AWS VPC with public subnet, a private subnet, Internet gateway and NAT gateway And Deploy Public WordPress Site With Private MYSQL Database Using Terraform

Things we do here:-

introduction:

VPC

SUBNET

Internet Gateway (IG)

Routing table (For internet gateway)

NAT Gateway

Private Subnet

Public subnet

Pre-requisite:-

this is the basic infrastructure blueprint of which we are going to creat
aws configure
provider "aws" {
region = "ap-south-1"
profile = "nischal"
}
resource "aws_vpc" "main" {
cidr_block = "192.168.0.0/16"
instance_tenancy = "default"
tags = {
Name = "nischal_vpc"
}
}
resource "aws_subnet" "subnet1" {
vpc_id = aws_vpc.main.id
availability_zone = "ap-south-1a"
cidr_block = "192.168.1.0/24"
map_public_ip_on_launch = true
tags = {
Name = "pub_1a"
}
}
resource "aws_subnet" "subnet2" {
vpc_id = aws_vpc.main.id
availability_zone = "ap-south-1b"
cidr_block = "192.168.2.0/24"
tags = {
Name = "priv_1b"
}
}
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.main.id}"
tags = {
Name = "int_gw"
}
}
resource "aws_route_table" "rt" {
vpc_id = "${aws_vpc.main.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}"
}
tags = {
Name = "public"
}
}
resource "aws_route_table_association" "subnet_association" {
subnet_id = aws_subnet.subnet1.id
route_table_id = aws_route_table.rt.id
}
resource "aws_security_group" "allow_tls" {
name = "allow_tls"
description = "Allow ssh,httpd,mysql"
vpc_id = "${aws_vpc.main.id}"
ingress {
description = "ssh port"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "httpd port"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = " port"
from_port = 3306
to_port = 3306
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "ssh port"
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "sec_grp"
}
}
resource "aws_eip" "aws_eip_1" {
vpc = true
depends_on =["aws_internet_gateway.gw"]
}
resource "aws_nat_gateway" "nat_gw" {
allocation_id = "${aws_eip.aws_eip_1.id}"
subnet_id = "${aws_subnet.subnet1.id}"
depends_on =["aws_internet_gateway.gw"]
}
resource "aws_route_table" "rt2" {
vpc_id = "${aws_vpc.main.id}"
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.nat_gw.id}"
}
tags = {
Name = "private"
}
}
resource "aws_route_table_association" "subnet_association_2" {
subnet_id = aws_subnet.subnet2.id
route_table_id = aws_route_table.rt2.id
}
resource "aws_security_group" "allow_public" {
name = "allow_public"
description = "Allow ssh,httpd,mysql"
vpc_id = "${aws_vpc.main.id}"
ingress {
description = "TCP"
from_port = 3306
to_port = 3306
protocol = "tcp"
security_groups =[aws_security_group.allow_tls.id]
}
egress{
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "sec_grp_for_privat"
}
}
variable ssh_key_name{
default = "keywithtf"
}
resource "aws_instance" "web" {
ami = "ami-7e257211"
instance_type = "t2.micro"
subnet_id ="${aws_subnet.subnet1.id}"
associate_public_ip_address = true
key_name ="nischal"
vpc_security_group_ids = [aws_security_group.allow_tls.id]
tags ={
Name = "publicos"
}
}
resource "aws_instance" "mysql" {
ami = "ami-08706cb5f68222d09"
instance_type = "t2.micro"
subnet_id ="${aws_subnet.subnet1.id}"
key_name ="${var.ssh_key_name}"
security_groups =[aws_security_group.allow_public.id]
tags ={
Name = "mysql_privatos"
}
}
terraform apply— auto-approve

output

WordPress dashboard
terraform destroy --auto-approve