AWS VPC Explained with Terraform

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello there this is Rahul and welcome to this AWS series with terraform well on to the left hand side of my screen you can see the setup and this whole setup we are just gonna Implement in this today's lab session we will first begin with a very empty AWS account which you can see over here so this is my AWS project and this project is completely empty and all the way I will go and we'll just start setting up our VPC we'll set up subnet we'll set up private and public subnet we'll also set up the route table we'll set up the net Gateway we'll set up the internet gateway and finally the elastic IP so these are the topics which we are just gonna cover today step one which is VPC so as soon as you create your AWS account and you have your active AWS account ready with you then the first step you need to do is you need to set up the VPC and VPC stands for virtual private Cloud so VPC is inside AWS are the isolated networks which are separated from each other so in single AWS account you can have a multiple vpcs for multiple projects and those we pieces will always be isolated unless and until you have specified a communication pattern or communication path between those VPC once you create a VPC in AWS then you can start putting the resources just for example ec2 RDS load balancer within the VPC and those resources will be isolated from other resources which are running in any other VPC now the question comes like how you are gonna create a VPC within your AWS account using terraform so here is the example code which I have taken to create a VPC and the same code I'm just gonna use into the second part where I'm just gonna perform the demo so here you can see this is the terraform code for creating a VPC so what you need to Define over here is the cider range so here I have specified the IP ranges for my VPC and the tax so that's the simplest way to create a VPC into AWS so you need to keep in mind you need to provide a cider block and then you need to provide attacks tags are optional but it is always good to have some Stacks assigned to a resource so that you can identify which kind of a resource which you have set up into your AWS Step 2 like subnet so now you have a AWS account you have created a VPC the next thing which you need to create you need to create subnet so moving to the next slide so here you can see two subnets which I have created one is the private subnet and one is the public subnet so I'll explain public and private subnet later but this is the next logical step which you need to do after creating the VPC which is subnet but you might be wondering like what's the purpose of a subnet so subnets are the sub networks present within the VPC so these are Again The Logical units for putting the resources like ec2 inside the subnet so here I have created a two logical separation between the subnet which is the public subnet and the private subnet so in the public subnet I'll just try to put the resources which are publicly accessible from outside of like AWS account and in the private subnet I'm I'm just gonna put only those resource sources which are accessible within AWS or within that particular VPC or within that particular subnet so that's the purpose of our subnet all right so now you know the subnet the next question is like how to create a subnet using terraform so onto the screen you can see the two code snippet which I have taken and on the left hand side which is for public subnet and on the right hand side you can see for private subnet so I'll begin with the public subnet so the resource name which you need to keep over here is AWS underscore subnet then you can put your custom name for the subnet which I have kept it here as like AWS underscore J hook public subnet so this is my public subnet name and similarly I have kept a similar name but with a private uh name inside my Subnet all right the next thing which you need to specify over here is count the count is optional because here I'll be creating more than two subnets although all to the slides I have shown you like a two subnets but in the demo I'll be creating four subnets two for public and two for private so that's why I have to use the loop over here so that's why I'm using the count Loop over here for creating the subnet secondly you need to provide a reference to the VPC because in the first step we have created a VPC and after that we have created a subnet and those subnets are present within the VPC so you need to provide a reference of a VPC like in which VPC us is going to create a subnet so that's why this is the VPC ID which you can see onto the screen and that is denoting like this particular subnet is present within that particular VPC now moving to the third which is cider block and this is again an IP range which you need to specify for your subnet because your subnet which needs to have some kind of Ip associated with that that's why you need to specify the IP ranges fourth is the availability Zone availability zone is pretty standard like in which availability Zone you want to have your subnet you can have a one subnet indifference availability Zone and a second subnet into another availability zone so that your application is highly available so that's the purpose of availability Zone and finally the tax tax are something which you need to put for Meaningful name so the code is identical for both public and the private subnet so these are the two code snippet which is really important to understand while creating the subnet moving to the next thing in the subnet is the IP ranges so as I have told you earlier like we are just gonna create a two public subnet and two private subnet so we need to specify the IP ranges for those two subnets so here onto the screen on the left hand side you can see the ranges which I have specified like 10.0.1.0 and also 10.0.2.0 for public subnet and for private subnet I'm just gonna use the IP ranges that is 10.0.3.0 and 10.0 Dot 4.0 so that's the IP ranges which I have specified for my Subnet and these are just a terraform variables which I will be using when I'm doing the demo moving to the third step and in the third step we will be setting internet gateway but what is internet gateway so as the name suggests internet gateway allows a resources which is present under your VPC to communicate with internet so internet gateway is just a bridge which allowing the internet traffic to go in within the VPC as well as exit from our VPC but always remember internet gateway is not sufficient enough to set up this kind of a connectivity with internet you need to have a router table which we will set up in the next step but that's just a key point which I would like to highlight at this point of a time when we are discussing about the internet gateway now let's take a look at the code snippet of a terraform to set up our internet gateway so the code snippet is quite simple here is the resource block and you need to keep the name as AWS underscore internet underscore gate way and after that you can just put the significant name for your internet gateway so here I have kept it is like a public internet gateway but the key thing which you need to uh make a note of is like a VPC whenever you're working with the internet gate with an internet gateway is always associated with a VPC so you need to assign a correct VPC ID for your internet gateway so here I'm just using the VPC that is AWS underscore VPC and the VPC which I have created in our step number one that is VPC J hook EU Central one so that is my VPC so you need to attach that particular VPC to this internet gateway and that's the code for our internet gateway moving to the step number four where we need to set up another Gateway and this Gateway is little bit different and which we call it as a Nat Gateway the full form of a Nat is Network address translator and this is a spatial Gateway which controls the traffic for our private subnet so any resource which is present in private subnet should not have have access from outside so what does it mean by outside so any resource like ec2 instance or relational database system which is present inside your private subnet should not be accessible from from outside of our AWS environment so that's the purpose of a private subnet and but sometime it happens that those particular servers which is present inside our private subnet need to access the internet to get the updates suppose for example if you are spinning up an easy to install which is a Ubuntu based operating system and you need to update the server so in that case you will need to have an access to the outside world or Internet so in that case net Gateway will help you to get the access uh to the internet for those resources which is present inside your private subnet but it is very different from internet gateway because in internet gateway it allows to and fro communication from within VPC as well as from outside of the VPC also so that you can access the resource which is available into the public subnet so if I summarize the internet gateway and the net Gateway so internet gateway which allows to and fro communication so from outside of AWS you can access the resources which is present into the public subnet as well as the resources present into the public subnet can access the internet also via internet gateway but net Gateway it doesn't allow outside communication to access the resource present into the private subnet but although the resources present into the white private subnet can access the internet for example taking the updates for our servers let's take a look on to the terraform code for setting up the NAT Gateway so for setting up a net Gateway you need to have a elastic IP so the First Resource which we are just going to create is AWS EIP which stands for elastic IP and this is the first resource which will create and allocate an inter elastic IP for you and after that you will create a one resource which is AWS Nat Gateway and then in that Gateway you just need to first of all assign the elastic IP which is like it depends upon a resource which I have kept it because you need to provide a dependency so that elastic IP is created first and after that you are just gonna create a net Gateway so that's why I have put a depends on tag over here but the idea is simple you need to have elastic IP ready before creating a net Gateway all right now the next thing which you need to do is the allocation ID where you are just going to put the ID of your elastic IP third thing is the subnet because this particular net Gateway needs to be associated with some subnet and since this net Gateway is specifically designed for our private subnet so we are just going to put the private subnet IP over here so here you can see in the subnet ID you will see the AWS underscore subnet then I have put my private subnet ID which is AWS J hook private subnet and then I have put a meaningful tag name over here so this is the way you're just gonna create a net Gateway uh for from your terraform code moving to the next step and the next resource which we will be creating is the route table so route table is responsible for routing the traffic within the VPC so here onto the screen you can see I have created only one route table but route table has to be associated with the subnet which you have created so for example over here onto the screen you can see the public subnet and the private subnet so we will have a one route table for a public subnet as well as one route table for a private subnet so let's take a look onto the route table infrastructure code with terraform so here on the left hand side you will see the route table code for our public subnet so here what you need to do if you are creating a route table then you need to specify which VPC you are working on so the first attribute which over here present is the VPC ID second you need to specify the Gateway ID so since I am working on a public subnet so public subnet is associated with our internet gateway so that's why I'm just gonna use the internet gateway ID over here so which is like AWS internet gateway and the public internet gateway ID which I have created for my internet gateway and finally I'm just going to create a tax so tags are just a meaningful name for my route table similarly on the right hand side you will see a route table which I have created for my private subnet and since I am working with the private subnet then I need to use the net Gateway ID because that's the net Gateway ID we'll be using to let the server communicate with outside world so here uh we first gonna specify the VPC ID because our public and the private subnet both are present into the same VPC so the VPC ID is going to be the same but the only thing which differs over here is the net Gateway ID which is like this so here I have a specified the net Gateway ID and also I have a specified depends on because uh to create a route table you need to have a net Gateway ID created so that's why I have used the depends on block so there is a dependency which I have defined on my route table and I am expecting the net gateway to be created before the route table so that's why I have used the depends on and finally the tags and tags are just something a meaningful name which I have kept it over here is the RT private that means root table for private subnet okay so here I have put some arrows over here so this is how the flow will happen so the internet gateway will communicate with our route table and it will find a route and then it will go to the public subnet to access the resources and similarly the NAT Gateway here we are having a private subnet that will again go to the private route table or the private subnet route table and then from there it will just go to the net Gateway and then it will communicate with the elastic IP and then it will access to the internet from outside of the world so that's the typical flow which is happening over here with the help of Route table internet gateway and the Net game quickly and in the final step we are just gonna put the resources inside our subnet because our whole setup is ready and now we need to create the resources within those subnet so here in the public subnet I have just for example created an ec2 machine and on the private subnet we'll be creating a relational database system but it depends upon the use case although you can create a same ec2 instance into your private subnet also so that's up to you like what kind of a resource you want to put inside your public as well as into your private subnet but rest of the concept and rest of the structure for this whole setup is gonna be the same and you just need to later on decide like which resource you want to put in private subnet and which you want to put into your public subnet all right so this is the second part where I'll walk you through the code of my terraform and this whole setup and we'll just gonna take a look on to the each resource and we will first begin with the VPC setup and onto the screen you can see this is my project which is terraform AWS VPC see I'll put the GitHub link of this particular project into the description section so feel free to clone that particular repository all right so to begin with the first thing which we need to do is we need to set up the VPC and to set up the VPC I have created a file which is set of vpc.tf so that's the terraform file which is responsible for only setting the VPC I'm just gonna enable the other resources but we will first begin with only one resource that is VPC and here there are a couple of things which you need to pay careful attention so the cider block that's the range of my VPC and that I have assigned inside my variable and that variable you can find it from here that is variables.df and this is the VPC cider range and this is the IP range which I will be assigning to my VPC that is 10.0.0.0 16. okay and this is the resource which is for AWS VPC which I'm just gonna provision so here is my terminal the First Command which I'm just gonna run is the terraform init command and once it is successful then the next command which I'm just gonna run is terraform plan and here you can see it is going to add one resource and that one resource is going to be my VPC so I'm just gonna again clear the screen and the command which I'm just gonna run is terraform apply type yes and our VPC has been created so we'll just head over to the browser and we'll check the VPC by its name onto our AWS console so here is my AWS console I'm just gonna type VPC over here into the search console just click on VPC click on the vpcs over here and here you can see VPC J hook EU Central one so that's the VPC which we have just created using our terraform now after creating the VPC the next thing which we need to do is we need to create a subnet and we will be creating two subnet that is public subnet and the private subnet so here I have created a file for creating the subnet also and here we need to look for setup subnet.terraform file so here I have already commented out the code so I'm just gonna enable the code for public as well as private subnet okay so first I'll begin with the public subnet so here I have created account which is a loop and that is responsible for creating the two subnet for public so here uh you need to First Look Into the variable like what are the two values on which I am iterating so if you go over here into the variables.tf then this is the site or public subnet so this is the IP range for my public subnet and here I am using two ranges that is 10.0.1.0 and 10.0.2.0 so those are the two public subnet I'll be creating inside my VPC and VPC I have already created similarly for private subnet I am I have assigned the two IP ranges so that is 3.0 and that is 4.0 so that is going to be my private subnet let's get back to my Subnet terraform file so we have seen like why we are iterating we have seen okay so this is the VPC so we have already created a VPC and that's the name of the resource like VPC J hook EU Central one and if you open the VPC setup so this is the name which we are using to fetch the VPC ID so here I have fetched the VPC ID and assigned it to my Subnet and the same thing which I have deleted over here also into my private subnet also third thing here this is the cider block range which is like IP ranges for my public subnet and same thing which is available over here is the private range for the IP range for my private subnet the next thing is the availability zone so here I have specified the availability zone so that you can again find it into over here into the availability Zone that is this one and my availability Zone which I have defined is the EU Central 1A and EU Central 1B for high availability okay coming back to subnet once again so the last thing which is remaining over here is the tax so that I can easily identify my subnets that is which one is public and which one is private so that's why I have just assigned the prefix like a subnet public and subnet private so this is the setup or the terraform code which I'll be using to provision much subnet and remember we have already created the VPC as a first step all right so I'm just gonna open the terminal over here and I'm just gonna clear the screen so the First Command which I have run it is terraform unit but that the command I have I have already executed it so the next command which I'm just gonna run is terraform plant command and here you can see it is trying to add four resources so that means it is going to create four subnet to public subnet and to private subnet so the next command which I'm just gonna run is terraform apply command IPS and here you can see our four resources has been added that means our four subnet has been created so I'm just gonna head over to my browser and verify those subnet from AWS console so this is my AWS console and again I'm just gonna head over to the search box and I can type subnet over here and if in case you don't want to use the search box and what you can do you can just simply on the left hand side you will find a subnets option also so you can just simply click on over here and here you can see there are four subnets which we have created that is uh if I sort it by name then you can see there are two two private subnet and there are two public subnet and if I click on the subnet ID of any of the pub private or public subnets let's say private one and here you will find the VPC so now you will start like connecting the dots so first we have created a VPC that is virtual private cloud and inside that we have created a subnet and that subnet is pointing to the VPC so that's how you we are gonna Interlink all these resources onto your AWS environment so now we are having our four subnets ready which is two public and two private all right so the next resource which we are just going to create is the internet gateway so here uh there is a file internetgateway.terraform file so I'm just going to open it and I'm just gonna enable that resource and that is internet gateway and here you can see uh there are two things which you need to be careful over here that is VPC ID because you need to create this internet gateway within that particular VPC so that's why we have used the same VPC ID which is uh VPC J hook EU Central one because that's the VPC we are just gonna use throughout this lab session so creating an internet gateway is pretty simple just create a resource assign a VPC and just create a tag name for your VPC sorry your internet gateway and you are just ready to go with your internet gateway I'm just gonna open the terminal over here and just gonna clear the screen so now we have created VPC we have created subnet the next thing which we are going to create is the internet gateway so I'm just gonna run the terraform plan command and here it is saying that it is going to add one resource that's okay I'm just gonna clear it the next command which I'm just gonna run is terraform apply type yes [Music] and we have created our internet gateway so this is my AWS console and now we are just going to verify our internet gateway whether that has been created or not so what you can do you can search it from here also internet gateway and here it is so just click on it I think it has open in the background okay so here it you can see the internet gateway has been opened this whole console has been opened or you can search it from the left navigation menu also but here onto the screen you can see uh internet gateway for j-hoop EU Central projects that has been created just click on the internet gateway ID and here you can see the VPC ID which is associated with this internet kit Gateway so that means our internet gateway is associated with the VPC that is J hook EU Central one all right so now after creating the internet gateway the next Gateway which we are going to create is Nat Gateway and that will take care of our private subnet so internet gateway is already done and that is taking care of our public subnet but now we are just going to take care of our private subnet so here uh on to this project on the left hand side you will find a netgateway.terraform file so here I have already commented this resource so I'm just gonna enable it and I'm just gonna enable it from the talk also so for creating a Nat Gateway you need to have a elastic IP uh first of all created and once you create the elastic IP then you need to create your NAT Gateway so here again uh we are just gonna use the count because we are having two private subnet so that's why I'm just gonna iterate over both the subnets second I have added a depends upon blog because yes I I need to depend upon this elastic IP because without elastic IP I cannot create a net Gateway so that's why I have defined the dependency over this elastic IP third thing is the allocation ID and here I will be using uh the allocation ID from our elastic IP which is this one so this is the dependency and this is the allocation ID on the elastic IP the fourth thing is the subnet and here we need to specify our private subnet so here I'll be using AWS J hook private subnet so that's my private subnet and finally I'm just gonna create a tag for my net Gateway so that I can identify that particular Nat Gateway so I'm just going to apply this changes I'm just going to head over to my terminal and I'm just going to run that terraform plan and apply come on so here is my terminal I'm just going to clear the screen the command I'm just gonna run instead of complan and here you can see it is creating four resources that's okay I'm just gonna clear it so I'm just going to run the command Tera form apply [Music] type yes and here you can see the net Gateway has been created and it might take a few seconds because it needs to create elastic IP and based on that elastic IP it is going to provision The Knack Gateway so it might take a minute or so to create this whole net Gateway along with the elastic IP so be patient with that all right so here you can see uh our terraform apply command has just finished so now we are just gonna head over to the AWS console and verify our net Gateway and elastic IP so this is my AWS console and on to the search box I'm just gonna type elastic IP addresses and I'm just gonna click on this one and as you can see over here there are a couple of elastic IP addresses which has been allocated and since we are having two private subnets so we need two elastic IPS so that's why the first one is this elastic IP address and this is the second elastic IP address which we have got so that's the first part then second thing on the left hand side we need to verify our Nat gateways also so just click on it and here you can see this is the NAT Gateway and you can see private private the tax which I have already put so that I can identify it belongs to which uh which private subnet okay so these are the two subnet as these are the two uh net gateways sorry I'm just gonna click on this net Gateway ID over here and here you can see this is the public ip4 address and this is going to be my elastic IP address which you can see over here so this is how you're just gonna link the things and if you go back and if you guys just if you're just going to open the another net Gateway and here this is the second elastic IP address which you can see over here so that's how you're just gonna create a elastic eyepiece and Associate those elastic IPS to your net Gateway all right so the next thing which we need to create over here is the route table now we have a internet gateway and now we have a net Gateway but we need to have a route table to Route the traffics for our public subnet as well as our private subnet so here I have created a terraform file for that one also which is router table and I'm just gonna enable these resources and I'll go to the top and I'll just enable that one also so here I'm just going to create a two route table one is for public subnet and one is for private subnet but in public subnet I'm just gonna use internet gateway and in the private subnet we are just gonna use the net Gateway so here this is the route table for my public subnet and here I'm just using the VPC because I just want this to be present into the same VPC which I have created this is the Gateway which is like a public internet gateway which you can see over here this is the public internet gateway which I am using and after that I have just created a tag rt4 route table and this is Route table public for this particular project similarly this is the route table for private subnet and here I have used the VPC ID of my it is the same VPC ID basically because there is only one VPC for this whole project and this depends upon the net Gateway because I need to have a net Gateway created before so that I can create the route table so that's why I have just defined the dependency over here also and after that in the net Gateway ID I have just used the same network net Gateway ID which I have just created for my private subnet so that's how you are just gonna link these resources and finally the tag so that I can identify like which route table it is so that's the code for my route table and I'm just going to head over to terminal to just provision these resources so this is my terminal I'm just gonna clear the screen the First Command I'm just going to run is terraform plan and here you can see it is just going to add 3T sources and is going to update two changes so that's okay so I'm just gonna clear the screen and terraform apply [Music] there is a typo there so there are that should be right one type yes okay so now our resources has been created and our route table has been created so I'm just gonna head over to my browser and check the route table from my AWS console so this is my AWS console and on to the left hand side you will find a route table under this virtual private Cloud section and here you will see uh there is a uh like one public route table for my public subnet and there are two route tables for my private supplement because in private subnet we are having a net Gateway associated with it and each net Gateway has its own elastic IP so that's why we need to create our two separate route table for our private subnet and if you click on this public subnet or sorry public route table then you will find the VPC ID and internet gateway ID which is our well available over here in the bottom and here is my internet gateway for my public subnet and similarly if I open the private which is this one and here you will find the VPC ID which is same and so it is a single VPC and this is the net Gateway ID which is this one and if you open this one then here you will find the private net Gateway over here and this is the uh like elastic IP associated with that net Gateway so that's how we are just gonna create uh the route table for our public and the private subnet okay so I just want to take a uh look back on to my this previous presentation which I have just shown to you so we have placed these components so we have internet gateway we have a net Gateway we have a route table but now we need to create an association between this route table internet gateway and this subnet and similarly on the private subnet side also we need to create this association between the route table net Gateway and this particular subnet so that's the thing which we create and if I take a look so I'm just referring to these arrows so although these resources are there but those resources are not interlinked with each other and that's why we need to create an association between these internet gateway route table and the net Gateway along with the subnets okay so I'm just gonna head over to my IDE and here we have created I have created a route table Pub subnet Association file just gonna open this file just uncomment the code over here and I'm just going to explain each code again so this is the association for a public subnet so that you are associating subnet with your route table so I I can just reopen my slide once again to you okay so here so here I'm just gonna associate my public subnet with my route table and similarly my private subnet with my route table so that's what I'm doing over here so here I'm just creating an association uh between the subnet ID and the route table ID and similarly for private subnet also I'm just creating an association between the subnet ID and the route table ID then you might be wondering like where is the NAT and the internet gateway Association so remember if I go back to IDE and if I go back to my route table which I have already created the route table so here we have already Associated our gateway to that particular route table so that Association is already taken care when we have created the route table previously so this Gateway is already associated with this route table and this Navigator is also associated with our private route table but the thing which was missing is the subnet so we need to attach this subnet to this particular route table and that will happen for for both public as well as the private subnet so this this is the code which I have enabled and I'm just going to execute the terraform plan and apply command to create this Association so this is my terminal and I'm just going to run the command terraform plan I'm just gonna uh yeah here you can see it is going to add four resources and it is going to update two because we are just gonna associate the subnet IDs all right so I'm just gonna clear it uh just gonna run the next command terraform apply type yes and here you can see the now the association has been created and our subnet are linked to the route table and now I am talking about both the subnet that is public as well as the private and you can verify this Association by coming to the VPC dashboard you can simply again search for VPC and once you will click on this particular then you will just land on this particular dashboard that is for VPC and here just click on this subnet and just click on let's say this private subnet over here and here you will find the association for Route table and now our subnet is associated with that particular route table and which you can click on this one also and this is the route table which we have just created and now it is associated with this particular subnet at the same logic is applied for the other three subnets also which is two public and one more private subnet so now the route tables are properly Associated along with the internet gateway and your subnet and similarly for net Gateway and for your private subnet all right so now our this whole setup is ready and now we need to put the resource inside these subnet so now I'm just gonna put a ec2 instance inside my public subnet but you can use the same logic to put the another resource it can be ec2 or it can be RDS to put it inside the private subnet so the next step I'm just gonna show you is for ec2 instance which I'm just gonna put it inside my public subnet but those steps are gonna be exactly identical for the private subnet also so let's see how we are going to put a easy to instance into my public subnet so over here on to my ID so this is the easy to terraform file which I have already created and there is a security group also because with each ec2 instance you need to associate a Security Group which allows which ports to be open for that ec2 instance so that's the purpose of our security group so first of all uh what I'm just gonna do I'm just gonna walk you through the ec2 install setup terraform file I'm just going to enable this code and I'm just going to do the same thing over here also at the bottom and here you can see this is the error which you are getting because I need to enable the security code Security Group terraform code also so I'm just gonna head over here and I'm just going to enable these things also for Security Group okay so let's take a look on to this ec2 code first of all so the first thing which you need to know is you need to find the subnet ID because you need to associate this easy to instance to the public subnet so what I'm just gonna do I'm just gonna use the data resource so that it can fetch the information of my Subnet which I have already created so here I have just created this data AWS subnet and this is public subnet and here I'm just filtering so I just because we have four subnets which is two public and two private but I just wanted to fetch only one subnet for this particular ec2 instance so that's why I have used the data block and I am just I am here filtering that particular subnet which I want that is subnet Public public subnet one and then there I have defined the dependency because whenever I'm just using this code I just want the public subnet to be available there so that's why this this dependency I have just put it over there but it's not mandatory but it's good to have it otherwise you might end up in error it might complain like that public Server doesn't exist and you want to fetch it so that's the issue you might get okay so here I just filtering I'm just filtering the public subnet uh based on the tag name which I have created so I have now I have the information off about my public subnet here I'm just creating an ec2 example ec2 instance so where I have specified the machine ID where I have specified the type T2 dot micro I have created a tag some meaningful tag here I have specified the key and if you are if you don't know like how to set up the public and the private SSH key then I'll put the tag link into the description section where you can see that particular session where I have shown like how you can associate your public and the private key with your terraform code for your ec2 instance so that will be really useful for you but anyway keys are not so that significant while you are trying to understand this whole VPC setup but any in any case just refer to that particular session okay and here this is the critical thing here I'm just associating the subnet that subnet which I have faced over here so the subnet is AWS Dot Public subnet so data AWS Dot Public subnet and the ID so the public subnet information which I have fetched from here I'm just associating with this particular ec2 instance and similarly you need to specify the VPC Security Group so here I have specified the AWS Security Group and I'm just going to show you that one also so there is a security group.tf and this is a security group for that ec2 instance because I just want to Define which ports to be open for my ec2 instance so that's why I have created this easy Security Group for my ec2 installs so here I just opened the 2022 port and it I allowed it to be like accessible I you just need to define the increase inbound and outbound rules simply it's that simple and here once you create a VP Security Group then you need to associate the VPC also so here in this whole easy to setup you only Define the association or the link between the ec2 instance and the subnet but there is no information about the VPC but in the security group each ec2 instance has to be associated with the security group and Security Group has to be associated with the VPC so here you will find the VPC ID which is over here so that's the VPC which we have created and after that I have just created a tag for the security group so this Security Group is associated with VPC and I'm just going to assign this Security Group to my ec2 instance and if you go to the ec2 install sort setup then here you will find this Security Group so this is how you are just gonna attach your subnet your security group and how Security Group is dependent on the VPC and finally uh this is the like SSH key the public part of my SSH key and this is the output like I just wanted to uh return the public IP available if I have enabled that part click ip4 for my ec2 install so that's just gonna output on to my command or my console all right so that we have seen about the easy to setup Security Group subnet and VPC so how we are just going to associate everything with our ec2 instance let's head over to terminal and run the terraform plan and apply command so this is my terminal I'm just gonna run the First Command that is terraform plan I'm just gonna clear the screen because it is going to create 3D sources it is going to modify two of them there are form apply [Music] type yes [Music] all right so now our ec2 instance has been created and we have created a security group for that one also so let's head over to our AWS console and verify our ec2 instance and its Association or its other attributes like VPC and the subnet so this is my AWS console and in the search box I'm just gonna type ec2 click on this ec2 and that will let me to the ec2 dashboard and here you can see our one instance is running just click on it and let's verify the tax so ec2 public subnet so that's why I just wanted to create the tag and if I go over here into my terminal back so here ec2 public subnet one so that's the tag which I have put it to identify my ec2 instance so that's okay so here you can see this is the ec2 instance which is running into the public subnet I'm just gonna click on the instance ID and here I'm just going to verify each thing so here you can see the VPC which I have already created which we already done the setup so this is the VPC which is associated with my ec2 instance then this is the subnet which is the subnet for my public that is my public subnet which is also associated with my ec2 instance and also uh there are Ami which I have just assigned that I'm just going to use this Ami and I'm just using the Ubuntu image for that particular ec2 instance and this is my AWS Keys like public and the private key which I have Associated so this is the private key pair name which is present over here and this is the private ip4 I have not enabled the public ip4 but if you enable that public ip4 then you will get the IP over here also so that's how you are just gonna start up your ec2 instance which is running into VPC and which is allocate which is running inside a particular subnet which is public subnet but this is just this is just an example where you just can spin up some instances into public subnet but you can use the same concept to spin up the ec2 or RDS instances into your private subnet also well it was a long session but it was really essential if you are trying to understand this whole VPC subnet internet gateway nand gateway things along with the elastic IP but I hope this session will help you to understand this AWS Concept in more more precise Manner and if you are interested into the similar content then stay tuned for the on this channel and consider subscribing to this channel where I keep on sharing the similar content on devops AWS gcp kubernetes Helen chart and many more so see you into the next session of this devops series till then take care and bye bye
Info
Channel: Rahul Wagh
Views: 5,910
Rating: undefined out of 5
Keywords: aws, terraform, vpc, subnet, internet gateway, nat gateway, route table, elastic ip, IAC, cloud
Id: QgbIoJr7Yng
Channel Id: undefined
Length: 42min 26sec (2546 seconds)
Published: Tue May 02 2023
Related Videos
Terraform AWS Secrets handling
Rahul Wagh
14K
AWS how to setup VPC, Public, Private Subnet, NAT, Internet Gateway, Route Table? - (Part-5)
Rahul Wagh
21K
AWS Networking Basics For Programmers | Hands On
Travis Media
80K
Real Time DevOps Project | Use Terraform Jenkins AWS to deploy REST API
Rahul Wagh
20K
AWS Elastic Beanstalk's Project
aws-azure-gcp: devops
126
How do I deploy AWS Lambda using Terraform?
Rahul Wagh
36K
AWS VPC Transit Gateway - Step by Step Tutorial (Part -13)
Rahul Wagh
14K
Mastering AWS: NAT Gateway Setup in Your VPC - A Step-by-Step Tutorial (Part-14)
Rahul Wagh
10K
Use Terraform Module to Build a 3 Tier AWS Network VPC
AOS Note
36K
Elon Musk SpaceX Presentation Leaves Audience SPEECHLESS
Farzad
454K
Google Announces STUNNING AI Agents | Google Cloud Keynote AI Agents
Wes Roth
5.5K
How to create terraform modules? - Part 9
Rahul Wagh
50K
AWS VPC Peering - Step By Step Tutorial (Part-12) | #aws #vpc #devops #cloud #programming #coding
Rahul Wagh
10K
Why You NEED To Learn Terraform | Practical Tutorial
Travis Media
84K
How to use AWS WAF (Web application firewall)/Web ACL? - Step By Step Tutorial (Part-11)#aws #devops
Rahul Wagh
16K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.