Terraform Template File
Scenario:
You work for a company that is looking to deploy a new web application on AWS. The application consists of a set of microservices that will be deployed on AWS Fargate, with a load balancer to distribute traffic to the services. The company also wants to use AWS RDS for the database.
 |
Terraform Template File |
Terraform Template:
The following Terraform template will create the necessary infrastructure for this scenario. Please note that this is just an example and may need to be modified for your specific use case.
provider "aws" {
region = "us-west-2"
}
resource "aws_vpc" "example" {
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "example" {
vpc_id = aws_vpc.example.id
cidr_block = "10.0.1.0/24"
}
resource "aws_security_group" "web" {
name_prefix = "web-"
}
resource "aws_security_group" "db" {
name_prefix = "db-"
}
resource "aws_security_group_rule" "web_ingress" {
security_group_id = aws_security_group.web.id
type = "ingress"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
resource "aws_security_group_rule" "db_ingress" {
security_group_id = aws_security_group.db.id
type = "ingress"
from_port = 3306
to_port = 3306
protocol = "tcp"
source_security_group_id = aws_security_group.web.id
}
resource "aws_lb" "example" {
name = "example-lb"
internal = false
load_balancer_type = "application"
subnets = [
aws_subnet.example.id
]
security_groups = [
aws_security_group.web.id
]
}
resource "aws_lb_listener" "example" {
load_balancer_arn = aws_lb.example.arn
port = "80"
protocol = "HTTP"
}
resource "aws_rds_cluster" "example" {
cluster_identifier = "example-cluster"
engine = "aurora-mysql"
engine_version = "5.7.mysql_aurora.2.09.0"
database_name = "exampledb"
master_username = "exampleuser"
master_password = "examplepassword"
skip_final_snapshot = true
vpc_security_group_ids = [
aws_security_group.db.id
]
}
resource "aws_ecs_task_definition" "example" {
family = "example"
network_mode = "awsvpc"
requires_compatibilities = ["FARGATE"]
container_definitions = jsonencode([
{
name = "web"
image = "nginx:latest"
cpu = 256
memory = 512
essential = true
portMappings = [
{
containerPort = 80
protocol = "tcp"
}
]
}
])
}
resource "aws_ecs_service" "example" {
name = "example"
task_definition = aws_ecs_task_definition.example.arn
desired_count = 1
network_configuration {
awsvpc_configuration {
subnets = [aws_subnet.example.id]
security_groups = [
aws_security_group.web.id
]
}
}
load_balancer {
target_group_arn = aws_lb_target_group.example.arn
container_name = "web"
container_port = 80
}
}
Explanation:
This Terraform template creates the following resources:
- `aws_vpc`: A virtual private cloud (VPC) for the application.
- `aws_subnet`: A subnet within the VPC for the Fargate tasks to be deployed to.
- `aws_security_group`: Two security groups, one for the web tier and one for the database tier.
- `aws_security_group_rule`: Ingress rules for the security groups to allow traffic.
- `aws_lb`: An Application Load Balancer to distribute traffic to the Fargate tasks.
- `aws_lb_listener`: A listener on the load balancer to receive traffic on port 80.
- `aws_rds_cluster`: An RDS cluster for the database.
- `aws_ecs_task_definition`: A task definition for the Fargate tasks.
- `aws_ecs_service`: A service to deploy the Fargate tasks and connect them to the load balancer.
The resources are created in the following order:
1. The VPC and subnet are created.
2. The security groups are created and the ingress rules are added.
3. The load balancer is created with the security group and subnet.
4. The RDS cluster is created with the database details and security group.
5. The Fargate task definition is created with the container details.
6. The Fargate service is created with the task definition, network configuration, and load balancer target group.
Please note that this is just an example and may need to be modified for your specific use case. Also, this template assumes that you have already set up your AWS credentials and that you have installed the necessary Terraform tools on your local machine.
