A Step-by-Step Guide to Automating AWS EC2 Deployments with Terraform
AWS

A Step-by-Step Guide to Automating AWS EC2 Deployments with Terraform

Learn how to automate your AWS EC2 instance deployments using Terraform, including VPC setup, security groups, and best practices.

January 15, 2024
DevHub Team
5 min read

A Step-by-Step Guide to Automating AWS EC2 Deployments with Terraform

Automating EC2 instance deployments with Terraform is a fundamental skill for any cloud engineer. In this comprehensive guide, we'll walk through the process of setting up a complete EC2 environment using Infrastructure as Code.

Prerequisites

Before we begin, ensure you have:

  • AWS CLI configured with appropriate credentials
  • Terraform installed (version 1.0 or later)
  • Basic understanding of AWS services
  • A code editor of your choice

Project Structure

First, let's create a proper project structure:

aws-ec2-terraform/ ├── main.tf ├── variables.tf ├── outputs.tf └── terraform.tfvars

Setting Up the VPC

Let's start by creating a VPC with public and private subnets:

# VPC Configuration resource "aws_vpc" "main" { cidr_block = var.vpc_cidr enable_dns_hostnames = true enable_dns_support = true tags = { Name = "main-vpc" } } # Public Subnet resource "aws_subnet" "public" { vpc_id = aws_vpc.main.id cidr_block = var.public_subnet_cidr availability_zone = var.availability_zone map_public_ip_on_launch = true tags = { Name = "public-subnet" } } # Internet Gateway resource "aws_internet_gateway" "main" { vpc_id = aws_vpc.main.id tags = { Name = "main-igw" } }

Security Group Configuration

Next, let's set up security groups for our EC2 instance:

resource "aws_security_group" "ec2_sg" { name = "ec2-security-group" description = "Security group for EC2 instance" vpc_id = aws_vpc.main.id ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } ingress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } }

EC2 Instance Deployment

Now, let's create the EC2 instance:

resource "aws_instance" "web_server" { ami = var.ami_id instance_type = var.instance_type subnet_id = aws_subnet.public.id vpc_security_group_ids = [aws_security_group.ec2_sg.id] key_name = var.key_name user_data = <<-EOF #!/bin/bash yum update -y yum install -y httpd systemctl start httpd systemctl enable httpd echo "<h1>Hello from Terraform-managed EC2</h1>" > /var/www/html/index.html EOF tags = { Name = "web-server" } }

Variables Configuration

Define your variables in

variables.tf
:

variable "vpc_cidr" { description = "CIDR block for VPC" type = string default = "10.0.0.0/16" } variable "public_subnet_cidr" { description = "CIDR block for public subnet" type = string default = "10.0.1.0/24" } variable "availability_zone" { description = "Availability zone" type = string default = "us-west-2a" } variable "ami_id" { description = "AMI ID for EC2 instance" type = string } variable "instance_type" { description = "EC2 instance type" type = string default = "t2.micro" } variable "key_name" { description = "Name of the SSH key pair" type = string }

Output Configuration

Create outputs in

outputs.tf
:

output "instance_public_ip" { description = "Public IP of the EC2 instance" value = aws_instance.web_server.public_ip } output "instance_id" { description = "ID of the EC2 instance" value = aws_instance.web_server.id }

Deploying the Infrastructure

To deploy your infrastructure:

  1. Initialize Terraform:
terraform init
  1. Review the plan:
terraform plan
  1. Apply the configuration:
terraform apply

Best Practices

  1. Version Control: Always store your Terraform configurations in version control.

  2. State Management: Use remote state storage (like S3) for team collaboration:

terraform { backend "s3" { bucket = "your-terraform-state-bucket" key = "ec2/terraform.tfstate" region = "us-west-2" } }
  1. Variable Management: Use terraform.tfvars for environment-specific values:
vpc_cidr = "10.0.0.0/16" public_subnet_cidr = "10.0.1.0/24" availability_zone = "us-west-2a" ami_id = "ami-0c55b159cbfafe1f0" instance_type = "t2.micro" key_name = "your-key-pair"
  1. Tagging Strategy: Implement a consistent tagging strategy:
tags = { Environment = "Production" Project = "WebApp" ManagedBy = "Terraform" }

Monitoring and Maintenance

  1. Set up CloudWatch monitoring:
resource "aws_cloudwatch_metric_alarm" "cpu_alarm" { alarm_name = "cpu-utilization" comparison_operator = "GreaterThanThreshold" evaluation_periods = "2" metric_name = "CPUUtilization" namespace = "AWS/EC2" period = "120" statistic = "Average" threshold = "80" alarm_description = "This metric monitors EC2 CPU utilization" alarm_actions = [var.sns_topic_arn] dimensions = { InstanceId = aws_instance.web_server.id } }

Cleanup

To destroy the infrastructure:

terraform destroy

Conclusion

You've now created a fully automated EC2 deployment using Terraform. This infrastructure-as-code approach ensures consistency, repeatability, and easier maintenance of your AWS infrastructure.

Remember to:

  • Regularly update your Terraform configurations
  • Monitor costs and resource usage
  • Follow security best practices
  • Document your infrastructure code
  • Use version control for all changes

Next Steps

Consider exploring:

  • Auto Scaling Groups
  • Load Balancer integration
  • More complex networking setups
  • CI/CD pipeline integration

References

Here are some valuable resources for further reading:

  1. AWS EC2 Documentation - Official AWS documentation for EC2 instances
  2. Terraform AWS Provider Documentation - Official Terraform AWS provider documentation
  3. AWS VPC Documentation - Learn more about Amazon Virtual Private Cloud
  4. AWS Security Groups Documentation - Detailed guide on EC2 security groups
  5. Terraform Best Practices - Community-driven best practices for Terraform
  6. AWS Well-Architected Framework - Best practices for building secure, efficient applications

These resources provide additional context and detailed information about the topics covered in this guide.

EC2
Terraform
IaC
Automation