1. Virtual Private Cloud (VPC)
A VPC is a virtual private network that can be used to logically separate cloud resources. development and production. First, we’ll define the VPC in the “main.tf” file:
Resources: aws_vpc and its required arguments
2. Subnet
Like the VPC, the subnet is used to logically separate cloud resources but inside VPC. Modify the configuration file to add two subnets:
- Public subnet: To deploy the application
- Private subnet: To place the database
In the configuration file, we need to add the resource “aws_subnet” and define the arguments like VPC ID using a reference from the other resource.
3. IGW , NAT, Routetable:
- To make the public subnet addressable by the Internet, we need an Internet Gateway, and a private subnet is inaccessible to the internet hence can be accessed through NAT gateway.
- The route table is used to determine the network traffic from subnet or gateway is directed
Resources: aws_internet_gateway, aws_nat_gateway, aws_route_table.
4. Instance
- Two instances are created, one in a public subnet and the other in a private subnet, and a keypair is we need to create a key pair in order to connect to the instances via SSH.
- We need to give the same keypair to the instances present in the public subnet and private subnet, to get them connected with each other.
- Security group resource is created and attached to the instance to define the incoming and outgoing traffic to the instances.
Resources : aws_instance,aws_keypair,aws_security_group
Sample Terraform code snippet for creating EC2 instance: