Cloud Walker

Talks about VPCs, Subnets & CIDR blocks, Routing tables, Internet Gateway and NAT Gateway Introduction Wow – Finally – made it to VPCs. This one I always wanted to write. VPCs are at the very heart of AWS – VPC stands for Virtual Private Cloud as the name suggests your own cloud! your own thing. All the resources you create reside inside a VPC. Till now we have only used the default-vpc. No more from this blog onwards – exciting world awaits. When you are inside a VPC – it isolates your resources on the network level to a point where if you need two resources which are across the VPCs it requires quite a special effort(i.e mystical beast called VPC peering). You can create as many VPCs as you want. This blog post is mostly theoretical concepts about two concepts – Subnets and Routing. While you are inside these … Read more

Introduction Terraform Provisioners allow you to execute custom scripts/code on the remote machine which is being provisioned or something locally on which the terraform code is being executed. There are various provisioners which are available in terraform. In this blog, we will look at the generic type of provisioners – file, local and remote provisioners. The blog builds from this previous blog and is divided into the following sections. All the code for these sections are available on the github as well. The link is provided at the end of each section. File Provisioner File provisioner allows you to transfer files locally on which terraform code is being executed to the resource which is being provisioned. For example, you want to copy a configuration file or directory from the local to your EC2 instance. This can be easily accomplished by File provisioner. Here is the example of the instance.tf which … Read more

Introduction Terraform state is something which is usually tackled quite later in the game when folks have become quite comfortable with writing terraform code. But, we are going to do it much earlier :). You will see that it helps you visualise your code a lot better and have more interesting/innovative ideas. In this blog entry, we discuss terraform state by breaking it down into smaller chunks. You can find all the code for this blog here. Look for blog-5. So let’s start off…. What is terraform state? Terraform state is a record of any infrastructure or configuration which has been provisioned by terraform. Simple as that. So, whenever you add/change any part of the terraform code and apply it, terraform will compare it with the state and apply only the required changes. It does not execute the whole code which makes it pretty performant if you have large infrastructures. … Read more

Introduction Till now we have pretty much kept the code written pretty simple and straight forward. In the real world, it is hardly ever is. Similar to other languages terraform also provides different types of variables and they can be used in many different ways. In this blog, we will introduce various types of terraform variables and see how we can use them inside the terraform code. The blog post is divided into the following sections As you can see it makes a pretty long read. But it will be very helpful in your projects. The various ways of passing variables to terraform helps you manage What is source controlled/what is NOT! How are secrets managed? How is terraform code executed? This blog entry creates the same infra-structure which was built in the previous blog post but uses variables to make it more reusable. Before we get started all the … Read more

Introduction In this blog post, we will see how we can create AWS security groups, EC2 instances and see how they can both be configured together. It is simple and can be done quickly via Terraform. This post is in some sense continuation of the previous post on Security Groups. It introduces how you can configure your EC2 and also introduces an additional security feature – SSH keys. This blog entry is divided into the following sections In addition, to this, we would be using IntelliJ IDE with Terraform plugin for development. All the code for these blogs is now available on GitHub in the following repo. Before jumping into this blog, please make sure you have gone thru the Terraform – Getting Started and Terraform and Security Groups. Create AWS security group So let’s get started. Let’s first create a security group for our blog post. It is similar … Read more

Introduction This blog talks about the mythical beast called AWS Security groups and how to implement them using terraform. By the end of this blog, you would be able to do describe security groups, how you can implement them using AWS console, and also via terraform. Once you understand what security groups are, implementing them using AWS console or Terraform is a fairly simple exercise. If you are new to terraform please have a look at the Terraform – getting started blog entry first. This blog entry is divided into the following sections What are AWS Security Groups AWS Security Group as the name alludes has to do with security. It is a virtual firewall for your AWS service and controls inbound and outbound traffic. Security groups are based on simple rules. These rules defined based on three things Protocol Port IP address range Security groups are like a ring … Read more

Introduction I recently was working on a fantastic community project. Terraform happened to be a critical piece of technology in that project and we were really out of our depth when it came to Terraform skills. That inspired me to learn Terraform and explore various aspects of AWS infrastructure provisioning and particularly around networking. So thanks to all the folks for inspiring this series of blog posts. What I discovered was interesting. Terraform is a very structured way of creating cloud resources and has no magic bullet. As a developer, I realised that it was definitely not a mythical beast. Whatever we are doing in AWS console can be pretty much be done via the terraform script there are a few exceptions but not many. That was the easy part. More than Terraform I found you will need to know how deep you want to enter the world of cloud … Read more