Today I went through the process of doing something I have never done before. Using some videos I found on Udemy, I created an AWS VPC from scratch. It is not that I am new to AWS networking, it is just I have always based my instances off existing VPCs, subnets, and network security. To be able to do it from scratch feels like a minor accomplishment. Here is the rough workflow:
-
Created a VPC
-
Create the subnets:
- 3 public subnets in Availability Zone 1a, 1b, and 1c.
- 3 private subnets in Availability Zone 1d, 1e, 1f
-
Don't forget that the public subnets have to autoassign IPs (Actions > Modify Auto-assign IPs > Enable auto-assign public IPv4 address)
-
Create Internet Gateway and attach to VPC (Actions > Attach to VPC)
-
Edit the default routing table for the public subnets and make sure it can route out the Internet Gateway
-
Create a routing table for the private subnets that can't go out the Internet Gateway. Associate the private subnets
-
Create a public security group that allows inbound rules for SSH from my personal IP.
-
Create a private security group that allows inbound rules for SSH from my personal IP.
After all of that I was able to spin up a quick and dirty terraform file that build a t2.micro instance in the VPC and suprisingly it worked on the first time.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.27"
}
}
required_version = ">= 0.14.9"
}
provider "aws" {
profile = "default"
region = "us-east-1"
}
data "aws_subnet" "public_subnet_1" {
id = "subnet-XYZ-public"
}
resource "aws_instance" "webserver" {
ami = var.ami_id
instance_type = var.instance_type
subnet_id = data.aws_subnet.public_subnet_1.id
security_groups = ["sg-public"]
key_name = var.key_name
tags = {
Name = "webserver"
Environment = "prod"
}
}