β¨This repository is created to learn and deploy a 2-tier application on aws cloud through Terraform.
This Terraform project sets up a complete two-tier architecture on AWS using:
- VPC
- Public & Private Subnets
- EC2 instances
- Application Load Balancer (ALB)
- CloudFront Distribution
- ACM SSL Certificate
- Route 53 DNS
- Custom Domain Integration (
yourcreativecorner.xyz)
-
AWS Account with access to Route 53, EC2, ACM, CloudFront
-
Registered domain (yourcreativecorner.xyz)
-
Terraform CLI installed (v1.4+ recommended)
-
Public hosted zone created in Route 53
git clone https://github.com/panwar100/terraform-aws-two-tier-architecture
cd terraform-aws-two-tier-architecture-masterNote: Follow the blog for the step-by-step instructions to build this project. Terraform
Create an S3 bucket to store the .tfstate file in the remote backend
Warning! It is highly recommended that you enable Bucket Versioning on the S3 bucket to allow for state recovery in the case of accidental deletions and human error.
Note: We will need this bucket name in the later step
- Give the table a name
- Make sure to add a Partition key with the name LockID and type as String
We need a public key and a private key for our server so please follow the procedure I've included below.
cd modules/key/
ssh-keygen
The above command asks for the key name and then gives client_key it will create a pair of keys one public and one private. you can give any name you want but then you need to edit the Terraform file
Edit the below file according to your configuration
vim root/backend.tf
Add the below code in root/backend.tf
terraform {
backend "s3" {
bucket = "BUCKET_NAME"
key = "backend/FILE_NAME_TO_STORE_STATE.tfstate"
region = "us-east-1"
use_lockfile = true
}
}
Go to AWS Console --> Route53 --> Hosted Zones and ensure you have a public hosted zone available, if not create one.
Add your nameservers in your domain like this
Go to AWS console --> AWS Certificate Manager (ACM) and make sure you have a valid certificate in Issued status, if not, feel free to create one and use the domain name on which you are planning to host your application.
click on create records in Route53
Create one file with the name terraform.tfvars
vim root/terraform.tfvars
Add the below content into the root/terraform.tfvars file and add the values of each variable.
region = ""
project_name = ""
vpc_cidr = ""
pub_sub_1a_cidr = ""
pub_sub_2b_cidr = ""
pri_sub_3a_cidr = ""
pri_sub_4b_cidr = ""
pri_sub_5a_cidr = ""
pri_sub_6b_cidr = ""
db_username = ""
db_password = ""
certificate_domain_name = ""
additional_domain_name = ""
get into the project directory
cd root
π let deploy the application
# Initialize
terraform init# Preview plan
terraform plan
# Apply infrastructure
terraform apply
Type yes, and it will prompt you for approval..
After ~10 minutes post-deployment:
β https://yourcreativecorner.xyz
β https://www.yourcreativecorner.xyz
If it doesn't load immediately, wait for CloudFront & DNS propagation.
let's see what Terraform created on our AWS console.
- Make sure your domain is hosted in Route 53 and ACM certificate is issued and validated in the us-east-1 region for CloudFront.
- Bad Gateway or SSL errors may occur temporarily during propagation.
- You can update the terraform.tfvars to match your domain and ALB values.
terraform destroy
Type yes, and it will prompt you for approval..
This project is based on 10WeeksOfCloudOps Task 3 by Piyush Sachdeva