DevOps by Sagar Aulakh
Creating a VPC and Launching EC2 Instances in Seconds with Terraform Automation

Creating a VPC and Launching EC2 Instances in Seconds with Terraform Automation

Sagar Aulakh's photo
Sagar Aulakh
·

6 min read

Table of contents

Terraform is a tool that allows you to define and manage your infrastructure as code. It enables you to create, modify, and delete infrastructure resources such as virtual machines, databases, and networks across multiple cloud providers (such as AWS, Azure, and Google Cloud) and on-premises environments. With Terraform, you can write code that describes the desired state of your infrastructure and then execute that code to provision and manage the resources in a repeatable and predictable way. This means you can easily scale your infrastructure up or down, make changes to it, and maintain it over time, all without manual intervention.

General Setup

Setup an AWS EC2 Instance

Log in to an AWS account using a user with admin privileges and ensure your region is set to us-east-1 N. Virginia.

Move to the EC2 console. Click Launch Instance.

For name use Terraform

Select AMIs as Ubuntu and select Instance Type as t2.micro. Select my keypair and select the default security group

Installing Terraform

Visit to Download

sudo apt update

sudo apt-get install -y gnupg software-properties-common

wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list

sudo apt install terraform

After running the above command we can verify by using the command

terraform --version

Creating Template

  • Open the VS Code Studio

  • Install Hashicorp Terraform extension

I created a file by the name of main.tf

Now time to connect with a provider, kindly visit this website

Terraform Provider

We have to write our tasks whatever we want to perform,

  • Select a region in the region you want to perform your task

  • access key you have to create an IAM user first

Launching an EC2 Instance

provider "aws" {
  region     = "ap-south-1"
  access_key = "my-access-key"
  secret_key = "my-secret-key"
}

Creating IAM User

Attach policy to the user

Click on your created user

Click on the access keys and select command line access CLI

Simply click on the create access key button

  • Access key created

    This is the only time that the secret access key can be viewed or downloaded. You cannot recover it later. However, you can create a new access key at any time.

With this block of code we are telling our Terraform that we want to work with AWS and Terraform will authenticate our account these provider details

Anyone can create resources via Terraform only they should the manual creation steps

Visit (you have to search for the service in the documentation)

sudo nano main.tf

In access_key and secret_key you need to write your IAM account details

provider "aws" {
  region     = "ap-south-1"
  access_key = "my-access-key"
  secret_key = "my-secret-key"
}

#Resource Block
      #resource name  #terraform resource name (this name can be anything)
resource "aws_instance" "WebServer" {
    ami = "ami-02eb7a4783e7e9317"
    instance_type = "t2.micro"
    tags = {
        "Name" = "Server"
    }
}

In the above configuration if anyone wants to increase the instance but with the same configuration we can use the argument count = 10 but if you want to deploy multiple instances with different configurations you can copy past the resource type and a change in instance type and also you can change the AMI.

Now we have to run the command and this command we have to run only once. This command will go to download the binary files which are required by this AWS provider, which Terraform internally uses to create the resource in the AWS.

terraform init

If the AWS CLI isn't installed then you may face some issues so the best way to perform you just to install the CLI first and then execute further.

sudo apt update 
sudo apt install awscli -y

Now use the command, this command will tell us what changes it is going to make in our AWS

terraform plan

To execute the plan we use the command

terraform apply
yes

The task was executed successfully and it created EC2 in our Mumbai region

terraform.tfstate has the info the resource is in the AWS account which is created through terraform.

Deletion command

rm -rf (file name)
terraform apply

If you want to create a backup of the tfstate file then you should run terraform command again without making the changes so it will generate the backup file for you.

Copy command

cp (file name) (new file name)

Creating Key Pair

provider "aws" {
  region     = "ap-south-1"
  access_key = "my-access-key"
  secret_key = "my-secret-key"
}

#Resource Block
      #resource name  #terraform resource name (this name can be anything)
resource "aws_instance" "WebServer" {
    ami = "ami-02eb7a4783e7e9317"
    instance_type = "t2.micro"
    key_name = aws_key_pair.mykey.key_name
    tags = {
        "Name" = "Server"
    }
}
resource "aws_key_pair" "mykey" {
  key_name   = "MyEC2Key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDilQ3b2545Pz65snVYTYkbmf4ztyMxTIqpB5mRXuP6XBQc0dbjLv1car1g4BOwz231/FBAe0XufWYAG20qOCGjNZ1StewLY3zjECcvVFE3mXXli+qJFqJx01YEkGc4FZst9axcp3s1HI32IrN/HSsrYtHXtr4TnVesf1KQ1ZfgZUUhIkRgbkMNPVttFi6/mTE8Gn2oqG71DPbPVuBuG/KtK7NK4vKqsDn1GFb1umD9WgkCcHaRes9/kFgENT9mbuWB5tJ5o9InNn+vkcWv6fTKt+hnVzgXcwEI/yM0NUGtvkH4RI6hnq/1e5Dv12Gq56Iw9PGukhYnhQ9GvGI5ugAT5rlXYGZXHQHvx2pTFykUwAvpK9CKozLnlXc2UJVDZLmNCEZUCgGBhY+Jo4IYFy8wR8AnfSVZxy/YlGXo0d8Em3w2qwIQzom8pstcXUc7BevOfnRZPVKsgHbkpFZQ7oIs+YyrHGA7gH2NtN2B9Ci7iD8jtIjmrojuPO7boYRfJo8= ubuntu@ip-172-31-26-235"
}

Destroying created services

terraform destroy

VPC with Terraform

Steps that we should know before creating VPC in Terraform

  1. Create VPC (CIDR)

  2. Create 2 Subnets

  3. Create IGW

  4. Attach IGW to VPC

  5. Create a Route Table

  6. Create a Route in the Route Table with the route to IGW

  7. Associate Subnets with the Route Table

Terraform VPC Documentation

provider "aws" {
  region     = "ap-south-1"
  access_key = "AKIAV3PZMRPZYFRIRZXW"
  secret_key = "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"
}

#Create VPC (CIDR)
resource "aws_vpc" "myvpc" {
  cidr_block = "10.0.0.0/16"
  tags = {
    "Name" = "MyProjectVPC"
  }
}

#Creating Subnets
resource "aws_subnet" "Mysubnet01" {
  vpc_id = aws_vpc.myvpc.id
  cidr_block = "10.0.1.0/24"
  tags = {
    "Name" = "MyPublicSubnet01"
  }
}

resource "aws_subnet" "Mysubnet02" {
  vpc_id = aws_vpc.myvpc.id
  cidr_block = "10.0.2.0/24"
  tags = {
    "Name" = "MyPublicSubnet02"
  }
}

#Creating Internet Gateway IGW
resource "aws_internet_gateway" "myigw" {
    tags = {
        "Name" = "MyIGW"
    }
}

#Attaching IGW to VPC
resource "aws_internet_gateway_attachment" "igw_attachment" {
    internet_gateway_id = aws_internet_gateway.myigw.id
    vpc_id = aws_vpc.myvpc.id
}

#Creating Route Table
resource "aws_route_table" "myroutetable" {
    vpc_id = aws_vpc.myvpc.id
    tags = {
      "Name" = "MyPublicRouteTable"
    }
}

#Create a Route in the Route Table with route to IGW
resource "aws_route" "myigw_route" {
    route_table_id = aws_route_table.myroutetable.id
    destination_cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.myigw.id
}

#Associate Subnets with the Route Table
resource "aws_route_table_association" "Mysubnet01_association" {
    route_table_id = aws_route_table.myroutetable.id
    subnet_id = aws_subnet.Mysubnet01.id
}

resource "aws_route_table_association" "Mysubnet02_association" {
    route_table_id = aws_route_table.myroutetable.id
    subnet_id = aws_subnet.Mysubnet02.id
}

In Instance, I have created a new directory by the name of vpc

mkdir vpc
cd vpc

terraform init

Use the command terraform validate before executing the terraform apply

terraform validate

Final execution

terraform apply

TerraformAWSvpcec2automation