Table of contents
- Introduction
- Prerequisites
- Step 1: Set Up Terraform Configuration
- Step 2: Create the VPC
- Step 3: Create the Internet Gateway
- Step 4: Create Public and Private Subnets
- Step 5: Create Route Tables
- Step 6: Associate Route Tables with Subnets
- Step 7: Output Subnet IDs
- Step 8: Execute Terraform Commands
- Step 9: View Resources in the AWS Console
- Step 10: Destroy all Resources
- Conclusion ⭐
Introduction
In modern cloud infrastructure management, automating the provisioning of networking components such as subnets, internet gateways, and route tables is essential for scalability, reliability, and security. Terraform, a popular Infrastructure as Code (IaC) tool, allows for the declarative definition and management of infrastructure resources across various cloud providers, including Amazon Web Services (AWS).
In this tutorial, we'll walk through the process of using Terraform to create a Virtual Private Cloud (VPC) with both public and private subnets, an internet gateway for external connectivity, and appropriate route tables to control traffic flow within the VPC.
Prerequisites
Before getting started, ensure you have the following:
An AWS account with appropriate permissions to create VPC resources.
Terraform installed on your local machine. You can download it from the official website.
Step 1: Set Up Terraform Configuration
Create a file named main.tf
and define the AWS provider configuration:
# Define AWS provider
provider "aws" {
region = "ap-northeast-1"
}
Step 2: Create the VPC
Define the VPC resource with a specific CIDR block, DNS support, and hostnames enabled:
# Create VPC
resource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "MyVPC"
}
}
Step 3: Create the Internet Gateway
Define the Internet Gateway resource and attach it to the created VPC:
# Create Internet Gateway
resource "aws_internet_gateway" "my_igw" {
vpc_id = aws_vpc.my_vpc.id
tags = {
Name = "MyIGW"
}
}
Step 4: Create Public and Private Subnets
Define the public and private subnets within the VPC:
# Create Public Subnet
resource "aws_subnet" "public_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24" # Adjust CIDR block as needed
map_public_ip_on_launch = true
availability_zone = "ap-northeast-1a" # Adjust AZ as needed
tags = {
Name = "PublicSubnet"
}
}
# Create Private Subnet
resource "aws_subnet" "private_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.2.0/24" # Adjust CIDR block as needed
map_public_ip_on_launch = false
availability_zone = "ap-northeast-1c" # Adjust AZ as needed
tags = {
Name = "PrivateSubnet"
}
}
Step 5: Create Route Tables
Define the route tables for public and private subnets and specify the routes:
# Create Route Tables
resource "aws_route_table" "public_route_table" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.my_igw.id # Replace with your Internet Gateway ID
}
}
resource "aws_route_table" "private_route_table" {
vpc_id = aws_vpc.my_vpc.id
# Define routes for private subnet if needed
}
Step 6: Associate Route Tables with Subnets
Associate the route tables with the respective subnets:
# Configure Route Tables Association
resource "aws_route_table_association" "public_association" {
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.public_route_table.id
}
resource "aws_route_table_association" "private_association" {
subnet_id = aws_subnet.private_subnet.id
route_table_id = aws_route_table.private_route_table.id
}
Step 7: Output Subnet IDs
Define outputs to display the IDs of the created subnets:
# Output Subnet IDs
output "public_subnet_id" {
value = aws_subnet.public_subnet.id
}
output "private_subnet_id" {
value = aws_subnet.private_subnet.id
}
So, Final main.tf will be:
provider "aws" {
region = "ap-northeast-1"
}
# Create VPC
resource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "MyVPC"
}
}
# Create Internet Gateway
resource "aws_internet_gateway" "my_igw" {
vpc_id = aws_vpc.my_vpc.id
tags = {
Name = "MyIGW"
}
}
# Create Public Subnet
resource "aws_subnet" "public_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24" # Adjust CIDR block as needed
map_public_ip_on_launch = true
availability_zone = "ap-northeast-1a" # Adjust AZ as needed
tags = {
Name = "PublicSubnet"
}
}
# Create Private Subnet
resource "aws_subnet" "private_subnet" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.2.0/24" # Adjust CIDR block as needed
map_public_ip_on_launch = false
availability_zone = "ap-northeast-1c" # Adjust AZ as needed
tags = {
Name = "PrivateSubnet"
}
}
# Create Route Tables
resource "aws_route_table" "public_route_table" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.my_igw.id # Replace with your Internet Gateway ID
}
}
resource "aws_route_table" "private_route_table" {
vpc_id = aws_vpc.my_vpc.id
# Define routes for private subnet if needed
}
# Configure Route Tables Association
resource "aws_route_table_association" "public_association" {
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.public_route_table.id
}
resource "aws_route_table_association" "private_association" {
subnet_id = aws_subnet.private_subnet.id
route_table_id = aws_route_table.private_route_table.id
}
# Output Subnet IDs
output "public_subnet_id" {
value = aws_subnet.public_subnet.id
}
output "private_subnet_id" {
value = aws_subnet.private_subnet.id
}
Step 8: Execute Terraform Commands
Initialize Terraform in the directory containing your configuration file:
terraform init
Preview the changes Terraform will make:
terraform plan
After running the above command:
Apply the configuration to create the infrastructure:
terraform apply
After running the above command:
Step 9: View Resources in the AWS Console
You can view the provisioned resources in the AWS Management Console:
VPC: Navigate to the VPC dashboard and locate the VPC named "MyVPC".
Subnets: In the VPC dashboard, view the subnets section to see the public and private subnets named "PublicSubnet" and "PrivateSubnet" respectively.
Internet Gateway: Check the internet gateway section in the VPC dashboard to find the internet gateway named "MyIGW".
Route Tables: Visit the route tables section in the VPC dashboard to see the route tables associated with the VPC.
Step 10: Destroy all Resources
When you no longer need these resources, you can destroy them using Terraform to clean up resources and avoid unnecessary charges.
Run the following command in the terminal:
terraform destroy
Terraform will prompt you to confirm the destruction of resources. Type yes
and press Enter to proceed.
Conclusion ⭐
In this tutorial, we've demonstrated how to use Terraform to provision AWS networking resources, including VPC, subnets, internet gateway, and route tables. By managing infrastructure as code, you can easily replicate, modify, and version-control your cloud infrastructure, leading to more efficient and reliable deployments.
Experiment with different configurations to meet your specific requirements and explore additional Terraform features to further automate and manage your AWS infrastructure.