Terraform AWS VPC example.
This is a tutorial on deploying a web application to AWS infrastructure that is isolated in a VPC.
Imagine that we want to deploy a web application to AWS. Creating an EC2 instance that can host our application in AWS is pretty straightforward.
However, what happens when we want to deploy our application in a separate Virtual Private Cloud (VPC), load balance it across several servers, and secure it with SSL? Suddenly our infrastructure becomes more complicated and we consider tools such as Terraform to manage it.
Creating an EC2 instance with Terraform can be as simple as specifying the Amazon Machine Image (AMI) and instance type in the following configuration file, but you might be wondering how to extend it after this?
provider "aws" {
region = "eu-west-1"
}
resource "aws_instance" "example" {
ami = "ami-e487179d"
instance_type = "t2.micro"
}What are we going to achieve?
This lab is split into several parts. Over the course of it you are going to build up the configuration to deploy a web application in infrastructure that will be:
- Isolated in a VPC
- Load balanced
- Auto scaled
- Secured by SSL
- DNS routed with Route53
- Restricted to traffic from a list of allowed IP addresses
- Accessible by SSH
There is a code repository accompanying this lab. Each part will contain a link to the code that has been achieved so far at that point. If you can't wait to complete the lab then the full solution can be found here in GitHub.
Prerequisites
This lab will assume that you already have some familiarity with AWS and Terraform.
We will demo routing internet requests from a domain name to our application so we also assume that you have a domain name that you can test with. You will need to use Amazon's Domain Name Service, Route 53, or be willing to migrate to it.
We will talk through this and other dependencies in the first part of this lab - Terraform AWS VPC Tutorial 1 - Getting Set Up.
A note about costs
Please note that this lab will deploy resources to your AWS account that may be chargeable. Many of the resources that we create are eligible for the AWS Free Tier. Charges should be minimal if you destroy the infrastructure soon after completing the demo. I'm afraid we can't be held responsible for charges that you incur.