Introduction
In today’s cloud-centric world, Infrastructure as Code (IaC) has become a vital component of the modern DevOps toolkit. One of the most popular IaC tools is Terraform, developed by HashiCorp. With its declarative approach and support for numerous providers, Terraform empowers developers and operations teams to automate the provisioning and management of infrastructure resources seamlessly.
In this blog post, we’ll dive into the practical side of Terraform by setting up a Virtual Private Cloud (VPC) in AWS. A VPC is a crucial foundational block in AWS, providing an isolated network environment to host your resources. By the end of this guide, you’ll have a VPC with a CIDR block of 10.0.0.0/24, further subdivided into two /28 subnets. This not only demonstrates the power of Terraform but also the ease with which you can manage complex cloud configurations.
Whether you’re new to Terraform or looking for a refresher on creating VPCs, this post will serve as a step-by-step guide to help you achieve your infrastructure goals. So, let’s get started! 🚀
Requirements
Before you begin, ensure you have the following requirements:
- Terraform Installed: You can download and install Terraform from Terraform’s official website.
- AWS CLI Installed and Configured: This guide assumes you have the AWS CLI installed and you have set it up with the necessary access rights.
- Knowledge of AWS: Familiarity with AWS services, especially VPC, will be helpful.
Terraform Configuration for AWS VPC Setup
This Terraform configuration is designed to provision a Virtual Private Cloud (VPC) within AWS, alongside two associated subnets. The setup ensures that the created subnets have access to the internet via an Internet Gateway.
Resources Created
- VPC (
cloudtutorial_vpc): A VPC provides an isolated virtual network within the AWS cloud, where you can launch AWS resources in a defined virtual network.- Name:
cloudtutorial-vpc - CIDR Block: Defined by the
vpc_cidrvariable.
- Name:
- Subnets (
cloudtutorial_subnet_1andcloudtutorial_subnet_2): These are sub-networks within the VPC that can have their own CIDR blocks and related settings. Instances within these subnets will be able to access the internet.- Names:
cloudtutorial-subnet-1andcloudtutorial-subnet-2 - CIDR Blocks: Calculated based on the main
vpc_cidr.
- Names:
- Internet Gateway (
cloudtutorial_igw): This provides a way for instances within the VPC to access the internet. It’s attached to our VPC. - Route Table (
cloudtutorial_rt): Defines routes for directing traffic within the VPC, including a route to the Internet Gateway for external traffic.
Variables
vpc_cidr: This variable determines the CIDR block for the VPC. The CIDR block is a concise way to represent IP addresses and their associated routing prefix.- Description: CIDR block for the VPC.
- Default Value:
10.0.0.0/24
It’s essential to ensure that the CIDR block specified does not overlap with other networks you might be connected to, as this could lead to routing conflicts.
vpc.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
resource "aws_vpc" "cloudtutorial_vpc" {
cidr_block = var.vpc_cidr
tags = {
Name = "cloudtutorial-vpc"
}
}
resource "aws_subnet" "cloudtutorial_subnet_1" {
vpc_id = aws_vpc.cloudtutorial_vpc.id
cidr_block = cidrsubnet(var.vpc_cidr, 4, 0)
map_public_ip_on_launch = true
tags = {
Name = "cloudtutorial-subnet-1"
}
}
resource "aws_subnet" "cloudtutorial_subnet_2" {
vpc_id = aws_vpc.cloudtutorial_vpc.id
cidr_block = cidrsubnet(var.vpc_cidr, 4, 1)
map_public_ip_on_launch = true
tags = {
Name = "cloudtutorial-subnet-2"
}
}
resource "aws_internet_gateway" "cloudtutorial_igw" {
vpc_id = aws_vpc.cloudtutorial_vpc.id
tags = {
Name = "cloudtutorial-igw"
}
}
resource "aws_route_table" "cloudtutorial_rt" {
vpc_id = aws_vpc.cloudtutorial_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.cloudtutorial_igw.id
}
tags = {
Name = "cloudtutorial-rt"
}
}
resource "aws_route_table_association" "cloudtutorial_subnet_1_association" {
subnet_id = aws_subnet.cloudtutorial_subnet_1.id
route_table_id = aws_route_table.cloudtutorial_rt.id
}
resource "aws_route_table_association" "cloudtutorial_subnet_2_association" {
subnet_id = aws_subnet.cloudtutorial_subnet_2.id
route_table_id = aws_route_table.cloudtutorial_rt.id
}
variables.tf
1
2
3
4
variable "vpc_cidr" {
description = "CIDR block for the VPC"
default = "10.0.0.0/24"
}
How to Run Terraform
Initialize Terraform.
- Before you can apply any Terraform configurations, you need to initialize your working directory. This step sets up the necessary prerequisites, such as downloading the required provider plugins.
1
terraform init
Plan Terraform
- Before making any changes to your infrastructure, it’s essential to see what Terraform intends to do. This step will show you a summary of the changes that will be made.
1
terraform plan
Apply Terraform
After reviewing the plan, if everything looks good, you can apply the changes. This step will make modifications to your infrastructure based on your .tf configurations.
You’ll be prompted to confirm that you want to make the changes. Type
yesat the prompt to proceed.
1
terraform apply
Destroy Resources (if needed)
If you need to tear down or delete the resources you’ve created (e.g., to prevent ongoing costs for cloud resources), you can use the
destroycommand.Again, you’ll be prompted to confirm. Type
yesat the prompt to proceed with the destruction of the resources.Always be cautious when using the
destroycommand, as it will permanently delete the specified resources.
1
terraform destroy
Remember to always monitor your AWS resources to avoid incurring unwanted costs.