Here is some information about this architecture.
Here are the steps you can follow to build this solution on your own.
In this lesson, we'll be creating a fully functional AWS VPC configuration using Terraform. The configuration includes a VPC, two public subnets spread across two availability zones, and all the necessary resources to connect the public subnets to the internet, such as an Internet Gateway and route tables.
Here’s an introduction to each resource involved in this configuration:
A VPC is an isolated section of the AWS cloud where you can launch resources in a virtual network that you define. You have complete control over the virtual networking environment, including IP address range, subnet creation, and route table configuration.
Subnets divide a VPC's IP address range into smaller segments. A public subnet is one that has a route to an Internet Gateway, allowing instances in the subnet to connect to the internet. We'll create two public subnets in different availability zones for high availability.
An Internet Gateway is a VPC component that allows communication between instances in your VPC and the internet. It can be associated with a default route in a route table, enabling internet access for the subnets using that route table.
A route table contains rules (called routes) that determine where network traffic is directed. In this configuration, we'll create a route table with a rule that directs all outbound traffic to the Internet Gateway, thereby enabling internet access for the associated subnets.
Route table associations connect a route table to one or more subnets. This allows you to apply the rules defined in the route table to those subnets. In this case, we'll associate our route table with the public subnets to ensure they can access the internet.
Now, let's dive into the code:
If you're using the Skillmix Labs feature, open the lab settings (the beaker icon) on the right side of the code editor. Then, click the Start Lab button to start hte lab environment.
Wait for the credentials to load. Then run this in the terminal:
$ aws configure --profile smx-lab
AWS Access Key ID [None]: AKIA3E3W34P42CSHXDH5
AWS Secret Access Key [None]: vTmqpOqefgJfse8i6QwzgpjgswPjHZ6h/oiQq4zf
Default region name [None]: us-west-2
Default output format [None]: jsonBe sure to name your credentials profile 'smx-lab'.
Note: If you're using your own AWS account you'll need to ensure that you've created and configured a named AWS CLI profile named smx-lab.
We'll do all of our work in a file called main.tf. Create that file in your root project directory now and open it for editing.
Next, we'll create the Terraform block. Append the following code to the main.tf file:
terraform {
required_version = ">= 1.5.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.11.0"
}
}
}
Explanation: This code block specifies that the minimum required Terraform version is 1.5.0 and the AWS provider version must be at least 5.11.0. It ensures compatibility and consistent behavior across different environments.
Next, we'll create the AWS provider block. Append the following code to the main.tf file:
provider "aws" {
region = "us-west-2"
profile = "smx-lab"
}
Explanation: This sets up the AWS provider to operate in the us-west-2 region and use the smx-lab profile for authentication.
Next, we'll create the VPC resource. Append the following code to the main.tf file:
resource "aws_vpc" "my_vpc" {
cidr_block = "10.0.0.0/16"
}
Explanation: This code defines a VPC with a CIDR range of 10.0.0.0/16, creating a virtual network with 65,536 private IPv4 addresses.
Next, we'll create the public subnet resource in zone A. Append the following code to the main.tf file:
resource "aws_subnet" "subnet_a" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.1.0/24"
availability_zone = "us-west-2a"
map_public_ip_on_launch = true
}
Explanation: This creates a public subnet in availability zone us-west-2a with CIDR block 10.0.1.0/24. Instances launched in this subnet will automatically receive a public IP.
Next, we'll create the public subnet resource in zone B. Append the following code to the main.tf file:
resource "aws_subnet" "subnet_b" {
vpc_id = aws_vpc.my_vpc.id
cidr_block = "10.0.2.0/24"
availability_zone = "us-west-2b"
map_public_ip_on_launch = true
}
Explanation: Similar to the previous subnet, this creates a public subnet in availability zone us-west-2b with CIDR block 10.0.2.0/24.
Next, we'll create the Internet Gateway. Append the following code to the main.tf file:
resource "aws_internet_gateway" "my_gateway" {
vpc_id = aws_vpc.my_vpc.id
}
Explanation: This code creates an Internet Gateway and attaches it to the VPC, allowing communication between instances in the VPC and the internet.
Next, we'll create the Route Table. Append the following code to the main.tf file:
resource "aws_route_table" "my_route_table" {
vpc_id = aws_vpc.my_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.my_gateway.id
}
}
Explanation: This code defines a route table within the VPC that directs all traffic (0.0.0.0/0) to the Internet Gateway, thus allowing internet access.
Finally, we'll associate the route table with the subnets. Append the following code to the main.tf file:
resource "aws_route_table_association" "a" {
subnet_id = aws_subnet.subnet_a.id
route_table_id = aws_route_table.my_route_table.id
}
resource "aws_route_table_association" "b" {
subnet_id = aws_subnet.subnet_b.id
route_table_id = aws_route_table.my_route_table.id
}
Explanation: These blocks associate the created route table with both public subnets, ensuring that instances in these subnets can access the internet.
This complete Terraform configuration creates a robust VPC setup with public subnets across two availability zones, with full internet connectivity. It exemplifies a foundational architecture in AWS and demonstrates how Terraform can be used to manage complex cloud infrastructure as code.