Infrastructure as Code with
AWS and Terraform
Infrastructure as Code with AWS and Terraform
Implementing Infrastructure as Code (IaC) using Terraform to build an entire stack of AWS Cloud resources for deploying an application with a Database connected to it.
Terraform is a tool for creating, transforming, and versioning infrastructure safely and effectively. It generates an execution plan with describing what to be done for reaching the desired state and then executes the same to build the mentioned infrastructure. It is a powerful infrastructure as code (IaC) tool that allows you to create, update, and control versioning of cloud infrastructure.
Advantages of Terraform for cloud provisioning
The Selectin of Terraform as a tool for cloud provisioning is decided after taking various aspects into consideration. A few of which to be mentioned are:
The workflow using terraform as a cloud provisioning tool involves various tools and steps. A few of the steps to be worth mentioning are;
A provider is responsible for understanding API interactions and exposing resources. Most providers configure a specific infrastructure platform.
Each resource block describes one or more infrastructure objects, such as virtual networks, compute instances.
Connecting terraform with AWS cloud
Static credentials can be provided by adding an access key and secret_key in-line in the AWS provider block
You can provide your credentials via the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, environment variables, representing your AWS Access Key and AWS Secret Key, respectively.
Shared credentials/configuration file
You can use AWS credentials or configuration file to specify your credentials. The default location is $HOME/.aws/credentials on Linux and macOS, or “%USERPROFILE%\.aws\credentials” on Windows.
Creating Infrastructure on the cloud to deploy application and database behind it
Writing the configuration files mentioning the AWS provider and resources required to build the infrastructure, the following resources are being used:
1. Virtual Private Cloud (VPC)
A VPC is a virtual private network that can be used to logically separate cloud resources. development and production. First, we’ll define the VPC in the “main.tf” file:
Like the VPC, the subnet is used to logically separate cloud resources but inside VPC. Modify the configuration file to add two subnets:
- Public subnet: To deploy the application
- Private subnet: To place the database
In the configuration file, we need to add the resource “aws_subnet” and define the arguments like VPC ID using a reference from the other resource.
3. IGW , NAT, Routetable:
- To make the public subnet addressable by the Internet, we need an Internet Gateway, and a private subnet is inaccessible to the internet hence can be accessed through NAT gateway.
- The route table is used to determine the network traffic from subnet or gateway is directed
Resources: aws_internet_gateway, aws_nat_gateway, aws_route_table.
- Two instances are created, one in a public subnet and the other in a private subnet, and a keypair is we need to create a key pair in order to connect to the instances via SSH.
- We need to give the same keypair to the instances present in the public subnet and private subnet, to get them connected with each other.
- Security group resource is created and attached to the instance to define the incoming and outgoing traffic to the instances.
Resources : aws_instance,aws_keypair,aws_security_group
The first command that we need to use after writing the terraform configuration files is the ‘terraform init’ command it is used to initialize a working directory containing Terraform configuration files. This will download the correct provider plug-ins for the project.
Generate the plan to verify the creation process using the “terraform plan” command
Apply the plan to provision reproducible infrastructure using “terraform apply”
Finally, the whole infrastructure has been provisioned on the AWS cloud using the tool Terraform. Now, Terraform helps with infrastructure as code and automation could be completed in a quick and efficient manner.