Today I will show you how to store you Terraform state file remotely in an AWS S3 Bucket.
First we need to be comfortable with the State file and what it represents for Terraform.
Whenever you run Terraform Apply Terraform saves the state of the resources changed in a file called the State file that is named terraform.tfstate in your working directory. According to the information stored in the State file Terraform knows what to change or destroy when you use Terraform Apply or Terraform destroy.
By default the state file is store locally, meaning that the state file will be in your local directory, it is recommended that you store your state file remotely as it provides better security and the ability to work in teams properly. …
Today we are going to build a web server and a DMZ with Terraform.
The first thing that comes to my mind when I think of a DMZ, is the 38th parallel of the Korean Peninsula which divides North Korea and South Korea.
Lets first find out what is a DMZ?
In terms of network security the DMZ aka the Demilitarized Zone serves to improve the security of an organization’s network by segregating devices, such as computers and servers, on the opposite sides of a firewall.
All services accessible to users on communicating from an external network can and should be placed in the DMZ, if one is used. One of the most common service placed in the DMZ is the Web server. …
Today I will introduce you to Amazon ECS. You may ask “what is ECS?” Amazon ECS is a service for running and maintaining a specified number of task. It is scalable, high-performing container management service that supports Docker containers.
Below is the architecture that we will design.
We will create a VPC (Virtual Private Cloud) which will contain an Autoscaling group with EC2 instances. ECS(Amazon Elastic Container Service) will manage the task that will take place on the EC2 instance based on Docker images stored in ECR (Elastic Container Registry).
Each EC2 instance will serve as a host for a worker that writes something to RDS MySQL. EC2 and MySQL instances will be store in different security group. …
Below are the steps that one should follow in order to setup a CI/CD pipeline with Terraform Cloud, AWS and GitHub.
First step is to configure AWS by creating a new user, we are going to complete this task in the AWS console.
Under IAM — Click on users and click on “Add User” enter a username and add a permission to the user.
After adding the permission, download the .csv file that contains the Access Key ID and the Secret Key ID and store it in a safe place.
Now login to your GitHub account and create a repository. …
Today I will show you how to securely deploy multiple files with Terraform.
The first thing you need to do is to make sure your machine is setup with your AWS login information. You can do so by running “AWS Configure” in your terminal. Enter your Access Key ID and your Secret Access Key.
I also selected us-east-1 because its the closest to me and my default output format is JSON.
You are now set to access your AWS account with Terraform and you can now start writing the necessary code to deploy your application. …
Today, I will show you the steps to improve reliability of a service by using automation to deploy a reliable cloud infrastructure.
Log into the AWS Console and search for Cloudformation under services.
Click Create Stack, then With new resources (standard).
Click Upload a template file and then click Choose file.
Enter the following details:
At the bottom of the page click Next.
Review the information for the stack. When you’re satisfied with the configuration, at the bottom of the page check I acknowledge that AWS CloudFormation might create IAM resources with custom names then click Create stack. …
Today I will show you how to build an infrastructure in AWS using Terraform. First let me tell you what is Terraform.
Terraform is an infrastructure as code tool offered by HashiCorp, it allows you to build, change and manage infrastructure in a safe, repeatable way. It’s mainly used to manage environments with a configuration language called HashiCorp Configuration Language (HCL) for human-readable, automated deployments.
Before we move any further, I will like to explain what is Infrastructure as Code (IAC). Its a process of managing infrastructure in a file or files rather than manually configuring resources in user interface. …
Today I will show you how to protect your S3 bucket from direct public access and how to reduce latency using CloudFront.
From the AWS Management Console click on “Services” search for “S3” and click on “S3”
While in “S3” Click on “Create bucket”.
Enter the name of your bucket and select the region where you will like to operate. Please note that the name must be unique and must meet the naming guidelines.
Click on “Create bucket”.
Open the bucket and upload a file to the bucket.
Click on “Upload”.
Click on “Add files” and upload the files. …
Before we start, I will like to explain what the AWS Security Hub is. The AWS Security Hub gives you an understanding of your high-priority security alerts and security posture across your AWS accounts. The main benefit of AWS Security Hub is that it eliminates that complexity and reduces the effort of managing and improving the security of your AWS accounts and workloads.
Access AWS Security Hub through the AWS Management Console. Then search for Security Hub. Once it shows up, click on Security Hub to go to Security Hub.
Click on “Go to Security Hub”.
In AWS Security Hub click on “Enable Security Hub”.
Now AWS Security Hub is enable on your account, You can now explore the security insights AWS Security Hub offers.
Today I will show you how to deploy a static website using AWS entirely.
First step would be to create an account and sign in to the AWS console. After you are able to login to your account. Click on Services then type S3 and click on S3.
Now click on “Create bucket”.
Please note that the name of the bucket must be universally unique and it must meet the naming guidelines. …