Provisioning an AWS VPC With Terraform(HA)
During this lab we will learn how to provision a highly available VPC in AWS with multiple subnets in different Availability zones.
Terraform: Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Pre-Requisites to provision VPC with help of Terraform :
- Installing Terraform on ec2 instance and local system
- If Terraform is not installed you can download and install it from here.
- Installation of GitHub is must
*We will be requiring Amazon Access and secret key
**Please ensure your version of Terraform is updated to the current version (0.13) or you may receive Interpolation syntax warnings.
We will provision VPC with help of Terraform
I. Creating AWS VPC with 10.0.0.0/16 CIDR block
II. We will create Multiple subnets (Public/Private)
Public subnets will cover web and app servers = Accessible via Internet
Private subnets will cover Database servers = Not Accessible
Starting the Lab
- Provision Internet Gateway (IGW) and map to AWS VPC.
- Provision both AWS VPC Route Tables (Private /Public )
- Provision VPC NAT Gateway in AWS
- Associating VPC Subnets to routing tables.
Provisioning our AWS VPC
We will provision our VPC with help of a Terraform script provided on Github.
To get the Terraform script, clone repository provided below. It consists of the complete code to provision the VPC.
The repository contains the following files below:
This file will contain the global variables necessary to provision our VPC
Ex: Access keys , secret keys , Region , Availability zones
**Values can change per needed requirement.
Contains the entire code required to provision our highly available(HA) AWS VPC.
This is our configuration file.
The file is the default name for the variable input file. Terraform will get the input values from Tfvars file. We need to add or remove the Amazon API Keys in the tfvars file.
s/n: For this lab I did not place my access key/ secret access key in the file. Instead I leveraged AWS configure to connect my API keys locally.
Building the VPC Infrastructure
- After writing a new Terraform configuration, the first command that should be ran is Terraform init .
2. In order to initiate an execution plan, we need to run Terraform Plan to be shown resources with provisions.
3. Finally, utilizing the apply command will help implement the changes required to reach the desired state of the configuration.
$terraform apply -var-file terraform.tfvars
Don’t forget to destroy your lab when finished!