Virtual Private Cloud Architecture on AWS using Terraform
๐ Overview:
The VPC Architecture project on AWS using Terraform aims to create a scalable and resilient infrastructure that leverages the power of Amazon Web Services (AWS) cloud platform. This project utilizes Terraform, an Infrastructure as Code (IaC) tool, to provision and manage the infrastructure components, enabling automation, repeatability, and scalability. The primary objective of this project is to design and deploy a virtual Private Cloud or Networking architecture on AWS that consists of multiple components, including basement, networking, traffic flow. All components will be deployed across two Availability Zones (AZs) for high availability and fault tolerance.
๐ง Problem Statement
Terraform is an IaC software tool that provides a consistent command line interface (CLI) workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files. In this specific case you need to create foundation Networking(VPC, Subnets, route table, IGW, NAT Gateway...), Terraform will automatically use the configuration files to provide the infrastructure resources where we can run application needed. Terraform will use his deployment to provide all AWS needed elements avoiding us to use the console and it will automate the setup, ensuring consistency and reducing human error.
๐ฝ Techonology Stack
The architecture consists of the following three tiers:
VPC: AWS VPC
Subnets: AWS Subnets
Route table: AWS route table
NACL: AWS NACL
Internet Gateway: AWS IGW
๐ Architecture Diagram
๐ Project Requirements
Before you get started, make sure you have the following prerequisites in place:
Terraform installed on your local machine.
AWS IAM credentials configured in your text editor. In this case we will use VSCODE.
Git installed on your local machine and Github account set up Github
Git for cloning the repository.
You must also know Terraform workflow
๐ Table of Contents
I - Terraform Configuration files
Step 1: Provider Configuration
Step 2: Variables Configuration
II - Instructions of Deployment
โจTerraform Configuration files
You need to write different files generating resources
Step 1: Provider Configuration
Here we declare our cloud provider and we specify the region where we will be launching resources
Step 2: Variables Configuration
This is where we declare all variables and their value. It includes
Variables: List of element that can vary or change. They can be reuse values throughout our code without repeating ourselves and help make the code dynamic
values: values attributed to each variables.
We have
Step 3: VPC Configuration
This is where you create the basement, foundation and networking where all the resources will be launch. It includes VPC, Subnets, IGW, NatGateway, EIP and Route tables
We have here
VPC: Virtual Private Cloud the main and private environment where all resources will be launch
Subnets: is a segmented portion of a virtual private cloud (VPC) that allows you to partition your network resources. Subnets are used to organize and manage your cloud resources more effectively by providing isolation and control over network traffic.
Internet Gateway: it plays a crucial role in enabling internet connectivity for resources within a VPC, allowing instances to access services, applications, and data hosted on the public internet while providing scalability, redundancy, and security features.
Route Tables: is a fundamental networking component that controls the routing of network traffic within a Virtual Private Cloud (VPC). Route tables define the rules for directing traffic from one subnet to another or to external networks, such as the internet or on-premises networks.
NCAL: Network Access Control Lists (NACLs) are a security layer in AWS that act as a firewall for controlling traffic in and out of one or more subnets within a Virtual Private Cloud (VPC).
Security Groups: a security group acts as a virtual firewall for controlling inbound and outbound traffic to AWS resources, such as EC2 instances, RDS databases, and other services within a Virtual Private Cloud (VPC). Security groups allow you to define rules that specify the type of traffic allowed or denied based on protocols, ports, and IP addresses.
Step 4: Output Configuration
Know as Output Value : it is a convenient way to get useful information about your infrastructure printed on the CLI. It is showing the ARN, name or ID of a resource. In this case we are bringing out the DNS name of the web application Load balancer.
๐ผ Instructions of Deployment
Follow these steps to deploy the architecture:
Step 5: Clone Repository:
Clone the repository in your local machine using the command "git clone"
Step 6: Initialize Folder
Initialize the folder containing configuration files that were clone to Terraform and apply the configuration by typing the following command
terraform init
You must see this image
Step 7: Format Files
Apply any changes on files and Review the changes and confirm the good format with command:
terraform fmt
Step 8: Validate Files
Ensure that every files are syntactically valid and ready to go with the command:
terraform validate
If everything is good you will have something like this
Step 9: Plan
Create an execution plan to provide the achievement of the desired state. It Check and confirm the numbers of resources that will be create. Use command:
terraform plan
The list of all resources in stage of creation will appear and you can see all properties(arguments and attributs) of each resources
Step 10: Apply
Bring all desired state resources on life. It Launch and create all resources listed in the configuration files. The command to perform the task is:
terraform apply -auto-approve
Now, the creation will start and you will be able to see which resources is on the way to be create and the time it taking to create.
At the end you will receive a prompt message showing all resources status: created, changed and the numbers of them.
Here are the outputs :
Step 11: Review of resources
Go back on the console and check all actual state resources one by one to see. You will have
- VPC
-
Subnets
IGW
Route Tables
NCAL
Step 12: Destroy
Destroy the terraform managed infrastructure meaning all resources created will be shut down. This action can be done with the command "terraform destroy"
terraform destroy -auto-approve
At the end you will receive a prompt message showing all resources has been destroyed
๐ค Contributing
Your perspective is valuable! Whether you see potential for improvement or appreciate what's already here, your contributions are welcomed and appreciated. Thank you for considering joining us in making this project even better. Feel free to follow me for updates on this project and others, and to explore opportunities for collaboration. Together, we can create something amazing!
๐ License
This project is licensed under the JoebahoCloud License