The Terraws project automates the deployment of a scalable and secure AWS infrastructure. It is designed to demonstrate key AWS services and features, including EC2, VPC, S3, and Load Balancers. The infrastructure is organized into reusable modules, making it easier to maintain and extend.
-
VPC Setup π
- Creates a custom VPC to isolate resources securely.
- Two public subnets are created within this VPC to host EC2 instances. Each instance has internet access via a public route table and internet gateway.
- Enables flexibility for adding more resources in the future, such as private subnets or NAT gateways.
-
EC2 Instances π₯οΈ
- Two EC2 instances, each deployed in separate public subnets for high availability.
- EC2 instances are pre-configured to connect to the internet and access other AWS services like S3 (future integration via IAM Roles planned).
- Easy scaling to accommodate more EC2 instances as needed.
-
S3 Bucket for Storage π¦
- An S3 bucket is created to serve as a scalable storage solution.
- Future plans include setting up fine-grained IAM roles to allow EC2 instances to interact securely with the S3 bucket.
- Can be used for storing logs, backups, or any other project files that need to be accessed from the EC2 instances.
-
Load Balancer π§
- A highly available Application Load Balancer (ALB) distributes traffic across the EC2 instances.
- The load balancer ensures that traffic is evenly distributed, and it automatically adjusts as more instances are added.
- With health checks enabled, the load balancer ensures that traffic only goes to healthy EC2 instances.
-
State Management ποΈ
- Terraform state is stored in a remote S3 bucket for centralized and persistent state management. This ensures that all team members work with the same state file.
- A DynamoDB table is used to enable state locking, preventing race conditions when multiple users attempt to run Terraform commands concurrently.
Here's a quick look at the AWS architecture deployed by this Terraform project:
- VPC with two public subnets, each hosting an EC2 instance.
- Application Load Balancer to distribute traffic across EC2 instances.
- S3 Bucket for storage, accessible by EC2 instances.
- Terraform state stored in S3, with locking in DynamoDB to ensure safe, concurrent operations.
Make sure you have Terraform installed on your machine. You can download it from the official site:
# For macOS (via brew)
brew install terraform
# For Linux (via apt)
sudo apt-get install terraform
# For Windows
choco install terraformCheck the installation:
terraform --versionTerraform interacts with AWS using your AWS credentials. Set up the AWS CLI and configure your access keys.
# Install AWS CLI
brew install awscli # For macOS
sudo apt install awscli # For Linux
# Configure the AWS CLI
aws configureYou'll be prompted to enter your:
- AWS Access Key ID
- AWS Secret Access Key
- Default region name (e.g.,
us-east-1) - Default output format (e.g.,
json)
git clone https://github.com/yourusername/terraws.git
cd terrawsThe project is modularized to maintain a clean and reusable structure:
/terraws
β
βββ /modules
β βββ /vpc
β βββ /ec2
β βββ /loadbalancer
β βββ /s3
β
βββ /assets
β βββ ec2_01.png
β βββ ec2_02.png
|
βββ /scripts
β βββ startup_script_ec2_01.sh
β βββ startup_script_ec2_02.sh
|
βββ main.tf # Main entry point for Terraform
βββ variables.tf # Variables definition
βββ outputs.tf # Outputs definition
βββ terraform.tfstate # State file stored remotely
βββ backend.tf # file about remote state and locker
Before you start, ensure the state is stored securely by configuring S3 and DynamoDB. This project already includes the backend configuration in main.tf:
terraform {
backend "s3" {
bucket = "your-s3-bucket-name"
key = "path/to/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-lock-table"
}
}Run the following to initialize the Terraform environment and download the necessary providers:
terraform initIf using a config file for the backend then use below command
terraform init -backend-config=backend.confTo check what changes will be applied without actually making any changes:
terraform planTo provision your AWS infrastructure:
terraform applyYouβll be prompted to type yes to confirm and apply the changes.
Once the infrastructure is set up, you'll get outputs like:
- EC2 instance public IPs π
- Load Balancer DNS name π§
- VPC ID π
When you're done and want to clean up, run:
terraform destroyThis will remove all the resources created by Terraform.
- Configures a custom VPC with two public subnets.
- Attaches an Internet Gateway for outgoing traffic to the internet.
- Routes internet-bound traffic through a public route table.
- Launches EC2 instances in each of the public subnets.
- Includes key-pair setup for SSH access to the instances.
- Configures security groups to allow SSH (port 22) and HTTP (port 80) traffic.
- Deploys an Application Load Balancer to distribute traffic across EC2 instances.
- Configures listeners and target groups for the EC2 instances.
- Includes health checks to ensure the load balancer only sends traffic to healthy instances.
- Creates an S3 bucket for storage needs (e.g., logs, backups, etc.).
- Planned IAM roles to securely manage access to the S3 bucket from EC2 instances.
- IAM Roles: Adding fine-grained access control to S3 for EC2 instances.
- Auto Scaling: Configuring auto-scaling for EC2 instances behind the load balancer.
- Monitoring & Logging: Set up AWS CloudWatch for monitoring and alarms.
- Database Integration: Plan to include an RDS instance or DynamoDB for data storage.