We are using this repo to implement Infra for AWS upon which the resources will be deployed.
- We use HCL to write tf files which will be interacting with the cloud provider to allocate resources as per the specification in the tf files.
- There are 4 steps involved in creating resources using terraform
- Terraform init: this command is used in the root folder where it is initialized
terraform init - Terraform plan: This command is used to display the list of resources that will be created.
- Terraform apply: This command is used to deploy and create the resources in the mentioned cloud provider.
- Terraform Destroy: This command checks the tfstate files to check what all resources are deployed and shows what resources will be destroyed.
- Terraform init: this command is used in the root folder where it is initialized
- As part of this assignment we are creating following resources:
- Create Virtual Private Cloud (VPC)Links to an external site..
- Create subnetsLinks to an external site. in your VPC. You must create 3 public subnets and 3 private subnets, each in a different availability zone in the same region in the same VPC.
- Create an Internet GatewayLinks to an external site. resource and attach the Internet Gateway to the VPC.
- Create a public route tableLinks to an external site.. Attach all public subnets created to the route table.
- Create a private route tableLinks to an external site.. Attach all private subnets created to the route table.
- Create a public route in the public route table created above with the destination CIDR block 0.0.0.0/0 and the internet gateway created above as the target.
- We need to make sure that once we make changes to the region in the variable file we need to make changes to availability zones as well in the main and variables file.
- To add variable while applying run in this format
terraform apply -var "var_name=value" - to apply changes without approval
terraform apply -auto-approve - to apply changes without approval
terraform destroy -auto-approve aws iam update-server-certificate --server-certificate-name ExampleCertificate --new-server-certificate-name CloudFrontCertificate --new-path /cloudfront/aws iam upload-server-certificate --server-certificate-name certificate_object_name --certificate-body file://*path to your certificate file* --private-key file://*path to your private key file* --certificate-chain file://*path to your CA-bundle file*aws acm import-certificate --certificate file://Certificate.pem --certificate-chain file://CertificateChain.pem --private-key file://PrivateKey.pem