Cloud Automation Using Terraform:
AWS is an amazon platform which provides open source public cloud computing services.
Terraform is an open source infrastructure as a code software tool created by Hashicorp.
The main components involved in launching of a web server are:
1. Elastic Cloud Compute(EC2) is a part of Amazon’s cloudcomputing platform that allows users to rent virtual computers on which to run their own computer applications. It provides compute as a service to the users(CAAS).
2. Elastic File System(EFS) is a cloud storage service provided by (AWS) designed to provide scalable, elastic, concurrent with some restrictions and encrypted file storage for use with both AWS cloud
services and on-premises resources. In simple words, it provides File storage as a service(FSAAS).
3. CloudFront is a content delivery network (CDN) offered by Amazon Web Services . Content delivery networks provide a globallydistributed network of proxy servers which cache content, such as web videos or other bulky media, more locally to consumers, thus improving access speed for downloading the content.
STEP1: Specifing Provider
Provider is used to specify the cloud provider that we are going to use as terraform has same syntex for all cloud platforms for which it downloads plugins.Here we are using AWS as provider.
#providerprovider "aws" {
region = "ap-south-1"
profile = "myshailja"
}
STEP2: Creating Security Group
This is security group, we are defining a firewall which has allowed SSH, HTTP & one more port through which EFS can communicate, the inbound or the traffic coming in is called ingress and the out bound or traffic going outside is called egress. CIDR defines the range.
resource "aws_security_group" "sc1" {
name = "sc1"
description = "Allows SSH and HTTP"
vpc_id = "vpc-98918cf0"
ingress {
description = "SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}
ingress {
description = "HTTP"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = [ "0.0.0.0/0" ]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "sc1"
}
}
STEP3: Launching EFS
This is to create EFS, this will create EFS cluster with the encryption done on the data in rest.
resource "aws_efs_file_system" "myefs"{
creation_token="my-efs"
tags = {
Name= "myefs"
}
}
resource "aws_efs_mount_target" "first" {
file_system_id = aws_efs_file_system.myefs.id
subnet_id = "subnet-efdde787"
security_groups= [aws_security_group.sc1.id]
}
STEP4: Launching instance(EC2)
This will create the instance with some listed software and will also mount the EFS which we created.
resource "aws_instance" "myos1" {
ami = "ami-0732b62d310b80e97"
instance_type = "t2.micro"
key_name = "mainKey"
security_groups = [aws_security_group.sc1.id]
subnet_id = "subnet-efdde787"
associate_public_ip_address = "1"
connection {
type = "ssh"
user = "ec2-user"
private_key = file("C:/Users/HP/Desktop/mainKey.pem")
host = aws_instance.myos1.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo yum install httpd php git -y",
"sudo systemctl restart httpd",
"sudo systemctl enable httpd",
]
}
tags = {
Name = "myos1"
}
}
STEP5: Creating S3 bucket
This will help us create S3 bucket, this works as a unified storage from where we will use cloud front to make it globally scaled using its power of doing CDN- Content Delevery Network.
resource "aws_s3_bucket" "shailja858585bucket1forproject" {
bucket = "shailja858585bucket1forproject"
acl = "public-read"
versioning {
enabled = true
}
tags = {
Name = "shailja858585bucket1forproject"
Environment = "Dev"
}
}
STEP6: Uploading on S3 bucket
Uplaoding the the static data to the s3 bucket that we just created. Key is the name of the file after the object is uploaded in the bucket and source is the path of the file to be uploaded.
resource "aws_s3_bucket_object" "s3obj" {
depends_on = [
aws_s3_bucket.shailja858585bucket1forproject,
]
bucket = "shailja858585bucket1forproject"
key = "shailja.jpg"
source = "C:/Users/HP/Desktop/shailja.jpg"
acl = "public-read"
content_type = "image or jpeg"
}
STEP7: Creating CloudFront
CloudFront is the service that is provided by the AWS in which they create small data centres where they store our data to achieve low latency. It will create a CloudFront distribution using an S3 bucket. In this bucket, we have stored all of the assets of our site like images, icons, etc.
resource "aws_cloudfront_distribution" "shailjaCF" {
origin {
domain_name = "shailja858585bucket1forproject.s3.amazonaws.com"
origin_id = "S3-shailja858585bucket1forproject"
custom_origin_config {
http_port = 80
https_port = 80
origin_protocol_policy = "match-viewer"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
}
enabled = true
default_cache_behavior {
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "S3-shailja858585bucket1forproject"
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
Output:
Thankyou For Reading!!
