During my vacation, one of my goals was to move beyond application security and start understanding the infrastructure that modern applications run on.
As someone interested in cybersecurity, I realized that understanding cloud infrastructure is just as important as understanding how to find vulnerabilities. Before you can secure infrastructure, you need to know how it's built.
That's when I decided to learn Terraform.
Why Terraform?
I could have created resources manually through the AWS Console.
But that's not how production environments work.
Infrastructure as Code (IaC) allows you to define your entire infrastructure in code, making deployments repeatable, version-controlled, and easier to maintain.
Terraform seemed like the perfect place to start.
My First Project
For my first Terraform project, I built a complete web server from scratch on AWS.
The infrastructure included:
- AWS VPC with IPv4 and IPv6 support
- Internet Gateway
- Egress-Only Internet Gateway for IPv6
- Custom Route Table
- Public Subnet
- Security Group allowing SSH, HTTP, and HTTPS
- Elastic Network Interface with a static private IP
- Elastic IP
- EC2 Instance
- Automatic Apache2 installation using
user_data
Everything was provisioned with a simple:
terraform init
terraform plan
terraform apply
What I Learned
At first, Terraform felt like just another configuration language.
After building this project, I realized it's much more than that.
I finally understood how all the networking components connect together.
Before this project, terms like VPCs, subnets, route tables, internet gateways, and security groups felt like separate AWS services.
Now I understand how a request from the internet actually reaches a web server:
Internet → Internet Gateway → Route Table → Subnet → Security Group → Network Interface → EC2 Instance
That single flow made many AWS networking concepts finally click.
More Than Just Writing Code
This project also changed the way I think about infrastructure.
Instead of manually creating resources, everything becomes reproducible.
Need another environment?
Run Terraform.
Need to recreate the infrastructure?
Run Terraform.
Need to review infrastructure changes before deploying?
Use terraform plan.
Infrastructure becomes something you can review, version, and collaborate on—just like application code.
What's Next?
This is only the beginning of my Infrastructure as Code journey.
Over the next few weeks, I plan to explore:
- Multiple AWS services
- Terraform modules
- Remote state management
- IAM and security best practices
- Kubernetes
- Docker integration
- CI/CD with Terraform
I'm documenting everything I build as I learn.
If you're also learning cloud infrastructure, I'd love to hear what projects helped you understand AWS and Terraform better.
Thanks for reading.
Top comments (0)