Day 66 - Terraform Hands-on Project - Build Your Own AWS Infrastructure with Ease using Infrastructure as Code (IaC) Techniques(Interview Questions) ☁
Table of contents
- Task:
- Create a VPC (Virtual Private Cloud) with CIDR block 10.0.0.0/16
- Create a public subnet with CIDR block 10.0.1.0/24 in the above VPC.
- Create a private subnet with CIDR block 10.0.2.0/24 in the above VPC.
- Create an Internet Gateway (IGW) and attach it to the VPC.
- Create a route table for the public subnet and associate it with the public subnet. This route table should have a route to the Internet Gateway.
- Launch an EC2 instance in the public subnet with the following details:
- Create an Elastic IP and associate it with the EC2 instance.
- Create a keypair
- Open the website URL in a browser to verify that the website is hosted successfully.
Welcome back to your Terraform journey.
In the previous tasks, you have learned about the basics of Terraform, its configuration file, and creating an EC2 instance using Terraform. Today, we will explore more about Terraform and create multiple resources.
Task:
Set the version of the terraform using
terraform.tffile and start your task.
Create a VPC (Virtual Private Cloud) with CIDR block 10.0.0.0/16
Create a file called
aws-vpc.tfSet the
cidr_blockattribute to "10.0.0.0/16" to specify the IP address range for the VPC.
resource "aws_vpc" "day66_vpc" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "day66_vpc"
}
}
Create a public subnet with CIDR block 10.0.1.0/24 in the above VPC.
Create a file called
aws-public-subnet.tfSet the
vpc_idattribute to the ID of the VPC created in the previous step.Set the
cidr_blockattribute to "10.0.1.0/24" to specify the IP address range for the subnet.
resource "aws_subnet" "day66_public_subnet" {
vpc_id = aws_vpc.day66_vpc.id
cidr_block = "10.0.1.0/24"
tags = {
Name = "day66_public_subnet"
}
}
Create a private subnet with CIDR block 10.0.2.0/24 in the above VPC.
Create a file called
aws-private-subnet.tfSet the
vpc_idattribute to the ID of the VPC.Set the
cidr_blockattribute to "10.0.2.0/24" for the subnet IP address range.
resource "aws_subnet" "day66_private_subnet" {
vpc_id = aws_vpc.day66_vpc.id
cidr_block = "10.0.2.0/24"
tags = {
Name = "day66_private_subnet"
}
}
Create an Internet Gateway (IGW) and attach it to the VPC.
Create a file called
aws-internet-gateway.tfAttach the Internet Gateway to the VPC by setting the
vpc_idattribute.
resource "aws_internet_gateway" "day66_igw" {
vpc_id = aws_vpc.day66_vpc.id
tags = {
Name = "day66_igw"
}
}
resource "aws_route_table" "day66_route-table" {
vpc_id = aws_vpc.day66_vpc.id
// If the route already exists, ignore changes to it
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.day66_igw.id
}
lifecycle {
ignore_changes = [
route,
]
}
tags = {
Name = "day66_routetable"
}
}
Create a route table for the public subnet and associate it with the public subnet. This route table should have a route to the Internet Gateway.
Create file called
aws-route-table.tfAssociate the route table with the public subnet by setting the
vpc_idattribute.Add a route to the Internet Gateway using the
aws_routeresource block.
resource "aws_route_table" "day66_routetable" {
vpc_id = aws_vpc.day66_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.day66_igw.id
}
tags = {
Name = "day66_routetable"
}
}
resource "aws_route_table_association" "public_subnet_association" {
subnet_id = aws_subnet.day66_public_subnet.id
route_table_id = aws_route_table.day66_routetable.id
}
resource "aws_route_table_association" "private_subnet_association" {
subnet_id = aws_subnet.day66_private_subnet.id
route_table_id = aws_route_table.day66_routetable.id
}
Launch an EC2 instance in the public subnet with the following details:
Create a file called
aws-instance.tfSet the
amiattribute to "ami-04b70fa74e45c3917" for the Amazon Machine Image (AMI).Create a new
key pairSet the
instance_typeattribute to "t2.micro" for the instance type.Specify a security group that allows SSH access from anywhere.
Use the
user_dataattribute to provide a shell script that installs Apache and hosts a simple website.
resource "aws_security_group" "day66_sg" {
name_prefix = "day66_sg"
vpc_id = aws_vpc.day66_vpc.id
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
}
resource "aws_instance" "day66_ec2instance" {
ami = "ami-04b70fa74e45c3917"
instance_type = "t2.micro"
key_name = "day66-key"
subnet_id = aws_subnet.day66_public_subnet.id
security_groups = [
aws_security_group.day66_sg.id
]
user_data = <<-EOF
#!/bin/bash
sudo apt update
sudo apt install -y apache2
sudo systemctl start apache2
sudo systemctl enable apache2
echo "<html><body><h1>Welcome to DevOpsParthu community!!</h1></body></html>" > /var/www/html/index.html
sudo systemctl restart apache2
EOF
tags = {
Name = "day66_ec2instance"
}
}
Create an Elastic IP and associate it with the EC2 instance.
Create a file called
aws-elastic-ip.tfAssociate the Elastic IP with the EC2 instance by setting the
instanceattribute to the ID of the instance.
resource "aws_eip" "day66_eip" {
instance = aws_instance.day66_ec2instance.id
}
Create a keypair
- Create a file called
keypair.tf
resource "aws_key_pair" "day66-key" {
key_name = "day66-key"
public_key = file("/home/ubuntu/.ssh/day66-key.pub")
}
Open the website URL in a browser to verify that the website is hosted successfully.
terraform init
terraform apply
By following these steps, you will build your AWS infrastructure using Terraform. Remember to clean up your resources after completing the project to avoid unnecessary costs.
Congratulations on completing Day 66 of the #90DaysOfDevOps Challenge. Stay tuned for Day 67, where we'll explore AWS S3 Bucket Creation and Management with Terraform.
Happy Learning
Thanks For Reading! :)
-SriParthu💝💥