Hey there! If you're ready to set up AWS Virtual Private Clouds (VPCs) in different Accounts , you're in the right place. In this guide, I'll show you how to create VPCs in two different AWS accounts—one for development (Dev) and one for staging—across different regions. We'll keep things simple and straightforward.
What You Need
Before diving in, make sure you have:
Two AWS Accounts: One for Dev and one for Staging.
AWS CLI Configured: Set up profiles for both accounts.
Terraform Installed: Ensure Terraform is installed on your machine.
Step 1: Set Up AWS Providers
First, we need to define the AWS providers for each account and region. Providers are how Terraform interacts with AWS. Here’s how to set them up in your main.tf
file:
# main.tf
provider "aws" {
alias = "accountA"
profile = "accountA"
region = "us-east-1"
}
provider "aws" {
alias = "accountB"
profile = "accountB"
region = "us-west-2"
}
alias
: Allows us to distinguish between the two accounts.profile
: Refers to the AWS CLI profile for each account.region
: Specifies the AWS region where the VPC will be created.
Step 2: Define Your Variables
Next, we'll define variables for our VPCs. This makes it easy to manage and reuse settings. Add the following to your main.tf
file:
# Variables for Account A
variable "accountA" {
description = "Settings for Account A"
type = object({
vpc_cidr_block = string
tags = map(string)
})
default = {
vpc_cidr_block = "10.0.0.0/16"
tags = {
account = "Dev Environment-vpc"
Environment = "Dev"
}
}
}
# Variables for Account B
variable "accountB" {
description = "Settings for Account B"
type = object({
vpc_cidr_block = string
tags = map(string)
})
default = {
vpc_cidr_block = "10.1.0.0/16"
tags = {
account = "Staging Environment-vpc"
Environment = "Staging"
}
}
}
vpc_cidr_block
: Defines the IP range for the VPC.tags
: Tags to help identify your VPCs.
Step 3: Create the VPCs
Now, let's use the defined variables to create VPCs in both accounts. Add these resources to your main.tf
file:
# VPC in Account A
resource "aws_vpc" "vpc_accountA" {
provider = aws.accountA
cidr_block = var.accountA.vpc_cidr_block
tags = var.accountA.tags
}
# VPC in Account B
resource "aws_vpc" "vpc_accountB" {
provider = aws.accountB
cidr_block = var.accountB.vpc_cidr_block
tags = var.accountB.tags
}
terraform init
This command initializes your Terraform workspace, downloads provider plugins, and prepares the environment.
Command:
sqlCopy codeInitializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Installing hashicorp/aws v3.48.0...
- Installed hashicorp/aws v3.48.0 (signed by HashiCorp)
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see any changes that will be made.
Explanation:
Initialization: Sets up your working directory for use with Terraform.
Provider Plugins: Downloads and installs the necessary plugins (like AWS).
Backend: If configured, Terraform will also initialize the backend for state storage.
2. terraform plan
This command shows you what Terraform will do when you run terraform apply
. It’s a way to review changes before applying them.
Terraform will perform the following actions:
# aws_vpc.vpc_accountA will be created
+ resource "aws_vpc" "vpc_accountA" {
+ arn = (known after apply)
+ cidr_block = "10.0.0.0/16"
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "Dev"
+ "account" = "Dev Environment-vpc"
}
+ vpc_id = (known after apply)
}
# aws_vpc.vpc_accountB will be created
+ resource "aws_vpc" "vpc_accountB" {
+ arn = (known after apply)
+ cidr_block = "10.1.0.0/16"
+ id = (known after apply)
+ instance_tenancy = "default"
+ ipv6_cidr_block = (known after apply)
+ main_route_table_id = (known after apply)
+ owner_id = (known after apply)
+ tags = {
+ "Environment" = "Staging"
+ "account" = "Staging Environment-vpc"
}
+ vpc_id = (known after apply)
}
Plan: 2 to add, 0 to change, 0 to destroy.
Explanation:
Actions: Shows what resources will be created, modified, or destroyed.
Resource Details: Displays details like
cidr_block
,tags
, and other properties.Plan Summary: Indicates that 2 resources (VPCs) will be added, and none will be changed or destroyed.
3. terraform apply
This command applies the changes required to reach the desired state of the configuration.
yamlCopy codeaws_vpc.vpc_accountA: Creating...
aws_vpc.vpc_accountB: Creating...
aws_vpc.vpc_accountA: Creation complete after 10s [id=vpc-0a1b2c3d4e5f6g7h8]
aws_vpc.vpc_accountB: Creation complete after 12s [id=vpc-0i9j8k7l6m5n4o3p2]
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Wrapping Up
And there you go! You've set up VPCs in two different AWS accounts and regions using Terraform. By defining variables and using multiple providers, you’ve created a clean and manageable setup.
This script is a solid foundation for further customization and expansion, like adding subnets, security groups, or other AWS resources.
Hope this guide helps you get started with your AWS VPC setup. Happy cloud computing!