Sriram Blog
Easy Deployment of NGINX Server on AWS Using Terraform

Photo by Bonnie Kittle on Unsplash

Easy Deployment of NGINX Server on AWS Using Terraform

Deploy NGINX on AWS with Terraform using VPC, Elastic IP, and secure configurations for a web server infrastructure

sriram ravi's photo
sriram ravi

Table of contents

Step 1: Terraform Providers and Backend Configuration

First, we configure the required Terraform provider (aws) and backend to store the state file securely in an S3 bucket. The AWS provider is set to us-east-1 region, and we specify the version.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version  = "~> 5.0"
    }
  }
  backend "s3" {
      bucket = "nginx-server-backend-0301"
      key = "nginxserver/tfstate.tf"
      region = "us-east-1"
  }
}
provider "aws" {
  region = "us-east-1"
}

Step 2: Networking Setup

In this section, we set up the virtual private cloud (VPC), subnets, internet gateway, and route tables.

  1. VPC: We define a CIDR block of 193.145.0.0/16 for the network.

  2. Internet Gateway: This enables communication between the VPC and the outside world.

  3. Subnet: We create a public subnet with the CIDR block 193.145.1.0/24 for our EC2 instance.

  4. Route Table: A route table is created to route traffic to the internet gateway.

resource "aws_vpc" "this" {
  cidr_block = "193.145.0.0/16"
}

resource "aws_internet_gateway" "this_internet" {
  vpc_id = aws_vpc.this.id
}

resource "aws_subnet" "this_public_subnet" {
  vpc_id = aws_vpc.this.id
  cidr_block = "193.145.1.0/24"
}

resource "aws_route_table" "this_route_table" {
  vpc_id = aws_vpc.this.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.this_internet.id
  }
}

Step 3: EC2 Web Server Setup

Now, we create an EC2 instance (web-tier) in the public subnet. We also associate a public IP address and set up a security group that allows HTTP (80), HTTPS (443), and SSH (22) traffic.

resource "aws_instance" "web_tier" {
  ami = "ami-0b2dc425776bf42c5"
  instance_type = "t2.micro"
  vpc_security_group_ids = [ aws_security_group.public_security_group.id ]
  subnet_id = aws_subnet.this_public_subnet.id
  associate_public_ip_address = true
}

Step 4: Security Group Configuration

Security groups are configured to allow inbound traffic on ports 80, 443, and 22, which are common for web servers. This ensures that the EC2 instance can accept web traffic and remote SSH connections.

resource "aws_security_group" "public_security_group" {
  vpc_id = aws_vpc.this.id
}

resource "aws_vpc_security_group_ingress_rule" "web_tier_inbound_rule_http" {
  security_group_id = aws_security_group.public_security_group.id
  from_port = 80
  to_port = 80
  ip_protocol = "tcp"
}

resource "aws_vpc_security_group_ingress_rule" "web_tier_inbound_rule_https" {
  security_group_id = aws_security_group.public_security_group.id
  from_port = 443
  to_port = 443
  ip_protocol = "tcp"
}

resource "aws_vpc_security_group_ingress_rule" "web_tier_inbound_rule_ssh" {
  security_group_id = aws_security_group.public_security_group.id
  from_port = 22
  to_port = 22
  ip_protocol = "tcp"
}

Step 5: Elastic IP and Association

Finally, we allocate an Elastic IP (EIP) and associate it with the EC2 instance, ensuring that it has a static IP that can be accessed globally.

resource "aws_eip" "elastic_ip" {
  tags = {
    Name = "web-tier-eip"
  }
}

resource "aws_eip_association" "eip_association" {
  instance_id = aws_instance.web_tier.id
  allocation_id = aws_eip.elastic_ip.id
}

Conclusion

With these configurations, we have created a simple web server infrastructure on AWS using Terraform.

TerraformbitnamiEC2 instanceAWSnginxBloggingDevops articlesHashnode