Welcome to Deployment 9. For this deployment you will need to follow the directions below to generate Terraform code to deploy the following resources:
Create the following resources in AWS using the latest Terraform version (do not use external modules):
- Create a new VPC with:
- 5 subnets (2 public, 1 private, 2 internal)
- 2 route tables (public & private)
- an Internet Gateway
- and 1 NAT Gateway (in 1 of the private subnets)
- Subnets are defined as:
- Public - route to Internet Gateway (for any ipv4 address)
- Private - route to NAT Gateway (for any ipv4 address)
- Internal - do not associate any route table in Terraform (main/default route table will be associated by default which only has a route to the local/private network)
Note: You can decide which network range to use.
- Create 1 EC2 instance in the private subnet with:
- An Ubuntu AMI (version of your choosing)
- Instance type/size, tags, and other settings of your choosing
- Create a security group for the EC2 with the following rules:
- Ingress: allow port 80 traffic from the ALB security group
- Egress: allow all outbound traffic to any ipv4 address
- Create 1 ALB in the 2 public subnets
- Create a security group for the ALB with the following rules:
- Ingress: allows only port 80 inbound traffic from any ipv4 address
- Egress: allow only port 80 outbound traffic to the EC2 security group
- Create a target group and add the EC2 instance to the group
- Create an ALB listener that forwards traffic to the target group
Note: for this exercise the ALB is not accepting HTTPS traffic, only HTTP
- Create 1 PostgreSQL RDS instance
- Make it multi-az
- Name, instance type/size, tags, db username/password, and other settings of your choosing
- Create a security group for the RDS with the following rule:
- Ingress: allow traffic to its port from the EC2 security group
- Create a DB subnet group for the RDS consisting of the 2 internal subnets
Be sure to include the following below in your pull request:
- Add all Terraform files to the pull request.
- Document the process, issues and anything you decided to do differently.
- Screenshot samples of your infrastucture from AWS and include in your PR.
- DO NOT upload the
terraform.tfstate
file to the repo (it should be ignored by default)