Use Terraform Module to Create Security Groups

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome back to another lecture in this lecture we will use teraform module to create the security groups for our project to create our security groups the first thing i want you to do is open your project folder once you've opened your project folder we will create another folder in our modules folder in the modules folder right click on it and select new folder and name the folder security groups once you've named your folder press enter we will use this security groups folder to store our security groups module the next thing i want you to do is right click on this security groups folder and select new file the first file we will create in this folder is our main file so call that file main.tf once you've named your file press enter then right click on the security groups folder again and select new file the second file we will create is our variables file call the file variables.tf once you've named your file variables.tf press enter right click on the security groups folder again and select new file the third file we will create is our outputs file so call it outputs.tf once you've named your file press enter these are the three files we will use to create our security groups module the next thing i want you to do is close the outputs.tf file for now then i want you to take the variables.tf file click it and hold it then drag it somewhere here and drop it there so that way you can split your screen into two on the right side we have our variables.tf file and on the left side we have our main.tf file the next thing i want you to do is download and open the reference file i created for this lecture in this video's description this is the reference part where we use to create our security group module and in this reference file i've included the resource type and arguments that we need select everything in this reference file i'll click ctrl a once you select everything right click to copy it once you've copied close the reference file and in your main.tfl paste it in there once you've pasted the syntax scroll all the way up i'm going to close the explorer so i have more space on my screen we only need to create two security groups for the ecs project the first security group we call it application load balancer security group this is the resource type to create a security group and this is the reference name i've given it the first argument we have is name and for the name of the security group i called it application load balancer security group you can also change the name to any name you want the second argument is description and i have entered the description here the third argument is the vpc id and this is the id of the vpc we want to create the security group in i'm going to open the explorer for now and remember we created our vpc in the vpc module i'll select the vpc module here and in the vpc module we export the value of our vpc id in the outputs file i'll select the outputs file in the outputs file this is the syntax we used to export the value of our vpc id so what we have to do is copy the name of that output once you copy the name come back to your main.tf file under vpc id we will reference it by typing va dot and paste the name of that output there this is how we reference the vpc id in our vpc module once you've referenced the id here don't forget to add it to your variables file so in here we'll type variable once you type variable give the variable a name and the name of the variable will be vpc id so i'll paste the name there again once you've pasted the name there let's close this bracket like this the next argument we will enter are the ingress rule and these are the rules that will allow us to open the ports we need the first part we will open is port 80 so for the description i have entered http access the next argument is from port for the front port type 80 and for the 2 port type 80 as well for the protocol type tcp and for decider block we are going to allow this rule to accept traffic from anywhere on the internet the traffic coming from anywhere on the internet is 0.0.0.0.0 in bracket we will type it in here the next ingress rule we will open is for https and for the description i have entered https access for the front part we will enter 443 for the 2 port will also enter 443 for the protocol we will enter tcp and for decider blocks we will also allow this rule to accept traffic coming from anywhere on the internet so that would be 0.0.0.0 so what you can do is copy this up here and paste it here the last rule we will enter is the egress rule for the egress rule the front part is going to be zero the two part will be zero the protocol will be minus one and the cider blocks is also going to be anywhere on the internet which is similar to what we did up here so you can copy this and paste it here the next argument we will enter for this security group is tags and for the tag name we will call it application load balancer security group the next syntax will create the security group that we will use for the container for the security group this is the resource type that we created and this is the reference name i've given it the first argument we entered here is the name and this is the name of the security group if you want to change the name you can do that the next argument is the vpc id and this is the id of the vpc we want to create this security group in remember we reference the vpc id up here so i'm just going to copy this and paste it here the next argument we will enter are the ingress rule and these are the ports we want to open the first ingress rule we will open is on port 80 and for the description i have entered http access for the front port type 80 for the 2 port type 80. for the protocol we will enter tcp and for the security groups this is the security group we will allow traffic from if the traffic is coming on port 80 into our container the security group will allow traffic from is the application load balancer security group we created the application load balancer security group up here so copy the resource type and the reference name once you copy it come back down here in brackets paste it in there once you've pasted remove the double quotes add a period come all the way to the end add another period and type id the next ingress rule we will open is on port 443 and for the description i have entered https access for the front part enter 443 or the 2 port enter 443 for the protocol it is going to be tcp and for the security groups we'll also allow traffic coming on port 443 to our container if that traffic is coming from the application load balancer security group so just like we did here copy your application load balancer security group here and paste it here the next argument we will enter is the egress rule and for the front part we'll type zero for the two part we'll also type zero for the protocol it is going to be -1 and for decider blocks this is going to allow traffic to anywhere on the internet we referenced it up here so i'm just going to copy this and come back down here and paste it there the last argument we will enter is tags and for the tag name we will call it ecs security group this is all we need to do to create the security groups module the next thing we need to do is export the id of the application load balancer security group and the id of the ecs security group the reason why we are exporting the id of our security groups is because we will use it when we create other resources to export the id of our security groups on the right side of your screen click in here then in your security groups module select the outputs.tf file once you select the outputs.tf file it will open it here i'm going to drag this a little bit to create more space the first output we will create will export the id of the application load balancer security group so what i want you to do is type output in here once you've created your output block we will give it a name the name of this output we will call it application load balancer security group id so i'll call it something like this this is the name we will use for this output once you have entered the name click down here the next thing we are going to enter is the value so type value in here once you type value press space and equal sign and another space then the value we want to export is the id of the application load balancer security group so let's come to our main.tf file scroll up this is where we created the application load balancer security group so what you will do is copy the resource type and the reference name once you copy it paste it here i'm going to drag this so you can see it better once you've pasted it remove the double quotes add a period then come all the way to the end add another period and type id this is all we need to do to export the id of the application load balancer security group the next syntax will create will export the value of our ecs security group so what i want you to do is press enter here twice then copy this output syntax and paste it down here the next thing we will do is modify it for the output name we will call it ecs security group id so change the alb to ecs and for the value we'll reference the id of the ecs security group let's scroll down in the main.tf file this is where we created the ecs security group so copy the resource type and the reference name once you copy it we are going to replace this value here once you've pasted there remove the double quote add a period and come all the way to the end add another period and type id this is all we need to do to export the id of the application load balancer security group and the ecs security group we will need this id when we create other resources this is all we need to do to create the security groups module once you've created the module the next thing i want you to do is save your file select file and select save all once you have saved your file close the outputs.tf file here and also close the outputs.tfl here and your main.tfr the next thing we will do is we will use this security groups module to create the security groups for our project to reference this security groups module open your project folder my project folder is the folder i called jupiter website ecs and in this folder select the main.tf file once you select the main.tf file in this file is where we will use our security groups module to create the security groups in our aws account to reference the security groups module take the variables.tf file drag it somewhere here and drop it there to split the screen the next thing you are going to do is scroll down on your main.tf file and down here press enter twice this is where we will create the module to reference the security group module to create the module we will start by typing module once you type module to create the module block press enter the next thing you would do is give this module a name and we'll call the module security group once you've given your module a name click down here the first argument we will enter down here is this source this is very important for every module you create the first argument you have to enter is the source so let's type source in here once you type source press the space bar and equal sign and the spacebar again for the source will reference the location of our security groups module to reference the location we will type double quotes and two period the two period means that you want our phone to go up two directories so right now we are in the jupiter website ecs folder you want terraform to go from this folder into the modules folder that is why we have two dots in here after the two dots we will enter forward slash the next thing we will enter is the name of the modules folder we call the modules folder modules so enter modules in here when you type the name of your modules folder make sure you type the same exact name you named the folder once you've typed the modules folder enter another forward slash then the next thing we will enter is the module we want to reference in this folder in the modules folder we want to reference our security groups module so in here we will type security groups the same exact way we named it here once you've typed the parts to your security groups module press enter here the next argument we will enter here is our vpc id remember when we create the security groups module in the variables.tf file we have a variable in there that we call vpc id so any variables you have in the variables.tf file in your module that is what you reference here for these variables.tfr we only have one variable in there and that is the vpc id so here i'm going to copy this name and paste it here once you paste it press space and enter equal sign and space again for the value of our vpc id remember we created our vpc in the vpc module so to reference the id of the vpc you will come down here the first thing we will type is module once you type module press period then type vpc the vpc we just typed here is the name of our vpc module when we created this vpc we need to get the id of this vpc so that is what we are referencing here once you've entered the vpc add another period and the name of the attribute we want to get is the vpc id so copy this and paste it here this is all we need to do to write the syntax to create our security group the next thing i want you to do is save your file select file and select save all once you've saved your file close your variable.tf file next we will create the security groups in our aws account to create the security groups select your project folder i called my project folder jupiter website ecs select it once you select your project folder right click on it and select open in integrated terminal once you've opened the terminal to your project folder the first thing we will do is initialize so we will type terraform init once you type terraform init press enter there you go we have successfully initialized with our aws environment the next command we will type to create the security group in our aws account is terraform apply so type terraform apply once you type terraform apply press enter when you type terraform apply and press enter the first entire form will do is show you the plan and for this plan telform is telling you it will create two resources in your aws account you can review the resources that terraform will create here once you have reviewed the resources scroll back down chartform is asking you do you want to perform these actions we'll type yes here and press enter teraform is now creating the security groups in our aws account we'll give it some time to finish creating it and there you go that was fast terraform has finished creating the security group in my aws account let's go to the management console to verify that the security groups are there in the management console type vpc in the search box and select vpc under services on the vpc dashboard the first thing we will do is filter by our vpc select this drop down and select your jupyter vpc once you select your vpc scroll down under security select security groups and this is going to show you just the security groups that are in your vpc in our vpc you can see the ecs security group we just created and the application load balancer security group we just created if i select the application load balancer security group and i'll select inbound rules i'm going to drag this up you can see the two rules one is on http port 80 and the source is anywhere on the internet the other one is https port 443 and the source is anywhere on the internet let's select our ecs security group once you select the ecs security group for the inbound rule we have http on port 80 and the source is coming from the application load balancer security group if you drag this out here you will see it you can see application load balancer security group for the second rule on https on port 443 it is coming from application load balancer security group the two security groups we just created using teraform module are right the next thing we need to do is go back into our terraform file and push our code to the github repository in our terraform file to push our code to the github repository select source control here then type a message here or type create security group once you type your message click this check mark to commit it once you've committed click sync changes to push the changes to your github repository we have successfully pushed the update to our github repository the next thing we will do is go into our github repository to verify that it is there in my github account select this icon here and on the home page we will select the terraform modules repository in the telephone modules repository select modules and there you go in there you can see the security groups module if you select the folder in it you'll see the main.tf outputs.tf and variables.tf file we created this is how you use terraform module to create security groups if you have any questions or there's any part of this lecture you don't understand please leave your comments below thank you and i'll see you in the next lecture bye

Info

Channel: AOS Note

Views: 8,773

Rating: undefined out of 5

Keywords: terraform modules aws security group, terraform, aws, hashicorp, infrastructure as code, devops, terraform modules, terraform aws, terraform tutorial, ec2, vpc, iac, terraform for beginners, hashicorp terraform, terraform state, terraform aws tutorial, aws tutorial, security group, tutorial, kubernetes, terraform for aws, devops course, git, jenkins, docker, maven, devops full course, ansible, puppet, hcl language, terraform introduction, terraform stages, plan, destroy, refresh, aosnote

Id: oohXRXjahFA

Channel Id: undefined

Length: 23min 55sec (1435 seconds)

Published: Tue Jul 12 2022