Infrastructure as Code (IaC): is a practice of managing and provisioning infrastructure through code instead of manual processes. By treating infrastructure as code, organizations can automate the creation, modification, and deletion of infrastructure resources, such as servers, networks, and storage e.t.c.
Problems Solved by IaC:
Manual Error Reduction:
- Consistency: IaC ensures that infrastructure is provisioned consistently, reducing the risk of human error.
- Repeatable Deployments: IaC scripts can be run multiple times to create identical environments.
Increased Efficiency:
- Automation: IaC automates the provisioning process, saving time and effort.
- Faster Time to Market: Infrastructure can be deployed quickly and efficiently.
Improved Collaboration:
- Control: IaC uses version control systems like Git to track changes, enabling collaboration and rollback.
- Shared Understanding: Code-based infrastructure is easier to understand and collaborate on.
Enhanced Security:
- Configuration Drift Prevention: IaC helps maintain consistent configurations, reducing security vulnerabilities.
- Auditing and Compliance: IaC provides a clear audit trail for compliance and security audits.
Popular IaC Tools:
Terraform: A popular open-source tool for managing infrastructure across multiple cloud providers.
Ansible: A configuration management tool that can be used for infrastructure automation.
Puppet: A configuration management tool for automating server and system administration tasks.
Chef: A configuration management tool for automating infrastructure and applications.
AWS Cloud Formation: This is an infrastructure-as-code tool that defines resources and their configurations in a standardized template -- either a JavaScript Object Notation (JSON) or YAML format. In general, YAML is the preferable option, as it's more concise; JSON requires a much higher number of characters. YAML also supports the ability to add comments, which JSON does not.
By adopting IaC, organizations can significantly improve their infrastructure management practices, reduce operational costs, and accelerate application delivery.
Alright! Let’s dive right into how to launch an EC2 instance in a VPC using AWS CloudFormation.
This guide covers creating a basic CloudFormation stack to provision a VPC, subnets, security groups, and an EC2 instance.
Step 1: Prepare Your CloudFormation Template
So the next thing we will need to do is, we’ll want to do is to create a CloudFormation template file (in YAML format) named ec2_vpc.yaml
.
We will be using the below template to create an EC2 Instance by replacing the following defaults of SubnetId, SecurityGroupId, and ImageId with actual values that exist
`AWSTemplateFormatVersion: 2010-09-09
Description: My first Cloud Formation Template with YAML comments.
Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
Tags:
- Key: Name
Value: MyVPC
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.1.0/24
VpcId: !Ref MyVPC
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: PublicSubnet
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: MyInternetGateway`
`AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: PublicRouteTable
PublicRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
SubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable`
`MySecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow SSH and HTTP access
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: MySecurityGroup`
`MyEC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
KeyName: EC2-CTF-VPC # Ensure this key pair exists in your AWS account
ImageId: ami-06b21ccaeff8cd686 # Confirm this is valid for your target region
NetworkInterfaces:
- AssociatePublicIpAddress: true
SubnetId: !Ref PublicSubnet
DeviceIndex: 0
GroupSet:
- !Ref MySecurityGroup
Tags:
- Key: Name
Value: MyEC2Instance
`
Step 2: Create the CloudFormation Stack:
After you input your login details, you will be brought to the dashboard, observe the search button at the top.
Next we’ll click on the search bar, and type “CLOUD FORMATION” you will see the Cloudformation resource as shown below.
When you clicked on the Cloudformation, you will be brought to the cloudformation dashboard, click on the “Create Stack"
Creating a New Stack, inside the stack section, you will see 3 options: “Choose an existing template, Use a sample template and Build from Infrastructure Composer.”
But for the sake of this projec, we will select the first option “Choose an existing template”.
Scroll down and specify the template to choose the file from.
We will choose the “upload a template file” option. Then click on choose file to upload our YAML file from our local machine.
Upload your ec2_vpc.yaml
template file from your computer. Select the file and click open.
As seen below, after uploading your preferred file, click the next button
Next would be to enter a Stack name (e.g., EC2InVPCStack
) and click on the next button.
Configure Stack Options: Choose any additional options if necessary (tags, permissions, etc.), or leave as default. We will give our stack a tag key-value pair as shown below and scroll down.
And leave the rest as default and click next.
Review and Create Stack: Review the details and check if all the configurations are set properly.
If everything is properly set, click on the ‘submit’ button.
Step 3: Wait for the Stack to Complete: CloudFormation will begin creating the resources. You can monitor the progress in the “Events” tab.
When the ‘Status’ shows CREATE_COMPLETE, your EC2 instance and VPC and other resources have been successfully launched.
Step 4: Verify the Resources
View Resources in CloudFormation:
- In the CloudFormation console, select your stack and go to the Resources tab to see the created resources.
Check in EC2 and VPC Consoles:
- Go to the EC2 console to see the running instance.
- Go to the VPC console to verify the VPC, subnet, and security group.
This template creates a basic setup with a VPC, subnet, internet gateway, route table, security group, and an EC2 instance. You can customize the configurations further based on your requirements.
I also want to express that your feedback is always welcome. As I strive to provide accurate information and insights, I acknowledge that there’s always room for improvement. If you notice any mistakes or have suggestions for enhancement, I sincerely invite you to share them with me.
🤩 Thanks for being patient and following me. Keep supporting 🙏
Share a reaction 👏 if you liked this article.
For more exercises — please follow me below ✅!
https://dev.to/uwadon1
Top comments (0)