Skip to main content
HashnodeBalapradeep'S blog

Command Palette

Search for a command to run...

Automated AWS RDS Creation with Terraform: A Secure Approach

Updated
ā€¢3 min read
Automated AWS RDS Creation with Terraform: A Secure Approach
B
Balapradeep S

Introduction: In this post, we'll dive into the world of infrastructure as code (IaC) using Terraform to automate the setup of AWS resources. We'll walk through a practical example where we create a MySQL database instance and a corresponding EC2 instance for easy access, all orchestrated with Terraform scripts.

Step 1: Enhancing Security with Automated Password Generation Our journey begins by leveraging Terraform's random_password resources to generate strong, randomized passwords for our MySQL databases. By customizing parameters such as length, character types, and minimum requirements, we ensure robust security measures are in place from the start.

resource "random_password" "password_generator" {
  length       = 12
  lower        = true
  min_lower    = 3   
  min_numeric  = 3   
  min_special  = 3   
  min_upper    = 3   
  numeric      = true
  special      = true
  upper        = true
  }

Step 2: Orchestrating MySQL Database Instances with Terraform Next, we utilize Terraform's aws_db_instance resource to define the specifications of our MySQL database instances. From storage allocation to engine version and instance class, every aspect of our database setup is meticulously configured within our Terraform script. By seamlessly integrating the randomly generated passwords, we reinforce security without sacrificing efficiency.

resource "aws_db_instance" "taskdb" {
    identifier           = "my-db-instance"  # Provide your desired DB identifier here
    allocated_storage    = 10
    db_name              = "tftaskdb" #
    engine               = "mysql"
    engine_version       = "5.7"
    instance_class       = "db.t3.micro"
    username             = "terrauser"
    password             = random_password.password_generator.result
    parameter_group_name = "default.mysql5.7"
    skip_final_snapshot  = true
}

Step 3: Securing Access with SSH Key Pairs To facilitate secure access to our EC2 instances, we employ Terraform's aws_key_pair resource to generate SSH key pairs. This ensures that only authorized users with the corresponding private keys can access the instances, minimizing the risk of unauthorized access and data breaches.

resource "aws_key_pair" "my_key_pair" {
  key_name   = "Monkey-D"
  public_key = file("~/.ssh/id_rsa.pub")  # Update with the path to your public key
}

Step 4: Deploying EC2 Instances for Seamless Connectivity In this step, we deploy EC2 instances using Terraform's aws_instance resource, serving as connectors to our MySQL database instances. By specifying essential parameters such as AMI, instance type, and associating them with our SSH key pairs, we establish secure and reliable connections between components.

resource "aws_instance" "rdsconnecter" {
    ami = "ami-0cd59ecbe368e5ccf" #Update with your ami
    instance_type = "t2.micro"
    key_name      = aws_key_pair.my_key_pair.key_name  
}

Step 5: Simplifying Management with Outputs Finally, we leverage Terraform's output feature to provide users with essential information for easy access and management. We showcase the public IP addresses of our EC2 instances (rdsconnecterip) and the generated passwords for our MySQL databases (password_result), all while safeguarding sensitive information.

output "rdsconnecterip" {
  value = aws_instance.rdsconnecter.public_ip
}

output "password_result" {
  value = random_password.password_generator.result
  sensitive = true
}

Complete Code

resource "random_password" "password_generator" {
  length       = 12
  lower        = true
  min_lower    = 3   
  min_numeric  = 3   
  min_special  = 3   
  min_upper    = 3   
  numeric      = true
  special      = true
  upper        = true

  }
resource "aws_db_instance" "taskdb" {
    identifier           = "my-db-instance"  # Provide your desired DB identifier here
    allocated_storage    = 10
    db_name              = "tftaskdb" #
    engine               = "mysql"
    engine_version       = "5.7"
    instance_class       = "db.t3.micro"
    username             = "terrauser"
    password             = random_password.password_generator.result
    parameter_group_name = "default.mysql5.7"
    skip_final_snapshot  = true
}

resource "aws_key_pair" "my_key_pair" {
  key_name   = "Monkey-D"
  public_key = file("~/.ssh/id_rsa.pub")  # Update with the path to your public key
}


resource "aws_instance" "rdsconnecter" {
    ami = "ami-0cd59ecaf368e5ccf" #Update with your ami
    instance_type = "t2.micro"
    key_name      = aws_key_pair.my_key_pair.key_name  
}


output "rdsconnecterip" {
  value = aws_instance.rdsconnecter.public_ip
}

output "password_result" {
  value = random_password.password_generator.result
  sensitive = true
}

Conclusion: Through this comprehensive guide, we've demonstrated how Terraform empowers users to automate the deployment of AWS infrastructure components, from database instances to EC2 connectors. By embracing Terraform's capabilities and best practices, organizations can streamline their deployment processes, fortify security measures, and foster greater efficiency and reliability across their environments.

#terraform#iac#rds#aws#ec2#devops#cloud

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Balapradeep'S blog

4 posts