Terraform code which creates the following resources:
- VPC
- Subnets
- Private
- Public x2
- Route Tables
- Internet Gateway
- NAT Gateway
- Elastic IP
- IAM Roles
- EC2
- CodePipeline
- CodeDeploy
- Security Groups
- EC2
- DB
- S3 Buckets
- Web Assets
- Code Pipeline Artifacts
- EC2
- RDS
- MySQL Instance
- CodeCommit Repository
- CodeDeploy Application
- CodePipeline
To build this stack you must have terraform
and the aws-cli
installed and running your machine.
https://learn.hashicorp.com/tutorials/terraform/install-cli
https://learn.hashicorp.com/tutorials/terraform/aws-build
You will also need to have an AWS account with a user configured with an AWS_ACCESS_KEY
and AWS_SECRET_ACCESS_KEY
which will allow Terraform to login to your AWS account and create resources on your behalf. These AWS access keys need to be stored as local environment variables.
Create a secrets.tfvars
file in the same directory as your .tf
files which contains the following credentials::
db_username = "user"
db_password = "password"
db_username
and db_password
will be the credentials used to access the MySQL database.
With the secrets.tfvars
file created run the following commands:
terraform init
terraform plan
terraform apply -var-file="secrets.tfvars"
After a successful deployment any file added to the CodeCommit repository will be automatically pushed out to the EC2 instance according to the instructions in the appspec.yml
configuration file
The MySQL database running on the AWS RDS database instance is located in the VPC Private Subnet and is only accessable via the EC2 Webserver Instance. While SSH'd into the EC2 instance run the following command to connect to the MySQL database service:
mysql -u <user> -p -h <hostname>
The <user>
above comes from the secrets.tfvars
file created earlier
<hostname>
is the AWS RDS endpoint that is created and can be accessed in the AWS RDS Console or the output variable after a successful terraform apply
You will be prompted for a password which is the db_password
field from the secrets.tfvars
file
In order to clean up resources in your environment to prevent excess costs, run the following command:
terraform destroy
Enter 'Yes' when prompted and make sure that all of the resources are successfully deleted.
If you ran any CodePipeline runs, there will be output artifacts in the S3 CodePipeline bucket that will need to be deleted manually and then the bucket can be successfully deleted by running terraform destroy
again or manually from the AWS GUI in the S3 section.
Similarly, if you manually put any objects in the s3-web-assets
bucket, you will have to delete those objects before the bucket can be deleted.