Building an AWS VPC with Terraform

In this guide, we’ll walk through the process of creating an AWS VPC and placing an EC2 instance within that VPC using Terraform. This is Part 2 of the series. In Part 1, we covered how to create an EC2 instance and a security group. By the end of this guide, you’ll have a fully functional VPC with a public subnet, an internet gateway, a route table, and an EC2 instance.

Here’s what we’ll cover in this part:

Create VPC

A Virtual Private Cloud (VPC) is a logically isolated section of the AWS cloud where you can launch AWS resources. It acts as a virtual network for your AWS resources, allowing you to define IP address ranges, subnets, and routing rules. To create a VPC, you need to define a CIDR block, which specifies the IP address range for the VPC. The CIDR block determines the size of the VPC and the number of IP addresses available. In this example, we use the CIDR block 10.1.0.0/16, which provides a large range of IP addresses.

resource "aws_vpc" "main-vpc" { cidr_block = "10.1.0.0/16" tags = { Name = "main-vpc" } }

Create Subnet

A subnet is a range of IP addresses within your VPC. Subnets allow you to segment your VPC into smaller networks, which can be public or private. Public subnets are accessible from the internet, while private subnets are not. In this example, we create a public subnet within the VPC. The subnet is associated with the VPC using the vpc_id argument. We also specify the CIDR block for the subnet, which must be a subset of the VPC's CIDR block. The map_public_ip_on_launch argument ensures that instances launched in this subnet automatically receive a public IP address. The availability_zone argument specifies the AWS availability zone for the subnet.

resource "aws_subnet" "public-subnet-1" { vpc_id = aws_vpc.main-vpc.id cidr_block = "10.1.1.0/24" map_public_ip_on_launch = true availability_zone = "us-east-1a" tags = { Name = "public-subnet-1" } }

Create Internet Gateway

An internet gateway allows communication between your VPC and the internet. It’s a horizontally scalable, redundant, and highly available VPC component. Without an internet gateway, resources in your VPC cannot communicate with the internet. In this step, we create an internet gateway and attach it to the VPC. The vpc_id argument associates the internet gateway with the VPC.

resource "aws_internet_gateway" "main-igw" { vpc_id = aws_vpc.main-vpc.id tags = { Name = "main-igw" } }

Create Route Table

A route table contains a set of rules (routes) that determine where network traffic is directed. Each subnet in your VPC must be associated with a route table, which controls the traffic flow to and from the subnet. In this step, we create a route table and add a route to the internet gateway. The vpc_id argument associates the route table with the VPC. The route block defines a route that directs all traffic (0.0.0.0/0) to the internet gateway.

resource "aws_route_table" "public-rt" { vpc_id = aws_vpc.main-vpc.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.main-igw.id } tags = { Name = "public-rt" } }

Route Table Association

To make the subnet public, we associate the route table with the subnet. This ensures that traffic from the subnet is routed through the internet gateway. The subnet_id argument specifies the subnet to associate, and the route_table_id argument specifies the route table to associate with the subnet.

resource "aws_route_table_association" "public-rta-1" { subnet_id = aws_subnet.public-subnet-1.id route_table_id = aws_route_table.public-rt.id }

Conclusion

By following these steps, you’ve successfully created an AWS VPC, subnet, internet gateway, route table, and an EC2 instance using Terraform. This setup allows you to manage your infrastructure as code, making it easier to version, share, and replicate your configurations. If you haven’t already, check out Part 1 of this series, where we cover creating an EC2 instance and a security group.