In the current article, we will start to examine in detail the creation of a secure EC2 machine in AWS using Terraform, which will create a VPC, subnets, two EC2 machines, route tables, security groups, network address translation (NAT), and internet gateways (IG).
Architecture Diagram for WAS secure EC2
We will work at the us-east-1 region, though you can change it at Terraform to your favorite localization – there is no problem with that.
Inside the AWS region we will create a VPC (virtual private cloud). Then we will create private subnets at the zone – and assign every subnet to a custom route table – this will provide more control in maintaining the security of each private subnet. We will also create public subnets similar as we have it for private networks. We will use Classless Inter-Domain Routing (CIDR) as it is represented at scheme.
Also, those resources have a security group It has allowed 22 ports. Opening port 22 typically refers to allowing incoming and outgoing traffic on the SSH (Secure Shell) protocol and you enable remote access to a server.
And, also those resources have two route tables. first route table associated with the public subnet. In that case I used route table to
After that, we will add a NAT (Network address translation) gateway that will allow us to provide internet access to components inside private subnets. And we will also add an internet gateway to the public subnet to get an internet connection.
Now we have an Internet connection to our EC2 machine, which is in the private subnet so now our EC2 machine is secure.
Got a project that needs some Terraform love? I've got you covered! Check out my Terraform configuration at this link:https://github.com/98ruchira/Terraform-AWS
Top comments (1)
Keep up the good work.
Looking forward for the second article of the series.