AWS IGW Using AWS Terraform

Terraform is an Infrastructure As Code tool that is used to programmatically provision infrastructure on a cloud platform. Here in this guide, i will first discuss what is AWS Internet Gateway and its important features. Then I will discuss Terraform. After this i will walk you through the different steps to create an AWS Internet Gateway using Terraform and how it helps to connect an EC2 Instance inside the VPC.

What is AWS IGW?

AWS Internet Gateway (IGW) is one of the important network components on the AWS cloud platform which facilitates the communication between the resources inside a VPC and the internet. It acts as a gateway allowing traffic from the outside world to access instances inside VPC and also allows the instances to download any required package by accessing the internet. Suppose you have created a VPC and using this VPC you have also created EC2 instances. Now if you try to connect the EC2 instance using SSH, it will throw an error. To solve this error you need to create an Internet Gateway(IGW) and attach it to VPC so that the EC2 instance can easily be accessed.

Some of the features of IGW are :

• IGW is used in a public subnet.
• Exactly one IGW can be attached to a VPC at a time.
• IGW is not availability zone-specific.
• Creating IGW does not incur any cost on the AWS account.

What is Terraform?

Terraform is an Infrastructure As Code tool that is allowed to create and provision infrastructure on different cloud platforms by using a declarative configurational language that is Hashicorp Configurational Language(HCL). It supports multiple cloud platforms like AWS, Azure, GCP and many more. Terraform allows organizations to use multiple cloud strategies to provision their infrastructure. This allows organizations not to depend on a single cloud platform. Apart from this, there are many problems an organization can face if Terraform is not used. For example, if an organization has created infrastructure only using AWS Console Azure Console GCP Console, or any other cloud platform Console, if any error they face in their infrastructure, then resolving such errors manually can take too much time. There will be unnecessary waste of money in such cases. But if the same task is done using Terraform, then the creation of such errors will be entirely eliminated. This increases the reliability of provisioning infrastructure on any cloud platform using Terraform. In summary, we can say, that Terraform’s simplicity, cross-platform compatibility, and automation capabilities make it an important tool to maintain control, reliability, and scalability.

Pre-requisites

Before moving to the next section you should make sure that you have installed Terraform on your system. If Terraform is not installed on your system then you can follow this detailed geeks for geeks article Setup Terraform On Linux and Windows Machine to install Terraform on your system.

Steps To Create AWS IGW Using AWS Terraform

Step 1: First mention the cloud provider and also the region in which you want to create an AWS Internet Gateway.

provider.tf

provider "aws" {
    region = "us-east-1"
}

Step 2: Then create a VPC . Mention the CIDR range .

create_vpc.tf

resource "aws_vpc" "main" {
  cidr_block       = "10.0.0.0/16"
  instance_tenancy = "default"

  tags = {
    Name = "vpc"
  }
}

Step 3 : Create a public subnet in the VPC . Mention the CIDR range and VPC ID .

subnet.tf

resource "aws_subnet" "main" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  map_public_ip_on_launch=true   
  tags = {
    Name = "Public-Subnet"
  }
}

Step 4 : Create a variables file to store the ami-id, instance type , ssh port .

variables.tf

variable "instance_type" {
  description = "This describes the instance type"
  type = string
  default = "t2.micro"
}

variable "ami_id" {
    description = "This describes the ami image"
    type = string
    default = "ami-01c647eace872fc02"
}

variable "ssh_port" {
  description = "SSH Port"
  type = number
  default = 22
}

Step 5 : Now create a security group . Mention the name of the security group and VPC ID .

security_group.tf

resource "aws_security_group" "security-group" {

    name = "terraform-security-group"
    vpc_id = aws_vpc.main.id
    ingress  {
        from_port = var.ssh_port
        to_port = var.ssh_port
        protocol = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
    }
    egress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]

    }
}

Step 6 : Create an EC2 instance resource . Here attach all the variables and also mention the subnet ID and security group ID .

main.tf

resource "aws_instance" "example"{
    ami = var.ami_id
    instance_type = var.instance_type
    subnet_id = aws_subnet.main.id
    vpc_security_group_ids = [aws_security_group.security-group.id]

    tags = {
        Name = "EC2-Server"
    }
}

Step 7 : After this use the below commands one by one to execute all these terraform files .

terraform init
terraform plan 
terraform apply

Step 8 : Now go to your AWS Console and try to connect the EC2 instance . You will observe , it throws an error because there is no gateway that allows to access the EC2 instance from internet .

Step 9 : The error can be resolved if an internet gateway is created and attached to the VPC . Now create an internet gateway and a route table . Here basically in route table, routes are mentioned to route the traffic to internet gateway .

igw.tf

resource "aws_internet_gateway" "igw" {
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "IGW"
  }
}
resource "aws_route_table" "rt" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw.id
  }

  tags = {
    Name = "route_table"
  }
}
resource "aws_route_table_association" "a" {
  subnet_id      = aws_subnet.main.id
  route_table_id = aws_route_table.rt.id
}

Step 10 : Execute the terraform file using the command below . Here in this step all the previous resources state will be refreshed and 3 more resources will be created .

terraform apply

Step 11 : Now go to AWS Console and try to connect the EC2 instance , you will observe that you can connect EC2 instance successfully .

Now if you want delete the resources, use the command below .

terraform destroy

Conclusion

Here in this guide you have first learned about what is Internet Gateway(IGW) and how it helps to access instances inside a VPC from the internet . Then you have learned What is Terraform and advantages of using Terraform instead of any cloud platform Console to provision Infrastructure . After this you have created an Internet Gateway on the AWS cloud platform using Terraform and checked whether EC2 Instance inside the VPC can be accessed from the Internet or not .

AWS IGW Using AWS Terraform – FAQ’s

What is the role of IGW ?

IGW helps to connect the instances inside a VPC from the internet . And it also allows the instance to access internet to download necessary packages .

What is the difference between an IGW and NAT gateway ?

IGW is used in public subnet for both inbound and outbound internet access but NAT gateway is used for private subnets to access internet (only outbound ) . Creating IGW does not incur any cost on the other hand creating NAT gateways incur costs .

How to get internet access in an EC2 instance inside a VPC ?

To get internet access in an EC2 instance , you have to place the EC2 instance inside a subnet which has a route to Internet gateway in the route table .

Which resource is used to create Internet Gateway using Terraform ?

‘aws_internet_gateway’ resource is used to create Internet gateway using Terraform .

How many Internet Gateways can be attached to a VPC ?

Only one Internet Gateway can be attached to a VPC .