← Back to Home

Terraform Infrastructure Provisioning

Terraform Infrastructure Provisioning
View on GitHub

Tech Stack:

Terraform, AWS EC2, Security Groups, SSH, Ubuntu AMIs, Key Pairs, Git, AWS CLI

Project Goal

To design and deploy cloud infrastructure on AWS using Terraform, applying Infrastructure as Code (IaC) principles to ensure automation, environment consistency, and maintainability.

Project Description

This project provisions a basic but complete infrastructure in AWS using Terraform, with each resource declared in a modular and reusable .tf file. It showcases key practices in infrastructure automation, including dynamic data sourcing, secure access, and explicit security configuration.

Provider Configuration
  • Define in provider.tf
  • Sets the AWS provider and region dynamically based on user-defined variables
SSH Key Management
  • Generated locally via ssh-keygen
  • Public key stored and referenced in keypair.tf to enable secure EC2 instance access
Security Group

Defined in security_group.tf:

  • Inbound Rules:
    • Allow SSH (port 22) only from the user's public IP
    • Allow HTTP (port 80) from any source (0.0.0.0/0)
  • Outbound Rules:
    • Allow all traffic (IPv4 and IPv6) by default
AMI Discovery
  • Uses a data block to fetch the latest Ubuntu AMI from the AWS Systems Manager Parameter Store
  • Eliminates hardcoded AMI IDs, improving portability and automation
Instance Provisioning

Defined in instance.tf:

  • Launches an EC2 instance with:
    • The latest Ubuntu AMI
    • Custom tags (e.g., Name, Environment)
    • Selected availability zone
    • Associated security group and SSH key pair
File Organization

The infrastructure is modularized into individual .tf files:

  • provider.tf
  • keypair.tf
  • security_group.tf
  • instance.tf

This structure improves readability, version control, and separation of concerns.

Automation & Testing
  • Validated configurations with terraform plan
  • Deployed resources using terraform apply
  • Cleaned up with terraform destroy to ensure full lifecycle control

Outcomes

  • Achieved consistent, repeatable deployments with version-controlled infrastructure definitions
  • Reduced manual configuration time and human error during resource provisioning
  • Laid the groundwork for more advanced infrastructure workflows, including remote backends, modules, and integrations with CI/CD

GitHub: View Repository