Now we have our security groups and instance profile, lets look at creating our ec2 instances. We will be defining our own module which fits our requirements and introducing userdata and templatefile functions. First we will setup and configure our modules main.tf (modules/instances/main.tf) Module : instances 1 2 3 4 5 6 7 8 9 10 11 12 13 14 terraform { required_version =">=0.14.8" } resource "aws_instance" "instance" {# aws_instance resource type ami = var.

It’s going well so far. We have our source control defined and updated and our Terraform remote state hosted on Azure Storage which we provisioned using Terraform. Let’s now move onto provisioning our AWS infrastructure. Root module main.tf First off we need to add the aws provider; 1 2 3 4 provider "aws" { region = var.region profile = var.profile } You will notice that we have also used a couple of variables with this provider.

So we have setup our source control (GitHub) for team collaboration (Part 1) , next we should consider the Terraform state file. By Default Terraform will create a local state file (terraform.tfstate), this does not work when collaborating as each person needs to have the latest version of the state data prior to performing any Terraform actions. In addition you need to ensure that nobody else is running Terraform at the same time. Having a remote state helps mitigate these issues.

I have been fortunate enough to be given an opportunity to help colleagues at my workplace on their journey to HashiCorp Terraform Associate Certification. As part of the training track being put together (Mostly centred around the great Pluralsight training material from Ned Bellavance) it seemed a demonstration of some of the capabilities of Terraform would be beneficial for those on their learning journey. I decided to write this article as it will supplement the live demo I will be performing on one of the training sessions and may be of use to anyone else on their journey.

This solution consisted of a Route53 hosted zone with A-records directing traffic to an AWS EIP (Elastic IP Address) hosted on a firewall appliance (Fortinet). The firewall had a VIP rule to forward requests received on that EIP to the Apache reverse proxy. A regular activity I had to perform for one of my clients was setting up apache reverse proxy services for their development environments. This involved defining a subdomain name for an application, creating an A-record on AWS Route53 and then configuring the rewrite rules which varied per application type.

Encrypting attached AWS EBS volume involves a number of steps. This article will show you how to encrypt your volumes using python. Let’s set the scene, you have an environment hosting a number of AWS EC2 instances and now security have said, “Hey, these EBS volumes should be encrypted!” No argument from me. So how do we go about this programmatically. You can enable default volume encryption in the management console. Check this link out on how to do it.

Our demo WordPress site (part 1 & part 2) is now hosting publicly available content (This page for example). You have written a number of posts, have a few in draft and finally found a theme you liked. What next? Lets discuss backup, swapfile, snapshots, monitoring and certificates. Backup Last thing you want is to have thrown your heart and sole into a number of posts only for the EC2 instance to crash and you lose all that work.

A long while back I wrote a PowerShell script to produce a CSV file of EC2 instances across multiple accounts. The original PowerShell script was running on a Windows server as a scheduled task, oh how we have moved on. About 6 months ago I rewrote the script in Python and then moved it over to AWS Lambda. This was my first really opportunity to use AWS Lambda to execute code in a (Misnomer alert!!) serverless compute service.