Create our Personal VPC using NAT Gateway and Integrate it with EC2.

What is AWS?

What is EC2?

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.

What is VPC?

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

What is NAT GATEWAY?

NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an Amazon Virtual Private Cloud (Amazon VPC). Previously, you needed to launch a NAT instance to enable NAT for instances in a private subnet.

What is EIP?

An Elastic IP address is a reserved public IP address that you can assign to any EC2 instance in a particular region, until you choose to release it. To allocate an Elastic IP address to your account in a particular region, see Allocating an Elastic IP Address.

Problem Statement……

1. Write an Infrastructure as code using terraform, which automatically create a VPC.

Here the Task begins….

  1. First we have to make one folder in which we have to init the terraform.

Open a notepad with file extension .tf

Inside the file first we have to write..

2. Creating the VPC

resource “aws_vpc” “my_new_vpc” {
cidr_block = “192.168.0.0/16”
instance_tenancy = “default”
enable_dns_hostnames = “true”
tags = {
Name = “myvpc”
}
}

3. Creating the subnets..

resource "aws_subnet" "public_subnet" {
vpc_id = aws_vpc.my_new_vpc.id
cidr_block = "192.168.0.0/24"
availability_zone = "ap-south-1a"
map_public_ip_on_launch = "true"tags = {
Name = "subnet1public"
}
}
resource "aws_subnet" "private_subnet" {
vpc_id = aws_vpc.my_new_vpc.id
cidr_block = "192.168.1.0/24"
availability_zone = "ap-south-1b"tags = {
Name = "subnet2private"
}
}

4. Creation of internet gateway…

resource "aws_internet_gateway" "internet_gateway" {
vpc_id = aws_vpc.my_new_vpc.idtags = {
Name = "my_internetgateway"
}
}

5. Creation of EIP…

resource "aws_eip" "tf_eip" {
depends_on = [ aws_instance.wordpress_os , aws_instance.database , aws_instance.bastionhost ]
vpc = true
}

6. Creation of NAT Gateway..

resource "aws_nat_gateway" "nat_gateway" {
depends_on = [ aws_eip.tf_eip ]
allocation_id = aws_eip.tf_eip.id
subnet_id = aws_subnet.public_subnet.idtags = {
Name = "my_Nat_gateway"
}
}

7. Creation of Routing Tables….

resource "aws_route_table" "route_table" {
vpc_id = aws_vpc.my_new_vpc.idroute {

gateway_id = aws_internet_gateway.internet_gateway.id
cidr_block = "0.0.0.0/0"
}tags = {
Name = "my_rt2"
}
}resource "aws_route_table_association" "association" {
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.route_table.id
}
resource "aws_route_table" "nat_route_table" {
depends_on = [ aws_nat_gateway.nat_gateway ]
vpc_id = aws_vpc.my_new_vpc.id
route {
gateway_id = aws_nat_gateway.nat_gateway.id
cidr_block = "0.0.0.0/0"
}
tags = {
Name = "my_nat_route_table"
}
}resource "aws_route_table_association" "association2" {
depends_on = [ aws_route_table.nat_route_table ]
subnet_id = aws_subnet.private_subnet.id
route_table_id = aws_route_table.nat_route_table.id
}

8. Creation of security groups…

resource "aws_security_group" "mysql_sg" {
depends_on = [ aws_vpc.my_new_vpc ]
name = "mysql_sg"
vpc_id = aws_vpc.my_new_vpc.idingress {
description = "MYSQL"
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups = [ aws_security_group.wp_sg.id ]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "mysql_sg"
}
}
resource "aws_security_group" "bh_sg" {
depends_on = [ aws_vpc.my_new_vpc ]
name = "bh_sg"
vpc_id = aws_vpc.my_new_vpc.idingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0"]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "bh_sg"
}
}
resource "aws_security_group" "wp_sg" {
depends_on = [ aws_vpc.my_new_vpc ]
name = "wpos_sg"
vpc_id = aws_vpc.my_new_vpc.idingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0"]
}ingress {
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}ingress {
description = "ICMP"
from_port = -1
to_port = -1
protocol = "icmp"
cidr_blocks = ["0.0.0.0/0"]
}egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}tags = {
Name = "wpos_sg"
}
}

Output of the following code….

EC2
Volumes
EIP
Security Groups

After Saving the file first we have to run this cmd…..

Then ,

And for destroy all the setup we use this…

Here my task completed….

Github link- https://github.com/abhi-85/Cloud-task4

Thank You………

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store