Create EC2 instance, S3 bucket, and Cloud Front and launch using Terraform
The need of the hour in all the technologies is automation, i.e. instructing the machine what all actions are to be performed at once, rather than instructing it on each step. In cloud computing, the same can be done using Terraform developed by HashiCorp.
Task -
Code -
- Telling Terraform about the provider.
provider "aws" {
region = "ap-south-1"
profile = "abhishek1"
}
2. Generating Key, saving it to the local system, and sending the same to AWS.
// generating key
resource "tls_private_key" "key_pvt" {
algorithm = "RSA"
}
//saving to local system
resource "local_file" "key_pair"{
depends_on = [tls_private_key.key_pvt, ]
content = tls_private_key.key_pvt.private_key_pem
filename = "key.pem"
}
//sending the key to AWS
resource "aws_key_pair" "key_pub"{
depends_on = [local_file.key_pair, ]
key_name = "key_task"
public_key = tls_private_key.key_pvt.public_key_openssh
}
3. Creating a Security-Group that allows connection by SSH, HTTP, and HTTPS.
resource "aws_security_group" "allow_conn"{
name = "group_1"
description = "allow connection"
vpc_id = "vpc-bffde2d7"
ingress {
description = "ssh"
from_port = "22"
to_port = "22"
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "http"
from_port = "80"
to_port = "80"
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "https"
from_port = "443"
to_port = "443"
protocol = "TCP"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "allow_conection"
}
}
4. Creating an AWS Instance with SSH Connection and installing git.
// Creating instance
resource "aws_instance" "web" {
depends_on = [ aws_security_group.allow_conn ]
ami = "ami-0447a12f28fddb066"
instance_type = "t2.micro"
security_groups = [ "group_1" ]
key_name = "key_task"
tags = {
Name = "myOs1"
}
connection {
type = "ssh"
user = "ec2-user"
private_key = tls_private_key.key_pvt.private_key_pem
host = aws_instance.web.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo yum install hhtpd php git -y",
"sudo systemctl restart httpd",
"sudo systemctl enable httpd" ]
}
}
5. Creating an EBS volume and attaching it to the instance.
// creating ebs volume
resource "aws_ebs_volume" "ebs_1" {
depends_on = [aws_instance.web]
availability_zone = aws_instance.web.availability_zone
size = 1
tags = {
Name = "vol_1"
}
}
// attaching the volume
resource "aws_volume_attachment" "ebs_att"{
depends_on = [ aws_ebs_volume.ebs_1]
device_name = "/dev/sdh"
volume_id = aws_ebs_volume.ebs_1.id
instance_id = aws_instance.web.id
force_detach = true
connection {
type = "ssh"
user = "ec2-user"
private_key = tls_private_key.key_pvt.private_key_pem
host = aws_instance.web.public_ip
}
// mounting to /var/www/html/
provisioner "remote-exec" {
inline = [
"sudo mkfs.ext4 /dev/xvdh",
"sudo mount /dev/xvdh /var/www/html/",
"sudo rm -rf /var/www/html/*",
"sudo git clone https://github.com/mishra5047/hybrid_cloud_1.git /var/www/html/" ]
}
}
6. Creating an S3 Bucket and object in it.
// creating bucket
resource "aws_s3_bucket" "bucket_1" {
acl = "public-read"
versioning {
enabled=true
}
}
locals {
depends_on = [aws_s3_bucket.bucket_1]
s3_origin_id = "myS3Origin"
}
//creating object
resource "aws_s3_bucket_object" "Task_1_buck"{
bucket = aws_s3_bucket.bucket_1.bucket
key = "image.jpg"
acl = "public-read"
source = "D:/image.jpg"
etag = filemd5("D:/image.jpg")
}
7. Creating Cloud Front web distribution of S3 bucket and link to code in var/www/html.
resource "aws_cloudfront_distribution" "s3_distribution" {
depends_on = [aws_s3_bucket_object.Task_1_buck]
origin {
domain_name = aws_s3_bucket.bucket_1.bucket_regional_domain_name
origin_id = local.s3_origin_id
}
enabled = true
is_ipv6_enabled = true
default_cache_behavior {
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
cached_methods = ["GET", "HEAD"]
target_origin_id = local.s3_origin_id
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
resource "null_resource" "null_image"{
depends_on = [aws_cloudfront_distribution.s3_distribution]
connection{
type = "ssh"
user = "ec2-user"
private_key = tls_private_key.key_pvt.private_key_pem
host = aws_instance.web.public_ip }
8. Printing output of instance public IP.
provisioner "remote-exec" {
inline = [
"sudo sed -i 's@URL@https://${aws_cloudfront_distribution.s3_distribution.domain_name}/${aws_s3_bucket_object.Task_1_buck.key}@g' /var/www/html/index.php",
]
}
}
The I.P. generated can be used to access the content of WebServer
Output -
Thank you for reading.
