DEV Community

Linux_guy
Linux_guy

Posted on

Terraform with AWS

Maine Goal : Primary goal of this post is to explain core concept of terraform
Terraform : Infrastructure as Code Tool

Services : Basic AWS Services to demonstrate terraform concept

  • Virtual Machine ( EC2 )
  • Firewall ( Security Groups )
  • AWS Users ( IAM Users )
  • IP Address ( Elastic IP )

Basics of Firewall

Ports

  • ports acts as a endpoint of communication to identify a given application or process on an linux operating system
  • to know what ports are opened on a system we use netstat -ntlp

Firewall

  • it's network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules
  • for AWS we call it as security group
  • Create Security group using terraform
resource "aws_security_group" "allow_tls" {
  name = "allow_tls"
  description = "Managed from Terraform | Allow TLS inbout traffic and all outbound traffic"
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "allow_tls"
  }
}
Enter fullscreen mode Exit fullscreen mode
  • Block of code to add inboud or outboud rules to terraform
// Ingress : inbound rules
// Egress : Outbound rules
resource "aws_vpc_security_group_ingress_rule" "allow_tls_ipv4" {
  security_group_id = aws_security_group.allow_tls.id
  cidr_ipv4 = aws_vpc.main.cidr_block
  from_port = 80
  ip_protocol = "tcp"
  to_port = 80
}

resource "aws_vpc_security_group_egress_rule" "allow_all_traffic_ipv4" {
  security_group_id = aws_security_group.allow_tls.id
  cidr_ipv4 = "0.0.0.0/0"
  ip_protocol = "-1" # semantically equivalent to all ports
}
Enter fullscreen mode Exit fullscreen mode

Top comments (0)