Pre-requisites:
- Login to AWS management console.
- Create S3 bucket to store terraform state files
- Create an IAM user with programmatic access with Administrator Policy attached.
Deployment:
- Deploy VPC
- Write a terraform module to deploy the VPC architecture shown.
- Deploy VPC architecture - Choose any IP range of your choice. Below resources need to be deployed.
3.1 VPC
3.2 Internet Gateway
3.3 Public Subnets in 1a & 1b zones
3.4 Private Subnets in 1a & 1b zones
3.5 Private Route table
3.6 Public Route table
Deploy Route53 hosted zone
- Write terraform to deploy Route53 hosted zone
- If you do not have an authoritative domain then take any xyz.com just to complete the terraform.
- Below resources need to be deployed
3.1 Hosted zone
Deploy S3 Bucket
- Write terraform to deploy Private S3 bucket (us-east-1 region) for future use to host the web server configuration
- Below resources need to be deployed
2.1 S3 Bucket
2.2 Upload index.html file to S3 bucket
Deploy EC2 Instance to host high available web application
- Write terraform module to deploy EC2 resources for web application deployment as per the architecture shown into the existing VPC(created in step# 1)
- Deploy 2 EC2 instances into 1a & 1b availability zones
- Below resources need to be created
3.1 Private EC2 instance in 1a zone
3.2 Private EC2 instance in 1b zone
3.2 EC2 Instance userdata
3.3 Security Group (allow 80 & 22 ports) - attach to both instances
3.4 Internet facing Network Load Balancer
3.5 Target Group
3.6 Alias Record in Route 53 hosted zone.
3.7 IAM Instance Profile(IAM Role) - attach to both ec2 instances
3.8 Below policies need to be added to the IAM Instance Profile (IAM Role)
i) AmazonEC2forSSM
ii) amazons3fullaccess
Verification
- Verify if you able to login to the EC2 instances using session manager
- Verify EC2 instances are healthy in the target group
- Destroy the resources as per your convenient to avoid billing
Validation
- Create account in bitbucket.org
- Login to bitbucket and create a private repository to store the terraform code. Example naming standard for the two repositories.
-terraform-base
-terraform-app
- Add me as moderators to the both bitbucket repositories(Below are email ids)
iwayqtech@gmail.com
- Create branch in each repository and push the code
-terraform-base (Push VPC, Route53, S3 Bucket Terraform code)
-terraform-app (Push EC2 instance terraform code)
- Create PR (Pull Request) to merge the code into the Master branch.
- We will review the PR and approve if the code meets the best practices.
Pre-requisites:
Deployment:
3.1 VPC
3.2 Internet Gateway
3.3 Public Subnets in 1a & 1b zones
3.4 Private Subnets in 1a & 1b zones
3.5 Private Route table
3.6 Public Route table
Deploy Route53 hosted zone
3.1 Hosted zone
Deploy S3 Bucket
2.1 S3 Bucket
2.2 Upload index.html file to S3 bucket
Deploy EC2 Instance to host high available web application
3.1 Private EC2 instance in 1a zone
3.2 Private EC2 instance in 1b zone
3.2 EC2 Instance userdata
3.3 Security Group (allow 80 & 22 ports) - attach to both instances
3.4 Internet facing Network Load Balancer
3.5 Target Group
3.6 Alias Record in Route 53 hosted zone.
3.7 IAM Instance Profile(IAM Role) - attach to both ec2 instances
3.8 Below policies need to be added to the IAM Instance Profile (IAM Role)
i) AmazonEC2forSSM
ii) amazons3fullaccess
Verification
Validation
-terraform-base
-terraform-app
iwayqtech@gmail.com
-terraform-base (Push VPC, Route53, S3 Bucket Terraform code)
-terraform-app (Push EC2 instance terraform code)