Creating VPC, Subnet, Route table, Internet gateway Using Terraform and launch WordPress, MySQL instance Using This VPC.

Problem Statement:-

  1. Create a VPC
  2. Then we create 2 subnets in our VPC. One is public Subnet and the other is Private.
  3. Then we create an internet gateway and connect it to the only public subnet.
  4. Then we create a routing table for the internet gateway then update and associate it with the public subnet.
  5. Then we create a security group that allows port 22 for ssh, port 80 for our WordPress site instance, and port 3306 for our mysql database instance. And allow egress port 0 so that instance can also connect to the internet.
  6. And finally, we launch an instance using WordPress AMI in the public subnet and an instance for mysql instance for the database in a private subnet.


1. You should have 1 AWS profile, Which you further use in your Terraform code. In my case my profile name is bhaskar1. If you don’t have then create ones. For creating use aws config — profile profile_name cmd.

2. You have Terraform CLI and amazon CLI .exe file in your system. if you don’t then Download According to your OS. In my case, I download the windows version. Also, put this file in one folder and set the path of this folder in System Environmental Variable of your windows.

3. We use terraform init cmd to install all the necessary plugin int your system.

4. We use terraform apply -auto-approve cmd to execute your terraform code.

5. We use terraform destroy cmd to destroy all the created resources.

6. We use terraform validate cmd to check your terraform code is right or not.

7. You must have some basic knowledge of VPC and Terraform.

8. Always save your terraform code file with .tf extension.


$ First create one provider which help terraform to download the right plugin in your system for further execution.

Also, provide the profile name for login using your IAM account and region where you want to deploy your AWS resources.

$ Here we create one VPC. VPC is one type of Building where you isolate your resources(RAM, CPU, HDD…) form the real world/VPC enables you to launch AWS resources into a virtual network that you’ve defined. CIDR block specifies the range of IP you want to use.

$ I am creating the two subnet in different availability zones for security and management purposes. One subnet I created in 1a and others in 1b of the Mumbai region. Here CIDE specifies the range of IP used by the subnet and map_public_ip_on_launch provide the public IP for the outer world connectivity. I provide the connectivity only subnet 1a where our WordPress website launch. And we do not provide the outer world connectivity to 1b because I don't want any outsider to come and sole my database data.

$ Now we create one Internet gateway. We create this gateway because all the traffic of VPC goes out and comes in using this internet gateway. We only attach one internet gateway to one VPC. Without the Internet getaway, we can’t connect to the outside world.

$ Here we create the Route table. Route tables provide the path through which our packet travels from the private world to the public world and vice-versa. All IP-enabled devices, including routers and switches, use routing tables.

We attach this Route table to our subnet 1a only because we want our subnet 1b doesn't have outside connectivity. Attaching the routing table to subnet is called as route_table_association.

$ We are going to create one Security group in this VPC. Because without the security group we can’t launch our EC2 instance inside any of the subnets.

Here I allow three ingress rules. One is HTTP, we use HTTP so that anyone from the outside world can access our website, SSH we use for remote login and mySQL we use because our website can able read and write data inside the mysql.

$ We are going to launch our AWS instance which contains one WordPress and MYSQL.

In my case, I am using my pre-created key and my key name is myKey. You can use your own key if you don't have then create it. Without the key, you can’t log in inside your instance. Here I launch my WordPress in 1a subnet because it has public access.

After launching the instance you will notice your SQL instance doesn’t have any public DNS and IP but WordPress have.

$ During the launching of instance you will see one error is come up. To solve this error copy the given URL and paste in the browser and accept and subscribe to the instance. And again launch the instance.

$ After launching Copy the public DNS address and put it on your web browser.

One page pops up and It will ask for your instance id. Copy the instance id of WordPress and paste it.

Then click on the WordPress password. It will ask you to generate one password. In my case my password is qwerty.

new web page pops up. select the login in the meta option.

One login console is come up, use the user name Aurora and password you generated above. In my case, I put qwerty as a password.

Now write your 1st blog and post it.

Give your feedback and Thanks for reading…!

B.Tech student and Researcher. Like To Study And Publish Article Related To New Technologies.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store