This Terraform config sets up a VPC, public subnets, ALB, ASG, and other networking components along with security measures like WAF and NACLs to deploy and securely host a web application. The key resources it creates are the ALB, ASG, WAF ACL, and associated components to deploy and scale the web servers.
It allows you to quickly set up AWS WAF rules that identify and block common DDoS request patterns to effectively mitigate a DDoS attack on your web app's cloud infrastructure. It also comes with a Network Access Control List (ACL) to only allow the required ports and network addresses in the VPC.
Feel free to update the user data script for the ASG Launch Template based on your use cases.
- You must have Terraform installed on your computer.
- AWS CLI v2
- AWS (Amazon Web Services) account and its credentials set up for your AWS CLI.
-
Install Terraform, if you don't already have it.
-
Configure your AWS access keys in your AWS CLI, if you haven't yet:
aws configure
-
Clone this repository:
git clone https://github.com/Rammina/terraform-webserver-cluster-aws-waf-nacl.git
-
Navigate into the repository directory:
cd terraform-webserver-cluster-aws-waf-nacl
-
Install the plugins and modules needed for the configuration:
terraform init
-
Check for syntax errors and missing variables/resources:
terraform validate
-
Show the infrastructure changes to be made if the configuration is applied:
terraform plan
-
Customize the setup by modifying the project files as needed. Feel free to update it according your needs.
-
Apply the changes to deploy the infrastructure - this provisions the resources specified in the configuration:
terraform apply
-
When you are finished with the infrastructure and no longer need it, you can destroy it:
terraform destroy
This removes all provisioned infrastructure resources.
-
In between
terraform applyandterraform destroy, you can modify Terraform files as needed and rerun steps 2-4 to incrementally update your infrastructure.