Managing cloud infrastructure by hand can be messy, especially when juggling multiple environments like dev
, staging
, and prod
. Thatβs where Terraform shines β it lets you define your infrastructure as code, making your deployments consistent, repeatable, and version-controlled.
In this post, Iβll walk you through building a production-ready web application infrastructure on AWS using Terraform. Weβll cover:
- πΉ Multi-environment setup (
dev
&prod
) - πΉ VPC with public/private subnets
- πΉ Auto Scaling Group with EC2 instances
- πΉ RDS database layer
- πΉ Secure backend state management
- πΉ Secrets scanning with
git-secrets
ποΈ Project Overview
Weβre building a simple yet scalable platform:
Internet
β
Application Load Balancer (ALB)
β
Auto Scaling Group (EC2 Instances)
β
RDS Database (MySQL)
This setup ensures high availability, cost optimization, and easy environment promotion (from dev to prod).
π Project Structure
We organize Terraform code using modules for reusability:
terraform-web-platform/
βββ environments/
β βββ dev/
β β βββ main.tf
β β βββ terraform.tfvars
β βββ prod/
β βββ main.tf
β βββ terraform.tfvars
βββ modules/
β βββ networking/
β βββ compute/
β βββ database/
β βββ monitoring/
βββ README.md
π Key Features
β
Multi-Environment Setup β Each environment has its own state and variables.
β
Terraform Modules β Networking, compute, database, and monitoring are modularized.
β
Secure State Management β Remote state stored in S3 with DynamoDB locking.
β
Auto Scaling β EC2 instances scale based on CPU utilization.
β
Monitoring β CloudWatch metrics and alarms for visibility.
π οΈ Setup Instructions
1. Clone the Repo
git clone https://github.com/pojava/terraform-web-platform.git
cd terraform-web-platform
2. Configure AWS Credentials
aws configure
Provide your AWS_ACCESS_KEY_ID
, AWS_SECRET_ACCESS_KEY
, region, and output format.
3. Initialize and Apply Terraform
cd environments/dev
terraform init
terraform plan
terraform apply
To deploy to production:
cd ../prod
terraform init
terraform plan
terraform apply
4. Check the Load Balancer
Once deployed, Terraform outputs the ALB DNS. Visit it in your browser to verify your app is live.
π Security Practices
- No Hardcoded Secrets: All sensitive values are managed through environment variables or AWS Secrets Manager.
-
git-secrets
Installed: Prevents accidentally committing API keys. -
.gitignore
Applied: Ignores Terraform state and provider files.
π§Ή Cleaning Up
When youβre done testing, destroy resources to avoid costs:
terraform destroy
π Lessons Learned
- Using Terraform modules keeps your code DRY and maintainable.
- Remote state locking prevents accidental overwrites during team deployments.
- AWS Auto Scaling ensures your application stays resilient without overspending.
π Useful Resources
π Final Thoughts
This project shows how to go from zero to a production-ready, auto-scaling infrastructure using Terraform. By structuring code with modules and managing state securely, scaling your app becomes a breeze.
If you found this useful, βοΈ the repo and drop a comment on Dev.to!
π GitHub Repo
Top comments (0)