Creating AWS VPCs in Two Different Accounts .

·

4 min read

Hey there! If you're ready to set up AWS Virtual Private Clouds (VPCs) in different Accounts , you're in the right place. In this guide, I'll show you how to create VPCs in two different AWS accounts—one for development (Dev) and one for staging—across different regions. We'll keep things simple and straightforward.

What You Need

Before diving in, make sure you have:

  1. Two AWS Accounts: One for Dev and one for Staging.

  2. AWS CLI Configured: Set up profiles for both accounts.

  3. Terraform Installed: Ensure Terraform is installed on your machine.

Step 1: Set Up AWS Providers

First, we need to define the AWS providers for each account and region. Providers are how Terraform interacts with AWS. Here’s how to set them up in your main.tf file:

# main.tf

provider "aws" {
  alias   = "accountA"
  profile = "accountA"
  region  = "us-east-1"
}

provider "aws" {
  alias   = "accountB"
  profile = "accountB"
  region  = "us-west-2"
}
  • alias: Allows us to distinguish between the two accounts.

  • profile: Refers to the AWS CLI profile for each account.

  • region: Specifies the AWS region where the VPC will be created.

Step 2: Define Your Variables

Next, we'll define variables for our VPCs. This makes it easy to manage and reuse settings. Add the following to your main.tf file:

# Variables for Account A
variable "accountA" {
  description = "Settings for Account A"
  type = object({
    vpc_cidr_block = string
    tags           = map(string)
  })
  default = {
    vpc_cidr_block = "10.0.0.0/16"
    tags           = {
      account     = "Dev Environment-vpc"
      Environment = "Dev"
    }
  }
}

# Variables for Account B
variable "accountB" {
  description = "Settings for Account B"
  type = object({
    vpc_cidr_block = string
    tags           = map(string)
  })
  default = {
    vpc_cidr_block = "10.1.0.0/16"
    tags           = {
      account     = "Staging Environment-vpc"
      Environment = "Staging"
    }
  }
}
  • vpc_cidr_block: Defines the IP range for the VPC.

  • tags: Tags to help identify your VPCs.

Step 3: Create the VPCs

Now, let's use the defined variables to create VPCs in both accounts. Add these resources to your main.tf file:

# VPC in Account A
resource "aws_vpc" "vpc_accountA" {
  provider      = aws.accountA
  cidr_block    = var.accountA.vpc_cidr_block
  tags          = var.accountA.tags
}

# VPC in Account B
resource "aws_vpc" "vpc_accountB" {
  provider      = aws.accountB
  cidr_block    = var.accountB.vpc_cidr_block
  tags          = var.accountB.tags
}

terraform init

This command initializes your Terraform workspace, downloads provider plugins, and prepares the environment.

Command:

sqlCopy codeInitializing the backend...

Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Installing hashicorp/aws v3.48.0...
- Installed hashicorp/aws v3.48.0 (signed by HashiCorp)

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see any changes that will be made.

Explanation:

  • Initialization: Sets up your working directory for use with Terraform.

  • Provider Plugins: Downloads and installs the necessary plugins (like AWS).

  • Backend: If configured, Terraform will also initialize the backend for state storage.

2. terraform plan

This command shows you what Terraform will do when you run terraform apply. It’s a way to review changes before applying them.

Terraform will perform the following actions:

  # aws_vpc.vpc_accountA will be created
  + resource "aws_vpc" "vpc_accountA" {
      + arn                  = (known after apply)
      + cidr_block            = "10.0.0.0/16"
      + id                    = (known after apply)
      + instance_tenancy      = "default"
      + ipv6_cidr_block       = (known after apply)
      + main_route_table_id   = (known after apply)
      + owner_id              = (known after apply)
      + tags                  = {
          + "Environment" = "Dev"
          + "account"     = "Dev Environment-vpc"
        }
      + vpc_id                = (known after apply)
    }

  # aws_vpc.vpc_accountB will be created
  + resource "aws_vpc" "vpc_accountB" {
      + arn                  = (known after apply)
      + cidr_block            = "10.1.0.0/16"
      + id                    = (known after apply)
      + instance_tenancy      = "default"
      + ipv6_cidr_block       = (known after apply)
      + main_route_table_id   = (known after apply)
      + owner_id              = (known after apply)
      + tags                  = {
          + "Environment" = "Staging"
          + "account"     = "Staging Environment-vpc"
        }
      + vpc_id                = (known after apply)
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Explanation:

  • Actions: Shows what resources will be created, modified, or destroyed.

  • Resource Details: Displays details like cidr_block, tags, and other properties.

  • Plan Summary: Indicates that 2 resources (VPCs) will be added, and none will be changed or destroyed.

3. terraform apply

This command applies the changes required to reach the desired state of the configuration.

yamlCopy codeaws_vpc.vpc_accountA: Creating...
aws_vpc.vpc_accountB: Creating...
aws_vpc.vpc_accountA: Creation complete after 10s [id=vpc-0a1b2c3d4e5f6g7h8]
aws_vpc.vpc_accountB: Creation complete after 12s [id=vpc-0i9j8k7l6m5n4o3p2]

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Wrapping Up

And there you go! You've set up VPCs in two different AWS accounts and regions using Terraform. By defining variables and using multiple providers, you’ve created a clean and manageable setup.

This script is a solid foundation for further customization and expansion, like adding subnets, security groups, or other AWS resources.

Hope this guide helps you get started with your AWS VPC setup. Happy cloud computing!