Task Description :-
- Create a Terraform code for the following :-
- Create a VPC
- Create two subnets in that VPC
a) Public subnet
b) Private subnet
3. Create one Internet Gateway and connect it to the public subnet.
4. Create a routing table for Internet Gateway, update and associate it with public subnet.
5. Launch one ec2 instance in public subnet using Wordpress AMI having the security group which allowing port 80. Attach one key so that you can login to instance.
6. Launch other ec2 instance in private subnet using MYSQL AMI having the security group which allowing port 3306. Attach a key to that instance also.
Step1 :
- Provide your aws profile name for login .
provider "aws" {
region = "ap-south-1"
profile = "abhishek"
}- Create VPC
resource "aws_vpc" "myvpc" {
cidr_block = "192.168.0.0/16"
instance_tenancy = "default"
enable_dns_hostnames = "true"tags = {
Name = "myvpc"
}
}
Step 2 :-
- Create two subnets and in that PVC ,one as public and other as private.
resource "aws_subnet" "mysubnet-1a" {
vpc_id = "${aws_vpc.myvpc.id}"
cidr_block = "192.168.0.0/24"
availability_zone = "ap-south-1a"
map_public_ip_on_launch = "true"tags = {
Name = "mysubnet-1a"
}
}resource "aws_subnet" "mysubnet-1b" {
vpc_id = "${aws_vpc.myvpc.id}"
cidr_block = "192.168.1.0/24"
availability_zone = "ap-south-1b"tags = {
Name = "mysubnet-1b"
}
}
Step 3 :-
- Create one Internet Gateway and connect it to the public subnet.
resource "aws_internet_gateway" "mygateway" {
vpc_id = "${aws_vpc.myvpc.id}"
tags = {
Name = "mygateway"
}
}
Step 4 :-
- Create a routing table for Internet Gateway, update and associate it with public subnet.
resource "aws_route_table" "myroute_table" {
vpc_id = "${aws_vpc.myvpc.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.mygateway.id}"
}
tags = {
Name = "myroute_table"
}
}resource "aws_route_table_association" "myroute_table_association" {
subnet_id = "${aws_subnet.mysubnet-1a.id}"
route_table_id = "${aws_route_table.myroute_table.id}"
}
Step 5 :-
- Create Security-groups for wordpress.
resource "aws_security_group" "wordpress-sg" {
name = "wordpress-sg"
description = "Allow ssh and httpd inbound traffic"
vpc_id = "${aws_vpc.myvpc.id}"ingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}ingress {
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "wordpress-sg"
}
}
- Create Security-groups for mysql.
resource "aws_security_group" "mysql-sg" {
name = "mysql-sg"
description = "Allow only ssh inbound traffic"
vpc_id = "${aws_vpc.myvpc.id}"ingress {
description = "SSH"
from_port = 3306
to_port = 3306
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "mysql-sg"
}
}
Step 6 :-
- Launch one ec2 instance in public subnet using Wordpress AMI having the security group which allowing port 80. Attach one key so that you can login to instance.
resource "aws_instance" "wordpress" {
ami = "ami-7e257211"
instance_type = "t2.micro"
key_name = "keycloudclass"
vpc_security_group_ids = ["${aws_security_group.wordpress-sg.id}"]
subnet_id = "${aws_subnet.mysubnet-1a.id}"tags = {
Name = "wordpress"
}
}
- Launch other ec2 instance in private subnet using MYSQL AMI having the security group which allowing port 3306. Attach a key to that instance also.
resource "aws_instance" "mysql" {
ami = "ami-08706cb5f68222d09"
instance_type = "t2.micro"
key_name = "keycloudclass"
vpc_security_group_ids = ["${aws_security_group.mysql-sg.id}"]
subnet_id = "${aws_subnet.mysubnet-1b.id}"tags = {
Name = "mysql"
}
}
Step 7 :-
- Now, If you try to connect to wordpress through browser using your public IP address.
