Creating a Secure AWS Virtual Private Cloud with Public and Private Subnets and Launching a Website on EC2 Instance using Terraform.
Steps to create an AWS VPC with public and private subnets, launch an EC2 instance in the public subnet with Apache installed and host a simple website.
- Set up AWS credentials:
Before you can start creating resources on AWS, you need to set up your AWS credentials. You can do this by creating an access key and secret access key in the AWS Management Console and then adding them to your local environment variables.
- Initialize Terraform:
Create a new directory and initialize Terraform in that directory by running the following command in your terminal:
terraform init
This will initialize your Terraform working directory and download the required provider plugins.
- Create a VPC:
In this step, we will create a new VPC with a CIDR block of 10.0.0.0/16
. Add the following code to your main.tf
file:
terraformCopy coderesource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "My VPC"
}
}
This will create a new VPC with the specified CIDR block and a name tag of "My VPC". The aws_vpc.my_vpc.id
attribute will contain the ID of the VPC.
- Create public and private subnets:
In this step, we will create two subnets within our VPC: a public subnet and a private subnet. Add the following code to your main.tf
file:
terraformCopy coderesource "aws_subnet" "public_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24"
availability_zone = "${var.availability_zone}"
tags = {
Name = "Public Subnet"
}
}
resource "aws_subnet" "private_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.2.0/24"
availability_zone = "${var.availability_zone}"
tags = {
Name = "Private Subnet"
}
}
This will create two subnets within our VPC with CIDR blocks of 10.0.1.0/24
and 10.0.2.0/24
, respectively. The aws_subnet.public_subnet.id
and aws_subnet.private_subnet.id
attributes will contain the IDs of the subnets.
- Create an internet gateway:
In this step, we will create an internet gateway and attach it to our VPC. Add the following code to your main.tf
file:
resource "aws_internet_gateway" "my_igw" {
vpc_id = aws_vpc.my_vpc.id
}
This will create an internet gateway and attach it to our VPC. It will also create a new route table for our public subnet and associate it with our public subnet. The aws_internet_gateway.my_igw.id
attribute will contain the ID of the internet gateway.
- Create a route table for the public subnet and associate it with the public subnet
resource "aws_route_table" "public_route_table" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.my_igw.id
}
}
resource "aws_route_table_association" "public_association" {
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.public_route_table.id
}
- Launch an EC2 instance in the public subnet with the following details:
AMI: ami-0557a15b87f6559cf
Instance type: t2.micro
Security group: Allow SSH access from anywhere
User data: Use a shell script to install Apache and host a simple website
To launch an EC2 instance, we will use the aws_instance
resource in Terraform. Add the following code to your main.tf
file:
resource "aws_instance" "my_instance" {
ami = "ami-0557a15b87f6559cf"
instance_type = "t2.micro"
subnet_id = aws_subnet.public_subnet.id
associate_public_ip_address = true
key_name = "your_key_name"
user_data = <<-EOF
#!/bin/bash
yum update -y
yum install -y httpd
service httpd start
chkconfig httpd on
echo "<html><body><h1>Hello World from ${aws_instance.my_instance.private_ip}!</h1></body></html>" > /var/www/html/index.html
EOF
tags = {
Name = "my_instance"
}
- Create an Elastic IP and associate it with the EC2 instance
resource "aws_eip" "my_eip" {
instance = aws_instance.my_instance.id
}
- Output the public IP address of the EC2 instance
output "public_ip" {
value = aws_eip.my_eip.public_ip
}