aws_terraform

Starting The Website in aws and terraform

First create terraform file

touch web.tf 

Edit the terraform file for aws, null and tls (SSH RSA Gerenate)

provider "aws" {
  profile =  "aman1"
  region  = "ap-south-1"
}

resource "null_resource" "null_remote" {
	
}

resource "tls_private_key" "webserver_private_key" {
 algorithm = "RSA"
 rsa_bits = 4096
}

download package aws, null and tls using file

terraform init

Create Key pair

resource "local_file" "private_key" {
 content = tls_private_key.webserver_private_key.private_key_pem
 filename = "webserver_key.pem"
 file_permission = 0400

}


resource "aws_key_pair" "webserver_key" {
 key_name = "webserver"
 public_key = tls_private_key.webserver_private_key.public_key_openssh

}

Create Security Groups (Firewall) including http and SSH

resource "aws_security_group" "allow_http_ssh" {

  name        = "allow_http" 
  description = "Allow http inbound traffic"
  vpc_id      = "vpc-075e88e4d7296ca92"

ingress {
    description = "http"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  } 


  ingress {
    description = "ssh"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
   }


   egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}  

Now,

Create EC2 ( Web Server ) with key pairs and security groups and install git, httpd,

resource "aws_instance" "web" {
  ami           = "ami-0447a12f28fddb066"
  instance_type = "t2.micro"
  key_name = aws_key_pair.webserver_key.key_name
  security_groups = [aws_security_group.allow_http_ssh.name]



provisioner "remote-exec" {
    inline = [
      "sudo yum install httpd  git -y",
      "sudo systemctl restart httpd",
      "sudo systemctl enable httpd",
    ]

  connection {
  type     = "ssh"
  user     = "ec2-user"
  private_key = tls_private_key.webserver_private_key.private_key_pem
  host     = aws_instance.web.public_ip
}
  }

  tags = {
    Name = "Web"
  }

 }

Create the EBS Volume

resource "aws_ebs_volume" "esb1" {
  availability_zone = aws_instance.web.availability_zone
  size              = 1
  tags = {
    Name = "lwebs"
  }
}

EBS attach into EC2 Which I Created Pervious!!

resource "aws_volume_attachment" "ebs_att" {
  device_name = "/dev/sdh"
  volume_id   = "${aws_ebs_volume.esb1.id}"
  instance_id = "${aws_instance.web.id}"
  force_detach = true
}

Mount and copy website file to EBS Volumne

resource "null_resource" "nullremote3"  {

depends_on = [
    aws_volume_attachment.ebs_att,
  ]


  connection {
    type     = "ssh"
    user     = "ec2-user"
    port    = 22
    private_key = tls_private_key.webserver_private_key.private_key_pem
    host     = aws_instance.web.public_ip
  }

provisioner "remote-exec" {
    inline = [
      "sudo mkfs.ext4  /dev/xvdh",
      "sudo mount  /dev/xvdh  /var/www/html",
      "sudo rm -rf /var/www/html/*",
      "sudo git clone https://github.com/amantiwari1/amantiwari1.github.io.git /var/www/html/"
    ]
  }
}

Create the S3 Budget

resource "aws_s3_bucket" "my_bucket" {
  bucket = "webserverimages1234"
  acl    = "public-read"
}

Download website file usig github code and upload the that file to S3 Budget

resource "null_resource" "null2" {
  depends_on = [
      aws_s3_bucket.my_bucket,
]
  provisioner "local-exec" {
    command = "echo ${aws_s3_bucket.my_bucket.bucket} > bucket_name.txt"
  } 
}

resource "null_resource" "null" {
  provisioner "local-exec" {
    command = "git clone https://github.com/amantiwari1/amantiwari1.github.io.git"
  } 
}

resource "aws_s3_bucket_object" "object1" {
  depends_on =[
      null_resource.null,
      aws_s3_bucket.my_bucket
]
  bucket = aws_s3_bucket.my_bucket.bucket
  key    = "aman.png"
  source = "I:/aman/terra/amantiwari1.github.io/assets/img/aman.png"
  acl    = "public-read"
} 

Create the CloudFront Distribution

resource "aws_cloudfront_distribution" "s3_distribution" { 
  origin {
    domain_name = aws_s3_bucket.my_bucket.bucket_regional_domain_name
    origin_id   = aws_s3_bucket.my_bucket.bucket
  }
  enabled = true
    default_cache_behavior {
    allowed_methods  = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = aws_s3_bucket.my_bucket.bucket
  forwarded_values {
      query_string = false
        cookies {
        forward = "none"
      }
    }
    viewer_protocol_policy = "allow-all"
    min_ttl                = 0
    default_ttl            = 3600
    max_ttl                = 86400
  }
  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }
  viewer_certificate {
    cloudfront_default_certificate = true
  }
}

Attach image in S3 Budget to CloudFront and Add url to Website file

resource "null_resource" "nulll" {
  depends_on = [
      aws_cloudfront_distribution.s3_distribution,
      null_resource.null,   
]
  connection {
    type        = "ssh"
    user        = "ec2-user"
    private_key = tls_private_key.webserver_private_key.private_key_pem
    host        = aws_instance.web.public_ip
  }
  provisioner "remote-exec" {
      inline = [ 
        # sudo su << \"EOF\" \n echo \"<img src='${aws_cloudfront_distribution.s3_distribution.domain_name}'>\" >> /var/www/html/index.html \n \"EOF\"
            "sudo su << EOF",
         "echo \"<img src='http://${aws_cloudfront_distribution.s3_distribution.domain_name}/${aws_s3_bucket_object.object1.key}'>\" >> /var/www/html/index.html",
          "EOF"
     ]
  }

}

All Output

output "cloudfront"{
  value = aws_cloudfront_distribution.s3_distribution.domain_name
}


output "myos_ip" {
  value = aws_instance.web.public_ip
}

After Save the file web.tf

Open CMD

cd I:\aman\terra

then Run it

terraform apply