Creating a Secure AWS Virtual Private Cloud with Public and Private Subnets and Launching a Website on EC2 Instance using Terraform.

Creating a Secure AWS Virtual Private Cloud with Public and Private Subnets and Launching a Website on EC2 Instance using Terraform.

Steps to create an AWS VPC with public and private subnets, launch an EC2 instance in the public subnet with Apache installed and host a simple website.

  1. Set up AWS credentials:

Before you can start creating resources on AWS, you need to set up your AWS credentials. You can do this by creating an access key and secret access key in the AWS Management Console and then adding them to your local environment variables.

  1. Initialize Terraform:

Create a new directory and initialize Terraform in that directory by running the following command in your terminal:

terraform init

This will initialize your Terraform working directory and download the required provider plugins.

  1. Create a VPC:

In this step, we will create a new VPC with a CIDR block of 10.0.0.0/16. Add the following code to your main.tf file:

terraformCopy coderesource "aws_vpc" "my_vpc" {
  cidr_block = "10.0.0.0/16"
  tags = {
    Name = "My VPC"
  }
}

This will create a new VPC with the specified CIDR block and a name tag of "My VPC". The aws_vpc.my_vpc.id attribute will contain the ID of the VPC.

  1. Create public and private subnets:

In this step, we will create two subnets within our VPC: a public subnet and a private subnet. Add the following code to your main.tf file:

terraformCopy coderesource "aws_subnet" "public_subnet" {
  vpc_id = aws_vpc.my_vpc.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "${var.availability_zone}"
  tags = {
    Name = "Public Subnet"
  }
}

resource "aws_subnet" "private_subnet" {
  vpc_id = aws_vpc.my_vpc.id
  cidr_block = "10.0.2.0/24"
  availability_zone = "${var.availability_zone}"
  tags = {
    Name = "Private Subnet"
  }
}

This will create two subnets within our VPC with CIDR blocks of 10.0.1.0/24 and 10.0.2.0/24, respectively. The aws_subnet.public_subnet.id and aws_subnet.private_subnet.id attributes will contain the IDs of the subnets.

  1. Create an internet gateway:

In this step, we will create an internet gateway and attach it to our VPC. Add the following code to your main.tf file:

resource "aws_internet_gateway" "my_igw" {
  vpc_id = aws_vpc.my_vpc.id
}

This will create an internet gateway and attach it to our VPC. It will also create a new route table for our public subnet and associate it with our public subnet. The aws_internet_gateway.my_igw.id attribute will contain the ID of the internet gateway.

  1. Create a route table for the public subnet and associate it with the public subnet
resource "aws_route_table" "public_route_table" {
  vpc_id = aws_vpc.my_vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.my_igw.id
  }
}

resource "aws_route_table_association" "public_association" {
  subnet_id = aws_subnet.public_subnet.id
  route_table_id = aws_route_table.public_route_table.id
}
  1. Launch an EC2 instance in the public subnet with the following details:
  • AMI: ami-0557a15b87f6559cf

  • Instance type: t2.micro

  • Security group: Allow SSH access from anywhere

  • User data: Use a shell script to install Apache and host a simple website

To launch an EC2 instance, we will use the aws_instance resource in Terraform. Add the following code to your main.tf file:

resource "aws_instance" "my_instance" {
  ami           = "ami-0557a15b87f6559cf"
  instance_type = "t2.micro"
  subnet_id     = aws_subnet.public_subnet.id
  associate_public_ip_address = true
  key_name = "your_key_name"

  user_data = <<-EOF
              #!/bin/bash
              yum update -y
              yum install -y httpd
              service httpd start
              chkconfig httpd on
              echo "<html><body><h1>Hello World from ${aws_instance.my_instance.private_ip}!</h1></body></html>" > /var/www/html/index.html
              EOF

  tags = {
    Name = "my_instance"
  }
  1. Create an Elastic IP and associate it with the EC2 instance
resource "aws_eip" "my_eip" {
  instance = aws_instance.my_instance.id
}
  1. Output the public IP address of the EC2 instance
output "public_ip" {
  value = aws_eip.my_eip.public_ip
}