AWS INSTANCE CONFIGURATION USING NAT GATEWAY

Rishabh Jain
8 min readAug 30, 2020

--

Hey!! Tech Enthusiasts seeking for some amazing setup.here is the one. The WordPress site is going to launch here with database of MySQL ans so secured as connected with AWS VPC, MySQL with Private Subnet and WordPress with Public Subnet , Internet and NAT Gateway, with Routing Tables and security Groups all without accessing the Web UI of the AWS cloud and moreover launching all with just one click through Terraform.

Before moving ahead let me introduce you with some AWS and Networking Terminologies.

  1. VPC => It is a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
  2. Security Group => A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance. If you don’t specify a security group, instance in cloud uses the default security group.
  3. Subnets => It is a logical subdivision of an IP network. The practice of dividing a network into two or more networks is called subnetting. AWS provides two types of subnetting one is Public which allow the internet to access the machine and another is private which is hidden from the internet.
  4. Internet Gateway => An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet.An internet gateway serves two purposes: to provide a target in your VPC route tables for internet-routable traffic, and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses.
  5. Terraform => Terraform is an open-source infrastructure as code software tool created by HashiCorp. Users define and provision data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language (HCL), or optionally JSON. Basically it is used to write the code and as an output the coded stuff output is made inside the cloud itself.
  6. Routing Table => A routing table is a set of rules, often viewed in table format, that is used to determine where data packets traveling over an Internet Protocol (IP) network will be directed. All IP-enabled devices, including routers and switches, use routing tables.A routing table contains the information necessary to forward a packet along the best path toward its destination.
  7. NAT Gateway => NAT Gateway, also known as Network Address Translation Gateway, is used to enable instances present in a private subnet to help connect to the internet or AWS services. In addition to this, the gateway makes sure that the internet doesn’t initiate a connection with the instances. NAT Gateway service is a fully managed service by Amazon, that doesn’t require any efforts from the administrator.
  8. Elastic IP => An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account.

If you are very new with AWS and its services please refer to this blog first. It is from scratch and will help you understand concepts and services in more better way.

Now let us jump to make this automated system. I will be providing the github link of my repository in which there will be the code for all the services launched.

STEP-1 Login to your Profile through CLI as shown below.

LOGGED IN AWS ACCOUNT

STEP-2 Now let us create a VPC for the system through Terraform.

CODE FOR VPC :

After writing the code save the file with extension .tf

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

Your VPC is now created in the Cloud as shown here.

VPC CREATED

STEP-2 Now we shall move ahead to make Subnets (Public for WordPress and Private for MySQL).

CODE FOR PUBLIC SUBNET :

CODE FOR PRIVATE SUBNET :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

Your Subnets are now made in the Cloud as shown here.

SUBNETS CREATED

STEP-3 Now we shall move to create the Internet Gateway and connect it with our VPC.

CODE FOR INTERNET GATEWAY :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

Your Internet Gateway is now created and connected with VPC in the cloud as shown here.

INTERNET GATEWAY CREATED

STEP-4 Now we are going to create the Routing Table which will be connected to the VPC.

CODE FOR ROUTING TABLE :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

You can see the Routing Table made and connected with VPC in cloud.

ROUTING TABLE CREATED

STEP-5 Let us now go and create the Elastic IP for giving the IP to MySQL Instance.

CODE FOR ELASTIC IP :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY
ELASTIC IP CREATED

STEP-6 Now let us go to create the NAT Gateway and connect it with VPC.

CODE FOR NAT GATEWAY :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

Your NAT Gateway is created and configured in Cloud.

NAT GATEWAY CREATED

STEP-7 After this let us move to make a security group for the instances (WordPress and MySQL). here we are going to give some permissions

SSH- PORT : 22

MYSQL PORT : 3306

ACCESS THROUGH PORT : 8080

CODE FOR SECURITY GROUP :

SECURITY GROUP PART -1
SECURITY GROUP PART-2

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TEERAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

Now you will see that the Security Group will be created in the Cloud.

SECURITY GROUP CREATED

STEP-8 Now here is the final step we will be launching the Instances connecting with the Security Group and WordPress and MySQL connected with each other(I have my key made before and using the same).

CODE FOR INSTANCES :

Now go to the command prompt and write the following:

  1. terraform init
  2. terraform validate
  3. terraform apply or terraform apply -auto-approve

as shown below.

TERRAFORM INIT
TERRAFORM VALIDATE
TERRAFORM APPLY

You will see that the Instances will be created in the Cloud as shown here.

INSTANCES CREATED

Now a browser window will be automatically open and a WordPress will be opened up as shown here.

WORDPRESS SITE LAUNCHED

Here is the GitHub link which consist of all the code used above.

Thanks a lot!! Hope you all learned and enjoyed a lot.

--

--

Rishabh Jain

I am a tech enthusiast, researcher and an integration seeker. I love to explore and learn about the right technology and right concepts from its foundation.