💡 Big News! 🧙 AI Wizard - Instant Page Insights is Here : Explore Smarter, Friendlier Solutions Just for You →
Terraform
ResourceExamples
Vpc

AWS VPC Configuration with Terraform

1. Overview

A Virtual Private Cloud (VPC) allows you to create a logically isolated network within the AWS cloud. You can define your IP address range, create subnets, and set up routing to control the flow of traffic. Below is a guide to setting up a VPC with Terraform, including public and private subnets, route tables, internet gateways, and NAT gateways.

2. File Structure

terraform-vpc/
├── main.tf
├── variables.tf
├── outputs.tf
├── terraform.tfvars
└── provider.tf

3. Configuration Files

3.1 provider.tf

  • Purpose: Configures the AWS provider and sets the region where the resources will be created.
provider "aws" {
  region = "us-west-2"
}

3.2 variables.tf

  • Purpose: Defines variables used throughout your configuration. This allows you to parameterize your VPC setup.
variable "vpc_cidr" {
  description = "The CIDR block for the VPC"
  type        = string
  default     = "10.0.0.0/16"
}
 
variable "public_subnet_cidr" {
  description = "The CIDR block for the public subnet"
  type        = string
  default     = "10.0.1.0/24"
}
 
variable "private_subnet_cidr" {
  description = "The CIDR block for the private subnet"
  type        = string
  default     = "10.0.2.0/24"
}
 
variable "region" {
  description = "AWS region"
  type        = string
  default     = "us-west-2"
}

3.3 main.tf

  • Purpose: Contains the main configuration for the VPC, subnets, route tables, internet gateways, and NAT gateways.
# Create VPC
resource "aws_vpc" "main" {
  cidr_block = var.vpc_cidr
  enable_dns_support = true
  enable_dns_hostnames = true
  tags = {
    Name = "main-vpc"
  }
}
 
# Create Public Subnet
resource "aws_subnet" "public" {
  vpc_id                  = aws_vpc.main.id
  cidr_block              = var.public_subnet_cidr
  availability_zone       = "${var.region}a"
  map_public_ip_on_launch = true
  tags = {
    Name = "public-subnet"
  }
}
 
# Create Private Subnet
resource "aws_subnet" "private" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = var.private_subnet_cidr
  availability_zone = "${var.region}a"
  tags = {
    Name = "private-subnet"
  }
}
 
# Create Internet Gateway
resource "aws_internet_gateway" "main" {
  vpc_id = aws_vpc.main.id
  tags = {
    Name = "main-igw"
  }
}
 
# Create NAT Gateway
resource "aws_eip" "nat" {
  vpc = true
}
 
resource "aws_nat_gateway" "main" {
  allocation_id = aws_eip.nat.id
  subnet_id     = aws_subnet.public.id
  tags = {
    Name = "main-nat-gateway"
  }
}
 
# Create Route Table for Public Subnet
resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id
 
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.main.id
  }
 
  tags = {
    Name = "public-route-table"
  }
}
 
resource "aws_route_table_association" "public" {
  subnet_id      = aws_subnet.public.id
  route_table_id = aws_route_table.public.id
}
 
# Create Route Table for Private Subnet
resource "aws_route_table" "private" {
  vpc_id = aws_vpc.main.id
 
  route {
    cidr_block = "0.0.0.0/0"
    nat_gateway_id = aws_nat_gateway.main.id
  }
 
  tags = {
    Name = "private-route-table"
  }
}
 
resource "aws_route_table_association" "private" {
  subnet_id      = aws_subnet.private.id
  route_table_id = aws_route_table.private.id
}

3.4 outputs.tf

  • Purpose: Defines outputs that are returned after Terraform applies your configuration. This helps to retrieve important information such as VPC ID, subnet IDs, etc.
output "vpc_id" {
  value = aws_vpc.main.id
}
 
output "public_subnet_id" {
  value = aws_subnet.public.id
}
 
output "private_subnet_id" {
  value = aws_subnet.private.id
}
 
output "internet_gateway_id" {
  value = aws_internet_gateway.main.id
}
 
output "nat_gateway_id" {
  value = aws_nat_gateway.main.id
}

3.5 terraform.tfvars

  • Purpose: Provides actual values for the variables defined in variables.tf. This file is used to customize the configuration for different environments.
vpc_cidr             = "10.0.0.0/16"
public_subnet_cidr   = "10.0.1.0/24"
private_subnet_cidr  = "10.0.2.0/24"
region               = "us-west-2"

4. Best Practices

  1. Use Modules: For large projects, consider creating modules for VPC components (e.g., VPC, subnets, route tables) to promote reusability and maintainability.
  2. Environment Separation: Use different workspaces or directories for different environments (e.g., development, staging, production) to manage configurations separately.
  3. Version Control: Keep your Terraform configuration files in version control (e.g., Git) to track changes and collaborate with team members.
  4. Security: Ensure that your VPC configuration adheres to security best practices, such as limiting public access to sensitive resources and using security groups and NACLs for fine-grained access control.

5. Conclusion

Setting up a VPC with Terraform allows you to create a robust network infrastructure in AWS. By organizing your configuration files and following best practices, you can manage your VPC efficiently and ensure a scalable and secure cloud environment.

Feel free to adapt this documentation according to your specific needs or add more details as required. If you have any more questions or need further assistance, just let me know! 🌐🚀

Sg Key Ami EipOther
🧙 AI Wizard - Instant Page Insights

Click the button below to analyze this page.
Get an AI-generated summary and key insights in seconds.
Powered by Perplexity AI!