-04094ea011aac87bb",
- "subnet-049ef2037a68b79ef",
] -> null
- tags = {
- "Environment" = "test"
} -> null
- tags_all = {
- "Environment" = "test"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
- zone_id = "Z35SXDOTRQ7X7K" -> null- access_logs {
- enabled = false -> null
}- subnet_mapping {
- subnet_id = "subnet-04094ea011aac87bb" -> null
}
- subnet_mapping {
- subnet_id = "subnet-049ef2037a68b79ef" -> null
}
}# aws_nat_gateway.natgateway_1[0] will be destroyed
- resource "aws_nat_gateway" "natgateway_1" {
- allocation_id = "eipalloc-03d293570f19b3b54" -> null
- id = "nat-02be26a33d89bcc79" -> null
- network_interface_id = "eni-011dcf874b2293b99" -> null
- private_ip = "10.0.1.226" -> null
- public_ip = "54.162.177.240" -> null
- subnet_id = "subnet-049ef2037a68b79ef" -> null
- tags = {} -> null
- tags_all = {} -> null
}# aws_nat_gateway.natgateway_2[0] will be destroyed
- resource "aws_nat_gateway" "natgateway_2" {
- allocation_id = "eipalloc-0cb9d6211858f3fb0" -> null
- id = "nat-01fbf47dc8755aa36" -> null
- network_interface_id = "eni-0797ea7e8b523b828" -> null
- private_ip = "10.0.2.15" -> null
- public_ip = "54.197.125.131" -> null
- subnet_id = "subnet-04094ea011aac87bb" -> null
- tags = {} -> null
- tags_all = {} -> null
}# aws_route_table.nategateway_route_table_1[0] will be destroyed
- resource "aws_route_table" "nategateway_route_table_1" {
- arn = "arn:aws:ec2:us-east-1:464392538707:route-table/rtb-0696f7a804e0bea29" -> null
- id = "rtb-0696f7a804e0bea29" -> null
- owner_id = "464392538707" -> null
- propagating_vgws = [] -> null
- route = [
- {
- carrier_gateway_id = ""
- cidr_block = "0.0.0.0/0"
- destination_prefix_list_id = ""
- egress_only_gateway_id = ""
- gateway_id = ""
- instance_id = ""
- ipv6_cidr_block = ""
- local_gateway_id = ""
- nat_gateway_id = "nat-02be26a33d89bcc79"
- network_interface_id = ""
- transit_gateway_id = ""
- vpc_endpoint_id = ""
- vpc_peering_connection_id = ""
},
] -> null
- tags = {
- "Name" = "tagkey_name_natgateway_route_table_1"
} -> null
- tags_all = {
- "Name" = "tagkey_name_natgateway_route_table_1"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_route_table.nategateway_route_table_2[0] will be destroyed
- resource "aws_route_table" "nategateway_route_table_2" {
- arn = "arn:aws:ec2:us-east-1:464392538707:route-table/rtb-0f7e2bcfb370ed4b2" -> null
- id = "rtb-0f7e2bcfb370ed4b2" -> null
- owner_id = "464392538707" -> null
- propagating_vgws = [] -> null
- route = [
- {
- carrier_gateway_id = ""
- cidr_block = "0.0.0.0/0"
- destination_prefix_list_id = ""
- egress_only_gateway_id = ""
- gateway_id = ""
- instance_id = ""
- ipv6_cidr_block = ""
- local_gateway_id = ""
- nat_gateway_id = "nat-01fbf47dc8755aa36"
- network_interface_id = ""
- transit_gateway_id = ""
- vpc_endpoint_id = ""
- vpc_peering_connection_id = ""
},
] -> null
- tags = {
- "Name" = "tagkey_name_natgateway_route_table_2"
} -> null
- tags_all = {
- "Name" = "tagkey_name_natgateway_route_table_2"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_route_table.public_subnet_1_to_internet will be destroyed
- resource "aws_route_table" "public_subnet_1_to_internet" {
- arn = "arn:aws:ec2:us-east-1:464392538707:route-table/rtb-0e85365d579595a23" -> null
- id = "rtb-0e85365d579595a23" -> null
- owner_id = "464392538707" -> null
- propagating_vgws = [] -> null
- route = [
- {
- carrier_gateway_id = ""
- cidr_block = "0.0.0.0/0"
- destination_prefix_list_id = ""
- egress_only_gateway_id = ""
- gateway_id = "igw-016643a339cc29c0b"
- instance_id = ""
- ipv6_cidr_block = ""
- local_gateway_id = ""
- nat_gateway_id = ""
- network_interface_id = ""
- transit_gateway_id = ""
- vpc_endpoint_id = ""
- vpc_peering_connection_id = ""
},
] -> null
- tags = {
- "Name" = "public_route_table_1"
} -> null
- tags_all = {
- "Name" = "public_route_table_1"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_route_table.public_subnet_2_to_internet will be destroyed
- resource "aws_route_table" "public_subnet_2_to_internet" {
- arn = "arn:aws:ec2:us-east-1:464392538707:route-table/rtb-056fd797e3d1fc3f3" -> null
- id = "rtb-056fd797e3d1fc3f3" -> null
- owner_id = "464392538707" -> null
- propagating_vgws = [] -> null
- route = [
- {
- carrier_gateway_id = ""
- cidr_block = "0.0.0.0/0"
- destination_prefix_list_id = ""
- egress_only_gateway_id = ""
- gateway_id = "igw-016643a339cc29c0b"
- instance_id = ""
- ipv6_cidr_block = ""
- local_gateway_id = ""
- nat_gateway_id = ""
- network_interface_id = ""
- transit_gateway_id = ""
- vpc_endpoint_id = ""
- vpc_peering_connection_id = ""
},
] -> null
- tags = {
- "Name" = "public_route_table_2"
} -> null
- tags_all = {
- "Name" = "public_route_table_2"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_route_table_association.internet_for_public_subnet_1 will be destroyed
- resource "aws_route_table_association" "internet_for_public_subnet_1" {
- id = "rtbassoc-0f5a5e465c22b3073" -> null
- route_table_id = "rtb-0e85365d579595a23" -> null
- subnet_id = "subnet-049ef2037a68b79ef" -> null
}# aws_route_table_association.internet_for_public_subnet_2 will be destroyed
- resource "aws_route_table_association" "internet_for_public_subnet_2" {
- id = "rtbassoc-04eb9997701d52947" -> null
- route_table_id = "rtb-056fd797e3d1fc3f3" -> null
- subnet_id = "subnet-04094ea011aac87bb" -> null
}# aws_route_table_association.private_subnet_1_to_natgateway[0] will be destroyed
- resource "aws_route_table_association" "private_subnet_1_to_natgateway" {
- id = "rtbassoc-0bd3ec2c0ee774107" -> null
- route_table_id = "rtb-0696f7a804e0bea29" -> null
- subnet_id = "subnet-06b96e4743d478b4c" -> null
}# aws_route_table_association.private_subnet_2_to_natgateway[0] will be destroyed
- resource "aws_route_table_association" "private_subnet_2_to_natgateway" {
- id = "rtbassoc-0c971b8193d18740f" -> null
- route_table_id = "rtb-0f7e2bcfb370ed4b2" -> null
- subnet_id = "subnet-0d463e4c9647ee828" -> null
}# aws_security_group.ec2_sg will be destroyed
- resource "aws_security_group" "ec2_sg" {
- arn = "arn:aws:ec2:us-east-1:464392538707:security-group/sg-077fb8e2e41085176" -> null
- description = "security group of ec2" -> null
- egress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- description = ""
- from_port = 0
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "-1"
- security_groups = []
- self = false
- to_port = 0
},
] -> null
- id = "sg-077fb8e2e41085176" -> null
- ingress = [
- {
- cidr_blocks = [
- "72.137.76.221/32",
]
- description = "SSH"
- from_port = 22
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 22
},
] -> null
- name = "ec2_sg" -> null
- owner_id = "464392538707" -> null
- revoke_rules_on_delete = false -> null
- tags = {
- "Name" = "ec_sg"
} -> null
- tags_all = {
- "Name" = "ec_sg"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_security_group.rds_sg will be destroyed
- resource "aws_security_group" "rds_sg" {
- arn = "arn:aws:ec2:us-east-1:464392538707:security-group/sg-02b699909ddcc1c3b" -> null
- description = "security group of rds mysql" -> null
- egress = [
- {
- cidr_blocks = [
- "0.0.0.0/0",
]
- description = ""
- from_port = 0
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "-1"
- security_groups = []
- self = false
- to_port = 0
},
] -> null
- id = "sg-02b699909ddcc1c3b" -> null
- ingress = [
- {
- cidr_blocks = [
- "10.0.1.222/32",
]
- description = "MySQL"
- from_port = 3306
- ipv6_cidr_blocks = []
- prefix_list_ids = []
- protocol = "tcp"
- security_groups = []
- self = false
- to_port = 3306
},
] -> null
- name = "rds_sg" -> null
- owner_id = "464392538707" -> null
- revoke_rules_on_delete = false -> null
- tags = {
- "Name" = "rds_sg"
} -> null
- tags_all = {
- "Name" = "rds_sg"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_subnet.private_subnet_1 will be destroyed
- resource "aws_subnet" "private_subnet_1" {
- arn = "arn:aws:ec2:us-east-1:464392538707:subnet/subnet-06b96e4743d478b4c" -> null
- assign_ipv6_address_on_creation = false -> null
- availability_zone = "us-east-1a" -> null
- availability_zone_id = "use1-az2" -> null
- cidr_block = "10.0.3.0/24" -> null
- id = "subnet-06b96e4743d478b4c" -> null
- map_customer_owned_ip_on_launch = false -> null
- map_public_ip_on_launch = false -> null
- owner_id = "464392538707" -> null
- tags = {
- "Name" = "private_subnet_1_name"
} -> null
- tags_all = {
- "Name" = "private_subnet_1_name"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_subnet.private_subnet_2 will be destroyed
- resource "aws_subnet" "private_subnet_2" {
- arn = "arn:aws:ec2:us-east-1:464392538707:subnet/subnet-0d463e4c9647ee828" -> null
- assign_ipv6_address_on_creation = false -> null
- availability_zone = "us-east-1b" -> null
- availability_zone_id = "use1-az4" -> null
- cidr_block = "10.0.4.0/24" -> null
- id = "subnet-0d463e4c9647ee828" -> null
- map_customer_owned_ip_on_launch = false -> null
- map_public_ip_on_launch = false -> null
- owner_id = "464392538707" -> null
- tags = {
- "Name" = "private_subnet_2_name"
} -> null
- tags_all = {
- "Name" = "private_subnet_2_name"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_subnet.public_subnet_1 will be destroyed
- resource "aws_subnet" "public_subnet_1" {
- arn = "arn:aws:ec2:us-east-1:464392538707:subnet/subnet-049ef2037a68b79ef" -> null
- assign_ipv6_address_on_creation = false -> null
- availability_zone = "us-east-1b" -> null
- availability_zone_id = "use1-az4" -> null
- cidr_block = "10.0.1.0/24" -> null
- id = "subnet-049ef2037a68b79ef" -> null
- map_customer_owned_ip_on_launch = false -> null
- map_public_ip_on_launch = false -> null
- owner_id = "464392538707" -> null
- tags = {
- "Name" = "public_subnet_name_1"
} -> null
- tags_all = {
- "Name" = "public_subnet_name_1"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_subnet.public_subnet_2 will be destroyed
- resource "aws_subnet" "public_subnet_2" {
- arn = "arn:aws:ec2:us-east-1:464392538707:subnet/subnet-04094ea011aac87bb" -> null
- assign_ipv6_address_on_creation = false -> null
- availability_zone = "us-east-1e" -> null
- availability_zone_id = "use1-az3" -> null
- cidr_block = "10.0.2.0/24" -> null
- id = "subnet-04094ea011aac87bb" -> null
- map_customer_owned_ip_on_launch = false -> null
- map_public_ip_on_launch = false -> null
- owner_id = "464392538707" -> null
- tags = {
- "Name" = "mytest_public_subnet_name_2"
} -> null
- tags_all = {
- "Name" = "mytest_public_subnet_name_2"
} -> null
- vpc_id = "vpc-0f77a2db4b3b3d469" -> null
}# aws_vpc.terraform_vpc will be destroyed
- resource "aws_vpc" "terraform_vpc" {
- arn = "arn:aws:ec2:us-east-1:464392538707:vpc/vpc-0f77a2db4b3b3d469" -> null
- assign_generated_ipv6_cidr_block = false -> null
- cidr_block = "10.0.0.0/16" -> null
- default_network_acl_id = "acl-016c0ff57ba21eaad" -> null
- default_route_table_id = "rtb-02e3bc1ac4753f08f" -> null
- default_security_group_id = "sg-02459693ec26f497b" -> null
- dhcp_options_id = "dopt-7715b80d" -> null
- enable_classiclink = false -> null
- enable_classiclink_dns_support = false -> null
- enable_dns_hostnames = false -> null
- enable_dns_support = true -> null
- id = "vpc-0f77a2db4b3b3d469" -> null
- instance_tenancy = "default" -> null
- main_route_table_id = "rtb-02e3bc1ac4753f08f" -> null
- owner_id = "464392538707" -> null
- tags = {
- "Name" = "terraform_vpc"
} -> null
- tags_all = {
- "Name" = "terraform_vpc"
} -> null
}# tls_private_key.public_key will be destroyed
- resource "tls_private_key" "public_key" {
- algorithm = "RSA" -> null
- ecdsa_curve = "P224" -> null
- id = "e6918d443f51c9d4bf59ee4a6c417aa92035b376" -> null
- private_key_pem = (sensitive value)
- public_key_fingerprint_md5 = "ba:db:62:5c:2f:5f:f1:27:ea:fd:fa:88:0b:86:4d:3e" -> null
- public_key_openssh = <<-EOT
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGkcEK7Xh4xruxkAsXxAf5nqa729bHStfl4tT5G9IT0JqNsa68rSeMY/DVsYbbVYzOHCAn8YOrU5moP/GF1HDe+OTyiMBgJrQzLgUvWMbRYey2A6RJhbjhPRx91vBVU5vET9Fc/+KiF1VTstffVESlLCNXohxzEojA+wV3QEU5zGFoTgtG/vAbXjJYIdgW/mKiYqDxqs0pcEbkQgXRJsqIpZoW6YIYXrFCipt4RDTmy8upjd6i44wmsk0vB0iSojzekyuTiKjG0bQ8qHA1aaKepkMKmfAEzyct4/WyD5JvtDwgH5i3+lTLGNkQ1ihUjiCwCaU1v6x3kdIETI7SFY5vt9fQLEano9nFMGJo3ys1lhNCgJ/J/KbvozGqhOL8nSMT+ahRC28xEM1hGXYENv2R+yhlIU6sXBIr4FvRFa6EDYoZprEiB/f5lk9wE9s4j//ol7StDH6EXg7jZAMzH9Q81/zevU8KbNw7ciwzOXvmO65fkXkd/pi8gMWSwCZBGjyitCUM45ZQv7KHOdzQkYSre7zsxsaudSJaB3mn/D2472hwys/Oe3iZBnfcRTn/ZjGtWNt8pQlferi4WCy2rc2Dmf8l3is8UScc2dcET9UBQhg69ek49NGKNPJA2XxUm/nanTJDs6uhgKL1tTNThUoo2nKiPGAi8w7Dx9VbhkyguQ==
EOT -> null
- public_key_pem = <<-EOT
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxpHBCu14eMa7sZALF8QH
+Z6mu9vWx0rX5eLU+RvSE9CajbGuvK0njGPw1bGG21WMzhwgJ/GDq1OZqD/xhdRw
3vjk8ojAYCa0My4FL1jG0WHstgOkSYW44T0cfdbwVVObxE/RXP/iohdVU7LX31RE
pSwjV6IccxKIwPsFd0BFOcxhaE4LRv7wG14yWCHYFv5iomKg8arNKXBG5EIF0SbK
iKWaFumCGF6xQoqbeEQ05svLqY3eouOMJrJNLwdIkqI83pMrk4ioxtG0PKhwNWmi
nqZDCpnwBM8nLeP1sg+Sb7Q8IB+Yt/pUyxjZENYoVI4gsAmlNb+sd5HSBEyO0hWO
b7fX0CxGp6PZxTBiaN8rNZYTQoCfyfym76MxqoTi/J0jE/moUQtvMRDNYRl2BDb9
kfsoZSFOrFwSK+Bb0RWuhA2KGaaxIgf3+ZZPcBPbOI//6Je0rQx+hF4O42QDMx/U
PNf83r1PCmzcO3IsMzl75juuX5F5Hf6YvIDFksAmQRo8orQlDOOWUL+yhznc0JGE
q3u87MbGrnUiWgd5p/w9uO9ocMrPznt4mQZ33EU5/2YxrVjbfKUJX3q4uFgstq3N
g5n/Jd4rPFEnHNnXBE/VAUIYOvXpOPTRijTyQNl8VJv52p0yQ7OroYCi9bUzU4VK
KNpyojxgIvMOw8fVW4ZMoLkCAwEAAQ==
-----END PUBLIC KEY-----
EOT -> null
- rsa_bits = 4096 -> null
}Plan: 0 to add, 0 to change, 28 to destroy.Changes to Outputs:
- alb = {
- access_logs = [
- {
- bucket = ""
- enabled = false
- prefix = ""
},
]
- arn = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda"
- arn_suffix = "app/alb/bac91d6e78ce3bda"
- customer_owned_ipv4_pool = ""
- dns_name = "alb-1449855605.us-east-1.elb.amazonaws.com"
- drop_invalid_header_fields = false
- enable_cross_zone_load_balancing = null
- enable_deletion_protection = false
- enable_http2 = true
- id = "arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda"
- idle_timeout = 60
- internal = false
- ip_address_type = "ipv4"
- load_balancer_type = "application"
- name = "alb"
- name_prefix = null
- security_groups = [
- "sg-077fb8e2e41085176",
]
- subnet_mapping = [
- {
- allocation_id = ""
- ipv6_address = ""
- outpost_id = ""
- private_ipv4_address = ""
- subnet_id = "subnet-04094ea011aac87bb"
},
- {
- allocation_id = ""
- ipv6_address = ""
- outpost_id = ""
- private_ipv4_address = ""
- subnet_id = "subnet-049ef2037a68b79ef"
},
]
- subnets = [
- "subnet-04094ea011aac87bb",
- "subnet-049ef2037a68b79ef",
]
- tags = {
- "Environment" = "test"
}
- tags_all = {
- "Environment" = "test"
}
- timeouts = null
- vpc_id = "vpc-0f77a2db4b3b3d469"
- zone_id = "Z35SXDOTRQ7X7K"
} -> null
- private_subnet_1 = "10.0.3.0/24" -> null
- public_subnet_1 = "10.0.1.0/24" -> null
- public_subnet_2 = "10.0.2.0/24" -> null
- rds_instance_type = "db.t3.micro" -> null
- vpc = "10.0.0.0/16" -> nullDo you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.Enter a value: yesaws_route_table_association.private_subnet_2_to_natgateway[0]: Destroying... [id=rtbassoc-0c971b8193d18740f]
aws_db_instance.rds_mysql_instance[1]: Destroying... [id=terraform-20210503165502853900000001]
aws_lb.alb: Destroying... [id=arn:aws:elasticloadbalancing:us-east-1:464392538707:loadbalancer/app/alb/bac91d6e78ce3bda]
aws_db_instance.rds_mysql_instance[0]: Destroying... [id=terraform-20210503165502861400000002]
aws_route_table_association.internet_for_public_subnet_1: Destroying... [id=rtbassoc-0f5a5e465c22b3073]
aws_route_table_association.private_subnet_1_to_natgateway[0]: Destroying... [id=rtbassoc-0bd3ec2c0ee774107]
aws_route_table_association.internet_for_public_subnet_2: Destroying... [id=rtbassoc-04eb9997701d52947]
aws_route_table_association.private_subnet_1_to_natgateway[0]: Destruction complete after 1s
aws_route_table_association.private_subnet_2_to_natgateway[0]: Destruction complete after 1s
aws_route_table_association.internet_for_public_subnet_1: Destruction complete after 1s
aws_route_table_association.internet_for_public_subnet_2: Destruction complete after 1s
aws_route_table.nategateway_route_table_2[0]: Destroying... [id=rtb-0f7e2bcfb370ed4b2]
aws_route_table.public_subnet_2_to_internet: Destroying... [id=rtb-056fd797e3d1fc3f3]
aws_route_table.public_subnet_1_to_internet: Destroying... [id=rtb-0e85365d579595a23]
aws_route_table.nategateway_route_table_1[0]: Destroying... [id=rtb-0696f7a804e0bea29]
aws_route_table.public_subnet_2_to_internet: Destruction complete after 1s
aws_route_table.public_subnet_1_to_internet: Destruction complete after 1s
aws_internet_gateway.default: Destroying... [id=igw-016643a339cc29c0b]
aws_route_table.nategateway_route_table_2[0]: Destruction complete after 1s
aws_nat_gateway.natgateway_2[0]: Destroying... [id=nat-01fbf47dc8755aa36]
aws_route_table.nategateway_route_table_1[0]: Destruction complete after 1s
aws_nat_gateway.natgateway_1[0]: Destroying... [id=nat-02be26a33d89bcc79]
aws_lb.alb: Destruction complete after 2s
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 10s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 10s elapsed]
aws_nat_gateway.natgateway_2[0]: Still destroying... [id=nat-01fbf47dc8755aa36, 10s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 20s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 20s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 20s elapsed]
aws_nat_gateway.natgateway_2[0]: Still destroying... [id=nat-01fbf47dc8755aa36, 20s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 30s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 30s elapsed]
aws_nat_gateway.natgateway_2[0]: Still destroying... [id=nat-01fbf47dc8755aa36, 30s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 40s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 40s elapsed]
aws_nat_gateway.natgateway_2[0]: Still destroying... [id=nat-01fbf47dc8755aa36, 40s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 50s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 50s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 50s elapsed]
aws_nat_gateway.natgateway_2[0]: Still destroying... [id=nat-01fbf47dc8755aa36, 50s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 50s elapsed]
aws_nat_gateway.natgateway_2[0]: Destruction complete after 52s
aws_eip.eip_2[0]: Destroying... [id=eipalloc-0cb9d6211858f3fb0]
aws_eip.eip_2[0]: Destruction complete after 1s
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 1m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m0s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m0s elapsed]
aws_nat_gateway.natgateway_1[0]: Still destroying... [id=nat-02be26a33d89bcc79, 1m0s elapsed]
aws_nat_gateway.natgateway_1[0]: Destruction complete after 1m2s
aws_eip.eip_1[0]: Destroying... [id=eipalloc-03d293570f19b3b54]
aws_eip.eip_1[0]: Destruction complete after 1s
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 1m10s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m10s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 1m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m20s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 1m30s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m30s elapsed]
aws_db_instance.rds_mysql_instance[0]: Still destroying... [id=terraform-20210503165502861400000002, 1m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m40s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m40s elapsed]
aws_db_instance.rds_mysql_instance[0]: Destruction complete after 1m43s
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 1m50s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 1m50s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m0s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m10s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m20s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m30s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m40s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m40s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 2m50s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 2m50s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 3m0s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m0s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 3m10s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m10s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 3m20s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m20s elapsed]
aws_db_instance.rds_mysql_instance[1]: Still destroying... [id=terraform-20210503165502853900000001, 3m30s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m30s elapsed]
aws_db_instance.rds_mysql_instance[1]: Destruction complete after 3m38s
aws_db_subnet_group.rds_subnet_group: Destroying... [id=rds_subnet_group]
aws_security_group.rds_sg: Destroying... [id=sg-02b699909ddcc1c3b]
aws_db_subnet_group.rds_subnet_group: Destruction complete after 0s
aws_subnet.private_subnet_1: Destroying... [id=subnet-06b96e4743d478b4c]
aws_subnet.private_subnet_2: Destroying... [id=subnet-0d463e4c9647ee828]
aws_security_group.rds_sg: Destruction complete after 1s
aws_instance.terraform_ec2[1]: Destroying... [id=i-02b517cee6406aff3]
aws_instance.terraform_ec2[0]: Destroying... [id=i-0edaf42e00a692bf7]
aws_subnet.private_subnet_2: Destruction complete after 1s
aws_subnet.private_subnet_1: Destruction complete after 1s
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m40s elapsed]
aws_instance.terraform_ec2[1]: Still destroying... [id=i-02b517cee6406aff3, 10s elapsed]
aws_instance.terraform_ec2[0]: Still destroying... [id=i-0edaf42e00a692bf7, 10s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 3m50s elapsed]
aws_instance.terraform_ec2[0]: Still destroying... [id=i-0edaf42e00a692bf7, 20s elapsed]
aws_instance.terraform_ec2[1]: Still destroying... [id=i-02b517cee6406aff3, 20s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 4m0s elapsed]
aws_instance.terraform_ec2[1]: Still destroying... [id=i-02b517cee6406aff3, 30s elapsed]
aws_instance.terraform_ec2[0]: Still destroying... [id=i-0edaf42e00a692bf7, 30s elapsed]
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 4m10s elapsed]
aws_instance.terraform_ec2[0]: Still destroying... [id=i-0edaf42e00a692bf7, 40s elapsed]
aws_instance.terraform_ec2[1]: Still destroying... [id=i-02b517cee6406aff3, 40s elapsed]
aws_instance.terraform_ec2[1]: Destruction complete after 41s
aws_internet_gateway.default: Still destroying... [id=igw-016643a339cc29c0b, 4m20s elapsed]
aws_internet_gateway.default: Destruction complete after 4m22s
aws_instance.terraform_ec2[0]: Still destroying... [id=i-0edaf42e00a692bf7, 50s elapsed]
aws_instance.terraform_ec2[0]: Destruction complete after 51s
aws_subnet.public_subnet_1: Destroying... [id=subnet-049ef2037a68b79ef]
aws_security_group.ec2_sg: Destroying... [id=sg-077fb8e2e41085176]
aws_subnet.public_subnet_2: Destroying... [id=subnet-04094ea011aac87bb]
aws_key_pair.ec2_key: Destroying... [id=terraform_vpc_key]
aws_key_pair.ec2_key: Destruction complete after 1s
tls_private_key.public_key: Destroying... [id=e6918d443f51c9d4bf59ee4a6c417aa92035b376]
tls_private_key.public_key: Destruction complete after 0s
aws_security_group.ec2_sg: Destruction complete after 1s
aws_subnet.public_subnet_2: Destruction complete after 1s
aws_subnet.public_subnet_1: Destruction complete after 1s
aws_vpc.terraform_vpc: Destroying... [id=vpc-0f77a2db4b3b3d469]
aws_vpc.terraform_vpc: Destruction complete after 1sDestroy complete! Resources: 28 destroyed.
Now all of our resources are cleared
You can definitely head to AWS Console to cross check. Here I only provide screenshots of VPC, EC2 and RDS pages
VPC page
VPC named terraform_vpc is no more
EC2 page
No running EC2 found in AWS console
RDS page
No running RDS instance found in AWS console
C’est fini!
Terraforming an AWS VPC — 3 Tiers
Here I would also provide terraforming AWS VPC — 3 tiers resources and highlight differences in between the two
Literally, I only added app tier with 2 more sets of private subnets and related resources. And security group was centrally managed using only one security group
Apart from this, we process would be same as terraforming AWS VPC — 2 tiers
terraform init
terraform validate
terraform plan
terraform apply
terraform destroy You also need to log into EC2 instance and install Mysql on the server prior to log into RDS Mysql instance
Here are the resouces for you
vim vpc.tf
vim variables.tf
vim terraform.tfvars
vim outputs.tf
vim terraform.gitignore
For your convenience, you can also git clone from my repo here
Conclusion:
As we can see from our project infrastruce, throughout this project, we dived in 2 tiers and 3 tiers AWS VPC using terraform. Again, please feel free to grab it for reference or learning purpose
My takeaway: As I bulit up this project from scratch, I found out it was really a lengthy process to accomplish. Also you need to have a pretty high level of understanding about AWS to make it. However, building AWS infrastructure using Terraform straight may provide you with flexibility in the future for detailed updates. I, on the other hand, feel like Terraform with IaC of specific cloud provider will be the way to go. Say AWS CloudFormation + Terraform, or AWS CDK. Keep one thing in mind, every option has its pros and cons. So you may need to figure out the best solution for your company to build up IaC for its Cloud platform
