Creating AWS Subnets, Internet Gateway, and Route Tables with Terraform

Creating AWS Subnets, Internet Gateway, and Route Tables with Terraform

Introduction

In modern cloud infrastructure management, automating the provisioning of networking components such as subnets, internet gateways, and route tables is essential for scalability, reliability, and security. Terraform, a popular Infrastructure as Code (IaC) tool, allows for the declarative definition and management of infrastructure resources across various cloud providers, including Amazon Web Services (AWS).

In this tutorial, we'll walk through the process of using Terraform to create a Virtual Private Cloud (VPC) with both public and private subnets, an internet gateway for external connectivity, and appropriate route tables to control traffic flow within the VPC.

Prerequisites

Before getting started, ensure you have the following:

  1. An AWS account with appropriate permissions to create VPC resources.

  2. Terraform installed on your local machine. You can download it from the official website.

Step 1: Set Up Terraform Configuration

Create a file named main.tf and define the AWS provider configuration:

# Define AWS provider
provider "aws" { 
region = "ap-northeast-1"
}

Step 2: Create the VPC

Define the VPC resource with a specific CIDR block, DNS support, and hostnames enabled:

# Create VPC
resource "aws_vpc" "my_vpc" {
  cidr_block = "10.0.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
  tags = {
    Name = "MyVPC"
  }
}

Step 3: Create the Internet Gateway

Define the Internet Gateway resource and attach it to the created VPC:

# Create Internet Gateway
resource "aws_internet_gateway" "my_igw" {
  vpc_id = aws_vpc.my_vpc.id
  tags = {
    Name = "MyIGW"
  }
}

Step 4: Create Public and Private Subnets

Define the public and private subnets within the VPC:

# Create Public Subnet
resource "aws_subnet" "public_subnet" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.1.0/24" # Adjust CIDR block as needed
  map_public_ip_on_launch = true
  availability_zone = "ap-northeast-1a" # Adjust AZ as needed
  tags = {
    Name = "PublicSubnet"
  }
}

# Create Private Subnet
resource "aws_subnet" "private_subnet" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.2.0/24" # Adjust CIDR block as needed
  map_public_ip_on_launch = false
  availability_zone = "ap-northeast-1c" # Adjust AZ as needed
  tags = {
    Name = "PrivateSubnet"
  }
}

Step 5: Create Route Tables

Define the route tables for public and private subnets and specify the routes:

# Create Route Tables
resource "aws_route_table" "public_route_table" {
  vpc_id = aws_vpc.my_vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.my_igw.id # Replace with your Internet Gateway ID
  }
}

resource "aws_route_table" "private_route_table" {
  vpc_id = aws_vpc.my_vpc.id

  # Define routes for private subnet if needed
}

Step 6: Associate Route Tables with Subnets

Associate the route tables with the respective subnets:

# Configure Route Tables Association
resource "aws_route_table_association" "public_association" {
  subnet_id      = aws_subnet.public_subnet.id
  route_table_id = aws_route_table.public_route_table.id
}

resource "aws_route_table_association" "private_association" {
  subnet_id      = aws_subnet.private_subnet.id
  route_table_id = aws_route_table.private_route_table.id
}

Step 7: Output Subnet IDs

Define outputs to display the IDs of the created subnets:

# Output Subnet IDs
output "public_subnet_id" {
  value = aws_subnet.public_subnet.id
}

output "private_subnet_id" {
  value = aws_subnet.private_subnet.id
}

So, Final main.tf will be:

provider "aws" { 
region = "ap-northeast-1"
}

# Create VPC
resource "aws_vpc" "my_vpc" {
  cidr_block = "10.0.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
  tags = {
    Name = "MyVPC"
  }
}

# Create Internet Gateway
resource "aws_internet_gateway" "my_igw" {
  vpc_id = aws_vpc.my_vpc.id
  tags = {
    Name = "MyIGW"
  }
}

# Create Public Subnet
resource "aws_subnet" "public_subnet" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.1.0/24" # Adjust CIDR block as needed
  map_public_ip_on_launch = true
  availability_zone = "ap-northeast-1a" # Adjust AZ as needed
  tags = {
    Name = "PublicSubnet"
  }
}

# Create Private Subnet
resource "aws_subnet" "private_subnet" {
  vpc_id     = aws_vpc.my_vpc.id
  cidr_block = "10.0.2.0/24" # Adjust CIDR block as needed
  map_public_ip_on_launch = false
  availability_zone = "ap-northeast-1c" # Adjust AZ as needed
  tags = {
    Name = "PrivateSubnet"
  }
}

# Create Route Tables
resource "aws_route_table" "public_route_table" {
  vpc_id = aws_vpc.my_vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.my_igw.id # Replace with your Internet Gateway ID
  }
}

resource "aws_route_table" "private_route_table" {
  vpc_id = aws_vpc.my_vpc.id

  # Define routes for private subnet if needed
}

# Configure Route Tables Association
resource "aws_route_table_association" "public_association" {
  subnet_id      = aws_subnet.public_subnet.id
  route_table_id = aws_route_table.public_route_table.id
}

resource "aws_route_table_association" "private_association" {
  subnet_id      = aws_subnet.private_subnet.id
  route_table_id = aws_route_table.private_route_table.id
}

# Output Subnet IDs
output "public_subnet_id" {
  value = aws_subnet.public_subnet.id
}

output "private_subnet_id" {
  value = aws_subnet.private_subnet.id
}

Step 8: Execute Terraform Commands

Initialize Terraform in the directory containing your configuration file:

terraform init

Preview the changes Terraform will make:

terraform plan

After running the above command:

Apply the configuration to create the infrastructure:

terraform apply

After running the above command:

Step 9: View Resources in the AWS Console

You can view the provisioned resources in the AWS Management Console:

  1. VPC: Navigate to the VPC dashboard and locate the VPC named "MyVPC".

  2. Subnets: In the VPC dashboard, view the subnets section to see the public and private subnets named "PublicSubnet" and "PrivateSubnet" respectively.

  3. Internet Gateway: Check the internet gateway section in the VPC dashboard to find the internet gateway named "MyIGW".

  4. Route Tables: Visit the route tables section in the VPC dashboard to see the route tables associated with the VPC.

Step 10: Destroy all Resources

When you no longer need these resources, you can destroy them using Terraform to clean up resources and avoid unnecessary charges.

Run the following command in the terminal:

terraform destroy

Terraform will prompt you to confirm the destruction of resources. Type yes and press Enter to proceed.

Conclusion

In this tutorial, we've demonstrated how to use Terraform to provision AWS networking resources, including VPC, subnets, internet gateway, and route tables. By managing infrastructure as code, you can easily replicate, modify, and version-control your cloud infrastructure, leading to more efficient and reliable deployments.

Experiment with different configurations to meet your specific requirements and explore additional Terraform features to further automate and manage your AWS infrastructure.