Deploying a Two-Tier Architecture on AWS Using Terraform

This blog will guide you through setting up a robust two-tier architecture on AWS using Terraform. The architecture comprises a web tier with load-balanced EC2 instances and a database tier using Amazon RDS. This setup is secured, scalable, and configured for seamless integration.

Key Components

1. Backend Configuration (backend.tf):
   • Utilizes an S3 bucket for storing Terraform state files and a DynamoDB table for state locking to prevent concurrent updates.
2. Database Tier (db.tf):
   • Configures an RDS MySQL instance hosted in private subnets.
   • Sets up a Database Subnet Group to enhance security.
3. Web Server Tier (ec2.tf):
   • Deploys two EC2 instances across different availability zones.
   • Installs and configures WordPress using user_data scripts.
   • Configures instances to communicate with the database.
4. Key Pair Configuration (key.tf):
   • Generates and manages an RSA key pair for secure SSH access.
   • Uploads the private key to an S3 bucket for retrieval.
5. Networking (vpc.tf and routetable.tf):
   • Sets up a VPC with public and private subnets.
   • Configures an Internet Gateway, route tables, and security groups for traffic management.
6. Load Balancer(sg-alb.tf):
   • Deploys an Application Load Balancer (ALB) to distribute HTTP traffic.
   • Configures a Target Group and Listener to route traffic to EC2 instances.
7. Security Groups :
   • Configures security groups to control access to web servers and the RDS database. Security rules include:
   • Allowing HTTP, HTTPS, and SSH traffic for public instances.
   • Limiting database access to internal IP ranges.

Lab Guide: Deploying the Two-Tier Architecture

Prerequisites

1. An active AWS account.
2. Terraform installed on your local machine (installation guide).
3. AWS CLI configured with proper credentials (awscli installation guide).

Step 1: Download the Terraform Configuration

Run the following commands to download and unzip the Terraform configuration files for preparing Infra:

Step 2: Update Configuration

Make sure to replace all occurrences of ‘sirin’ with ‘your name’ to avoid any conflicts:

Step 3: Initialize Terraform

Initialize the Terraform backend:

Step 4: Plan the Infrastructure

Preview the infrastructure changes:

Step 5: Deploy the Infrastructure

Apply the configuration to create the infrastructure:

Step 6: Verify the Infrastructure

1. Web Tier: Access the public IP or DNS of the load balancer in your browser. You should see the WordPress setup page.
2. Database Tier: Log in to the RDS console to verify the database instance and its settings.
3. Networking: Check the VPC and subnets for proper configuration.

Step 7: Destroy the Infrastructure

After verifying the setup, clean up the environment to avoid unnecessary costs:

Remove the downloaded configuration files:

Conclusion

This guide provided a step-by-step walkthrough for deploying a two-tier architecture on AWS using Terraform. By following these steps, you can quickly set up and tear down scalable infrastructure that adheres to best practices. With this setup, you can now focus on customizing your architecture for specific use cases.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner,  AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.