Create your Vpc via Terraform

In this article, I will be referencing my previous article about creating a vpc from scratch. Click here to help understand the steps I will be walking you through. Terraform has the ability to make your Infrastructure Deployment effecient and easy. First what is terraform? You can find all you need to know about terraform here .

Let’s get started!!
Now that we have built our vpc manually via was console, Now lets look at automating the whole process through code.

Prerequisites

Terraform installed

Aws account

IDE of your choice

GitHub account

Step 1

Using visual studio code as the editor of my choice, I installed hashicorp extension in order to properly format my code to use the terraform resources easily.

You would want to go to your .aws/credentials PATH to put in your aws access/secret keys as shown below.

[sam-user]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXX

First and foremost, securing your aws access keys and secret keys are highly important, as you would be using that to connect to terraform.

The first file we will create is Provider.tf file, this is where we configure our aws provider to reference our aws access/secret key to connect to terraform. click here to view documentations.

fig 1.0

Step 2

Create Vpc

Checkout the terraform documentation on vpc resources : click here

fig 1.1

In the above code, we created a main.tf file to build our infrastructure resources. Using the terraform documentation, the resource name “sample_vpc” was built. We then picked our CIDR to use. Please click here to know more about cidr range.

Step 3

Let's create our subnets:

We are going to create both private and public subnet to connect to the vpc. Documentation reference here

fig 1.2

step 4

Create an Internet Gateway

This is a gateway to help communicate with your vpc. The code below shows the vpc_id being attached to the sample_igw .

fig 1.3

step 5

Create a Route table

Here, we are connecting our route table to the vpc which created, and we are connecting it to the internet gateway. Also the code below shows the association of the route table to the public subnet which we created previously. Please see documentation here

fig 1.4

step 6

Create a Security Group

This helps to connect to the ec2 instance. If you notice in the code, there is an “ingress” & “egress” rule. The ingress allows traffic in, lets look at it as the inbound rule while egress allows the exit of traffic, i.e outbound rule.

The from port: to port: indicates the entry and exit of all traffic as it’s indicated to 0. Also, we have a “-1” protocol, which means all protocols tcp, udp…etc are allowed. The cidr_blocks can be a list of ip address. In the code, I added my personal ip.

Please Keep in mind that we don’t need a tag here because the security group already has a name attribute

fig 1.5

step 7

Create your key pair and ec2 instance

The process of creating your key pair is very important, as you would use that key to connect to your ec2 instance. Below code does not expose my key, because I used a terraform file function. See here for more Information.

fig 1.6

Also, you will noticed the “userdata.tpl” file below. That file has all my configuration script in other to bootstrap my instance

fig 1.7

In your terminal, do;

ssh-keygen -t ed25519

fig 1.8

This will generate a public and private keypair as shown above. Then from the file path, replace id_ed25519 with the keypair name> in my case it’s samplekey.

why ed25519? check here, alternatively, you can also checkout Risan Bagja’s article here .

note: You can do this directly by using terraform code from the docs here, or. you can just simply do it through the terminal.

Below diagram shows the list of keys I have in that directory, we are only focusing on the newly created keys “samplekey & samplekey.pub”. I used a linux command which helps identify the permissions of those files in that directory.

fig 1.9

do ;

chmod 400 samplekey

This will change the permission of your private key to read only.

Now deploy your infrastructure to aws from terraform:

# aws_vpc.sample_vpc will be created
  + resource "aws_vpc" "sample_vpc" {
      + arn                                  = (known after apply)
      + cidr_block                           = "10.111.0.0/16"
      + default_network_acl_id               = (known after apply)
      + default_route_table_id               = (known after apply)
      + default_security_group_id            = (known after apply)
      + dhcp_options_id                      = (known after apply)
      + enable_classiclink                   = (known after apply)
      + enable_classiclink_dns_support       = (known after apply)
      + enable_dns_hostnames                 = true
      + enable_dns_support                   = true
      + id                                   = (known after apply)
      + instance_tenancy                     = "default"
      + ipv6_association_id                  = (known after apply)
      + ipv6_cidr_block                      = (known after apply)
      + ipv6_cidr_block_network_border_group = (known after apply)
      + main_route_table_id                  = (known after apply)
      + owner_id                             = (known after apply)
      + tags                                 = {
          + "Name" = "sam-user-vpc"
        }
      + tags_all                             = {
          + "Name" = "sam-user-vpc"
        }
    }
Plan: 9 to add, 0 to change, 0 to destroy.

Go to the console and see your instance running.

To connect to your ec2 instance, you can follow the steps on aws console by clicking on “connect” this will take you to this page.

In further article, I will show you how to use variables, modules and other terraform attributes to make automation effective and efficient.

Happy terra!!

See my github for raw code . Thanks