In this series, we shift clouds and walk through how to create a web server on AWS with all the networking and Instance configuration necessary through the AWS console. The first part is going to take us through creating an AWS VPC and getting organized with Resource Group tagging. Like the Azure web server tutorial, we will be showing you how to deploy the same Infrastructure as Code with Tuono using the same simple blueprint code we used in the previous deployment to Azure!
How to create a Resource Group in the AWS Portal
In AWS, resource groups are not required but we prefer to organize our infrastructure in a resource group. This gives you the ability to see all the related resources in one AWS Management Console tab. And, it avoids future sprawl removing the feeling of not knowing exactly what you have deployed in your cloud.
From the AWS Management Console search for ‘resource group’ and open the Resource Groups & Tag Editor and click “Create Resource Group”.
Let’s create a Tag based resource group that will group with a tag of
walkthrough and a value of
webserver. Add that tag pair, provide the resource group with a name and click “Create group”.
How to create a Virtual Private Cloud in the AWS Console
A Virtual Private Cloud (VPC) is an AWS Virtual Network. Unfortunately, Amazon tends to pick names that do not have any indication as to what the service really is. Let’s navigate to the VPC dashboard by searching VPC in the AWS Management Console and Launching the VPC Wizard.
Select a VPC with a single Public Subnet.
Let’s give our VPC and subnet a name and create the VPC.
The VPC wizard creates a subnet, routing table and internet gateway for the virtual network as well as a Network Access Control List and Security Group.
Unfortunately, you may not have known that AWS created multiple objects for the VPC as none of these objects show up in our resource group. Unfortunately the wizard does not have an option to add tags at creation time.
To keep the shop tidy let’s add our resource group Key
walkthrough and Value
webserver to each created object so we don’t lose track of them as we build out future infrastructure.
Now we can keep track of our VPC network objects from our Resource Group.
How do I build a VPC with Tuono?
This code may look familiar to anyone who also reviewed the Azure web server quickstart. That is because it is the same code. Writing simple Infrastructure as Code with Tuono allows you to create it once and deploy to multiple clouds.
location: region: my-region: country: USA area: northwest folder: aws-walkthrough: region: my-region
Define the network range.
networking: network: vnet-walkthrough: range: 10.0.0.0/16 scope: public
We then create a subnet that we will use for our web server.
subnet: subnet-walkthrough: range: 10.0.0.0/24 network: vnet-walkthrough
With these pieces of a Tuono Blueprint we create a resource group, assign a Virtual Network and associate a specific subnet!
Our Tuono deployed Resource Group contains the following objects. We automatically tag all created resources so you can easily find Tuono created objects.
You may notice that there are extra Network Access Control Lists when deploying a VPC with Tuono. We believe in control of network security and Secure by Default policies at every level we can. This allows us to fine-tune network access based on your requirements and avoids wide-open networks like the Cloud Providers default to. Access will not be open unless you allow it explicitly.
Our complete Blueprint currently looks like the following and when applied to an Environment through the Tuono portal or API it forms a groundwork of communication for future resources.
# # This is an example blueprint that demonstrates the creation of a network # --- location: region: my-region: country: USA area: northwest folder: aws-walkthrough: region: my-region networking: network: vnet-walkthrough: range: 10.0.0.0/16 scope: public subnet: subnet-walkthrough: range: 10.0.0.0/24 network: vnet-walkthrough
You can follow along with this series and start automating AWS by signing up for the free Tuono Community Edition. All of the code samples in this article can be put into a Blueprint and deployed into the cloud.