Creating AWS VPCs in Two Different Accounts .

FaizanFaizan
4 min read

Table of contents

Hey there! If you're ready to set up AWS Virtual Private Clouds (VPCs) in different Accounts , you're in the right place. In this guide, I'll show you how to create VPCs in two different AWS accounts—one for development (Dev) and one for staging—across different regions. We'll keep things simple and straightforward.

What You Need

Before diving in, make sure you have:

  1. Two AWS Accounts: One for Dev and one for Staging.

  2. AWS CLI Configured: Set up profiles for both accounts.

  3. Terraform Installed: Ensure Terraform is installed on your machine.

Step 1: Set Up AWS Providers

First, we need to define the AWS providers for each account and region. Providers are how Terraform interacts with AWS. Here’s how to set them up in your main.tf file:

# main.tf

provider "aws" {
  alias   = "accountA"
  profile = "accountA"
  region  = "us-east-1"
}

provider "aws" {
  alias   = "accountB"
  profile = "accountB"
  region  = "us-west-2"
}

  • alias: Allows us to distinguish between the two accounts.

  • profile: Refers to the AWS CLI profile for each account.

  • region: Specifies the AWS region where the VPC will be created.

Step 2: Define Your Variables

Next, we'll define variables for our VPCs. This makes it easy to manage and reuse settings. Add the following to your main.tf file:

# Variables for Account A
variable "accountA" {
  description = "Settings for Account A"
  type = object({
    vpc_cidr_block = string
    tags           = map(string)
  })
  default = {
    vpc_cidr_block = "10.0.0.0/16"
    tags           = {
      account     = "Dev Environment-vpc"
      Environment = "Dev"
    }
  }
}

# Variables for Account B
variable "accountB" {
  description = "Settings for Account B"
  type = object({
    vpc_cidr_block = string
    tags           = map(string)
  })
  default = {
    vpc_cidr_block = "10.1.0.0/16"
    tags           = {
      account     = "Staging Environment-vpc"
      Environment = "Staging"
    }
  }
}

  • vpc_cidr_block: Defines the IP range for the VPC.

  • tags: Tags to help identify your VPCs.

Step 3: Create the VPCs

Now, let's use the defined variables to create VPCs in both accounts. Add these resources to your main.tf file:

# VPC in Account A
resource "aws_vpc" "vpc_accountA" {
  provider      = aws.accountA
  cidr_block    = var.accountA.vpc_cidr_block
  tags          = var.accountA.tags
}

# VPC in Account B
resource "aws_vpc" "vpc_accountB" {
  provider      = aws.accountB
  cidr_block    = var.accountB.vpc_cidr_block
  tags          = var.accountB.tags
}

terraform init

This command initializes your Terraform workspace, downloads provider plugins, and prepares the environment.

Command:

sqlCopy codeInitializing the backend...

Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Installing hashicorp/aws v3.48.0...
- Installed hashicorp/aws v3.48.0 (signed by HashiCorp)

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see any changes that will be made.

Explanation:

  • Initialization: Sets up your working directory for use with Terraform.

  • Provider Plugins: Downloads and installs the necessary plugins (like AWS).

  • Backend: If configured, Terraform will also initialize the backend for state storage.

2. terraform plan

This command shows you what Terraform will do when you run terraform apply. It’s a way to review changes before applying them.

Terraform will perform the following actions:

  # aws_vpc.vpc_accountA will be created
  + resource "aws_vpc" "vpc_accountA" {
      + arn                  = (known after apply)
      + cidr_block            = "10.0.0.0/16"
      + id                    = (known after apply)
      + instance_tenancy      = "default"
      + ipv6_cidr_block       = (known after apply)
      + main_route_table_id   = (known after apply)
      + owner_id              = (known after apply)
      + tags                  = {
          + "Environment" = "Dev"
          + "account"     = "Dev Environment-vpc"
        }
      + vpc_id                = (known after apply)
    }

  # aws_vpc.vpc_accountB will be created
  + resource "aws_vpc" "vpc_accountB" {
      + arn                  = (known after apply)
      + cidr_block            = "10.1.0.0/16"
      + id                    = (known after apply)
      + instance_tenancy      = "default"
      + ipv6_cidr_block       = (known after apply)
      + main_route_table_id   = (known after apply)
      + owner_id              = (known after apply)
      + tags                  = {
          + "Environment" = "Staging"
          + "account"     = "Staging Environment-vpc"
        }
      + vpc_id                = (known after apply)
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Explanation:

  • Actions: Shows what resources will be created, modified, or destroyed.

  • Resource Details: Displays details like cidr_block, tags, and other properties.

  • Plan Summary: Indicates that 2 resources (VPCs) will be added, and none will be changed or destroyed.

3. terraform apply

This command applies the changes required to reach the desired state of the configuration.

yamlCopy codeaws_vpc.vpc_accountA: Creating...
aws_vpc.vpc_accountB: Creating...
aws_vpc.vpc_accountA: Creation complete after 10s [id=vpc-0a1b2c3d4e5f6g7h8]
aws_vpc.vpc_accountB: Creation complete after 12s [id=vpc-0i9j8k7l6m5n4o3p2]

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Wrapping Up

And there you go! You've set up VPCs in two different AWS accounts and regions using Terraform. By defining variables and using multiple providers, you’ve created a clean and manageable setup.

This script is a solid foundation for further customization and expansion, like adding subnets, security groups, or other AWS resources.

Hope this guide helps you get started with your AWS VPC setup. Happy cloud computing!

22
Subscribe to my newsletter

Read articles from Faizan directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSTerraformvpcVpc basics

Written by

Faizan
Faizan

👋 Hi there! I'm Faizan, a Certified AWS Certified Solution Architect with over 3 years of hands-on experience in IT Service Desk, AWS Cloud, and Infrastructure Support. I thrive in customer-oriented environments, where I tackle challenges head-on and deliver effective solutions. Throughout my career, I have demonstrated a strong commitment to problem-solving, always striving to exceed expectations and provide exceptional service. As a proactive and focused professional, I possess a natural curiosity and enthusiasm for technology, which fuels my passion for continuous learning and growth. Working collaboratively within diverse teams, I am a reliable team player who values open communication and fosters a positive work environment. I pride myself on my ability to adapt quickly and work independently, ensuring smooth operations and efficient workflows. My hunger for knowledge has led me to explore the exciting realms of DevOps and further expand my AWS expertise. I embrace new challenges and seize opportunities to develop my skills, seeking to stay at the forefront of emerging trends and best practices. Beyond the professional sphere, I am an avid explorer of different cultures, languages, and perspectives. I find joy in engaging with people from diverse backgrounds, discovering new places, and immersing myself in the beauty of our world. I am eager to connect with like-minded professionals, industry experts, and potential collaborators. Let's forge new connections, share insights, and explore opportunities together. Feel free to reach out, and let's start a conversation! #AWS #CloudComputing #DevOps #ITSupport #CustomerService #Networking