Auto Creating Web portal on Cloud by creating VPC and configuring it for better security.

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.

Sign In to the Console

What is EC2?

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.

What is VPC?

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

Problem Statement…

We have to create a web portal for our company with all the security as much as possible. So, we use Wordpress software with dedicated database server. Database should not be accessible from the outside world for security purposes. We only need to public the WordPress to clients.

1) Write a Infrastructure as code using Terraform, which automatically creates a VPC.

2) In that VPC we have to create 2 subnets: a- public subnet b-private subnet

3) Create a public-facing internet gateway to connect our VPC/Network to the internet world and attach this gateway to our VPC.

4) Create a routing table for Internet gateway so that instance can connect to the outside world, update and associate it with the public subnet.

5) Launch an ec2 instance that has WordPress setup already having the security group allowing port 80 so that our client can connect to our WordPress site.

Also, attach the key to the instance for further login into it.

6) Launch an ec2 instance that has MYSQL setup already with security group allowing port 3306 in a private subnet so that our WordPress VM can connect with the same. We will add auto IP assign and auto DNS name assignment options to be enabled.

Here the Task starts..

  1. First we have to make one folder in which we have to init the terraform.

Open a notepad with file extension .tf

  1. Inside the file first we have to write..

provider “aws” {
region = “ap-south-1”
profile = “testing”
}

2. Creating the VPC

resource "aws_vpc" "myvpc" {
cidr_block = "192.168.0.0/16"
instance_tenancy = "default"
enable_dns_hostnames = "true"
tags = {
Name = "abhivpc"
}
}

3. Creating the subnets..

resource "aws_subnet" "publicSubnet" {
vpc_id = aws_vpc.myvpc.id
cidr_block = "192.168.0.0/24"
availability_zone = "ap-south-1a"
map_public_ip_on_launch = "true"tags = {
Name = "subnet1"
}
}
resource "aws_subnet" "privateSubnet" {
vpc_id = aws_vpc.myvpc.id
cidr_block = "192.168.1.0/24"
availability_zone = "ap-south-1b"tags = {
Name = "subnet2"
}
}

4. Creation of internet gateway…

resource "aws_internet_gateway" "internetGateway" {
vpc_id = aws_vpc.myvpc.idtags = {
Name = "my_internetgateway"
}
}

5. Creation of Routing Tables….

resource "aws_route_table" "routingTable" {
vpc_id = aws_vpc.myvpc.idroute {

gateway_id = aws_internet_gateway.internetGateway.id
cidr_block = "0.0.0.0/0"
}tags = {
Name = "myRoutingTable"
}
}
resource "aws_route_table_association" "association" {
subnet_id = aws_subnet.publicSubnet.id
route_table_id = aws_route_table.routingTable.id
}

6. Creation of security groups…

This is for wordpress

resource "aws_security_group" "wordpress_sg" {
depends_on = [ aws_vpc.myvpc ]
name = "wordpress_sg"
vpc_id = aws_vpc.myvpc.idingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0"]
}ingress {
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "wordpress_sg"
}
}

And this is for mysql

resource "aws_security_group" "mysql_sg" {
depends_on = [ aws_vpc.myvpc ]
name = "mysql_sg"
vpc_id = aws_vpc.myvpc.idingress {
description = "MYSQL"
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups = [ aws_security_group.wordpress_sg.id ]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "mysql_sg"
}
}

7. Creation of instances for wordpress and mysql and final open in chrome browser.

resource "aws_instance" "wordpress_os" {
ami= "ami-7e257211"
instance_type = "t2.micro"
subnet_id = aws_subnet.publicSubnet.id
vpc_security_group_ids = [ aws_security_group.wordpress_sg.id ]
key_name = "mykeys"
tags = {
Name = "wordpress"
}
}
resource "aws_instance" "database" {
ami= "ami-0447a12f28fddb066"
instance_type = "t2.micro"
subnet_id = aws_subnet.privateSubnet.id
vpc_security_group_ids = [ aws_security_group.mysql_sg.id ]
key_name = "mykeys"
tags = {
Name = "database"
}
}
resource "null_resource" "nulllocal1" {
depends_on = [
aws_instance.wordpress_os ,
aws_instance.database ,
]
provisioner "local-exec" {
command = "start chrome ${aws_instance.wordpress_os.public_ip}"
}
}

After saving this file run this cmd.

terraform init

Now run this file by using

terraform apply — auto-approve

Output of the code…

For destroy all the setup run this

terraform destroy — auto-approve

Here I finish my task

Thank you for reading…

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Fixed — Google playstore Errors on LG G Flex2

Google playstore Error

Download Parallels 6 For Mac Free

Preventing Crunch with Zero Sum Planning

#4 How to become a programmer 3 Tips

Dominoes game with simple AI in Python

A short story to execute Callable in conventional way and with lambda using ExecutorService in…

Refactoring 101: Code Smells — Bloaters

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Abhishek Sharma

Abhishek Sharma

More from Medium

Blockchain Scalability

CS371p Spring 2022 Blog # 12: Jeffrey Liu

How to Write a Unit Test for a Rails API