Deploy the Ec2 instances using Terraform

Deploy the Ec2 instances using Terraform

This blog helps you to deploy the static web application in the ec2 instances by using Terraform.

What is Terraform

Terraform is an open-source infrastructure as a code software tool created by HashiCorp. It allows users to define and provision data centre infrastructure using a high-level configuration language known as HashiCorp Configuration Language (HCL) or JSON optionally. With Terraform, you can describe the components of your infrastructure in configuration files and then deploy and manage those resources across various cloud providers (such as AWS, Azure, Google Cloud Platform), as well as on-premises infrastructure.

EC2 instances

Amazon EC2 (Elastic Compute Cloud) is a web service provided by Amazon Web Services (AWS) that allows users to rent virtual servers (known as instances) on which they can run their applications. EC2 instances offer a scalable computing capacity in the cloud, allowing users to easily scale up or down based on demand.

Setup the providers

create file to set the providers in this project we use the AWS providers

set the access key and secret key.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.33.0"

provider "aws" {
  region     = "ap-south-1"
  access_key = "abc"
  secret_key = "abc"

Create the instances

create the instances.

resource "aws_instance" "web" {
  ami                    = "ami-05a5bb48beb785bf1"
  instance_type          = "t2.micro"
  key_name               = aws_key_pair.Tf_key.key_name
  vpc_security_group_ids = []

  tags = {
    Name = "terraform"

Add the user_data block to deploy the application.

 user_data = <<-EOF
     sudo yum update

     sudo yum install git -y
     sudo yum install httpd -y
     sudo systemctl start httpd
     git clone  /var/www/html/

Create the Key-pair

resource "aws_key_pair" "Tf_key" {
  key_name   = "Tf_key"
  public_key = tls_private_key.rsa.public_key_openssh

resource "tls_private_key" "rsa" {
  algorithm = "RSA"
  rsa_bits  = 4096

resource "local_file" "Tf_key" {
  content  = tls_private_key.rsa.private_key_pem
  filename = "Tf_key"

Mention the key name in the instance block.

Create the Security groups

security groups provide access to the internet or access the SSH and HTTP servers

resource "aws_security_group" "allow_tls" {
  name        = "allow_tls"
  description = "Allow TLS inbound traffic and all outbound traffic"

  dynamic "ingress" {
    for_each = [22, 80, 443, 3306, 27017]
    iterator = port
    content {
      description = "Allow inbound traffic on port ${port.value}"
      from_port   = port.value
      to_port     = port.value
      protocol    = "tcp"
      cidr_blocks = [""]

Create the egress

Blocking malicious traffic: Egress rules can be used to block outbound connections to known malicious or suspicious IP addresses or domains.

Limiting access to external resources: By controlling outbound connections, organizations can limit access to external resources such as specific websites, services, or cloud platforms.

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = [""]
    ipv6_cidr_blocks = ["::/0"]

Run the terraform plan and apply, command to create the infrastructure.

Once you run the command it create the ec2 instance and deploys the static web application in the Ec2 instances