Image for post
Image for post

Building AWS Infra with Terraform 1

Part 1: Infrastructure as Code using Terraform

This is a tutorial that teachers how to build an AWS infrastructure using Terraform, starting with building a core network infrastructure as the infrastructure concern (or layer) and then building a web application as the web application concern.

We’ll implement this using a modular approach with Terraform modules, with each concern as a module.

The infrastructure will have two sub-modules: network and security, while the web application will have two sub-modules: application and database.

Image for post
Image for post

The core infrastructure will use the following AWS resources:

At the end of this section, you should have a basic grasp on how to create a infrastructure that supports a secure private network and a public facing network.

The web application layer will use the following AWS resources:

This application will serve to demonstrate the infrastructure, but also gain knowledge on how to create basic instance with database support. Will will also learn how to import the existing infrastructure output for use with your projects.

The Tool Requirements

You’ll need essentially two tools:

Note: The instructions oriented toward using the GNU Bash Shell.

Installing AWS CLI

If you have a Python Environment, such as one installed with pyenv, you can simply run:

Further information on installation on AWS:

I wrote a previous article on creating a Python environment using pyenv:

First follow the installation and configuration instructions from AWS docs:

Note: If not obvious, you need to have an AWS account with permissions to create resources, and copy of AWS access key id and AWS secret access key.

I recommend using AWS profiles, as it is easy to switch between professional work and learning home accounts.

After, you will have a ~/.aws/credentials file that looks something similar to this, but with valid credentials.

And you will want to have a ~/.aws/config file that looks something similar to this, with the desired region specified:

Note: Pay attention to added word of profile in the config, which is different that the credentials file.

Test the profile:

Note: Originally, AWS CLI used AWS_DEFAULT_PROFILE, but recent versions of AWS SDK only support AWS_PROFILE. Set both to be safe.

Terraform, for all intents and purposes, is a change configuration tool for configuring cloud resources and other resources that can be managed through a web interface (RESTful API). When configuring cloud resources, the popular term is cloud provisioning.

Terraform purposefully does not configure system resources, as there are popular CAPS (Chef, Ansible, Puppet, or Salt Stack) tools for this already.

On macOS, if you have Homebrew installed, you can install terraform using this:

On Windows 10, if you have Chocolatey installed, you can install terraform using this in either command shell or PowerShell run with administrative privileges:

Otherwise, you can download and install Terraform manually:

Getting Started

At this point, we should have both terraform and AWS CLI tools installed and available in the path, and we also have AWS environment configured with a profile called learning, and set this to the default.

We are going to create two separate projects areas to support SoC (Separation of Concerns). This allows us to be modular, as well as not blow up our infrastructure while making changes to the web application.

To get started, let’s create the following organizational structure (output of tree -F):

We can create this in the GNU Bash Shell with the following commands:

We need to use AWS provider we can interact with AWS.

Let’s update our blank files:

Terraform can pick up our credentials, but not the region, so we need tell Terraform about our default region:

With that we have our region setup and valid credentials configured, we need to download the Terraform AWS plugin:

When deploying systems we need to generate AWS Key Pair, which will be used to access the remote system using a private key.

You can use these steps to create a key pair:

Verify you key pair is installed

Afterward, when logging into a system created by Terraform, you can use:

Conclusion: Until Next Time

This is the first step to configure and setup a AWS Terraform environment (aws and terraform tools), and follow up articles, I’ll walk through the first concern of AWS core infrastructure and then two articles on the web application concern, one the app and one for the database, both organized into modules that the code can be reused.


This tutorial was inspired by web console version tutorial, and does the equivalent resources using infrastructure as code with Terraform.

Written by

Linux NinjaPants Automation Engineering Mutant — exploring DevOps, Kubernetes, CNI, IAC

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store