AWS VPC Setup with Terraform and Remote Backend (S3 + DynamoDB)

Aditya KhadangaAditya Khadanga
3 min read

Table of contents

Setting up your infrastructure as code (IaC) is essential in modern cloud environments, and Terraform makes it seamless and efficient. In this blog post, we'll walk through how to create an AWS VPC using Terraform, and manage its state remotely using S3 and DynamoDB for enhanced collaboration and safety.

๐ŸŒ What is an AWS VPC?

An Amazon Virtual Private Cloud (VPC) lets you launch AWS resources in a logically isolated network. It's your own customizable data center in the cloud, complete with subnets, route tables, and gateways.

๐Ÿงพ Source Code

https://github.com/aditya-khadanga/vpc-setup-aws

๐Ÿงฐ Tools Required

  • Terraform (v1.0 or higher)

  • AWS CLI (configured with credentials)

  • S3 Bucket (for remote state storage)

  • DynamoDB Table (for state locking)

๐ŸŽฏ Project Objectives

  • Create a VPC with public and private subnets

  • Set up an Internet Gateway and NAT Gateway

  • Manage routing via route tables

  • Configure Terraform to store state remotely in S3 and lock it with DynamoDB

๐Ÿ—๏ธ Infrastructure Architecture

  • VPC CIDR: 10.0.0.0/16

  • Public Subnet: 10.0.1.0/24

  • Private Subnet: 10.0.2.0/24

  • Region: ap-south-1

๐Ÿ“ Folder Structure

aws-vpc-terraform/
โ”œโ”€โ”€ main.tf
โ”œโ”€โ”€ variables.tf
โ”œโ”€โ”€ outputs.tf
โ”œโ”€โ”€ backend.tf
โ”œโ”€โ”€ provider.tf
โ”œโ”€โ”€ .gitignore
โ”œโ”€โ”€ check-backend-health.sh
โ””โ”€โ”€ README.md

๐Ÿ” Remote Backend Setup

1. Create S3 Bucket

aws s3api create-bucket \
  --bucket your-terraform-state-bucket \
  --region ap-south-1 \
  --create-bucket-configuration LocationConstraint=ap-south-1

2. Create DynamoDB Table

aws dynamodb create-table \
  --table-name terraform-locks \
  --attribute-definitions AttributeName=LockID,AttributeType=S \
  --key-schema AttributeName=LockID,KeyType=HASH \
  --billing-mode PAY_PER_REQUEST \
  --region ap-south-1

3. backend.tf Example

terraform {
  backend "s3" {
    bucket         = "your-terraform-state-bucket"
    key            = "vpc/terraform.tfstate"
    region         = "ap-south-1"
    dynamodb_table = "terraform-locks"
    encrypt        = true
  }
}

๐Ÿš€ Deploying the VPC

1. Initialize Terraform

terraform init

2. Validate Config

terraform validate

3. Apply Changes

terraform apply

Confirm when prompted. Terraform will now use your remote backend for state management.

๐Ÿ” Simulate Locking (Optional Test)

Run terraform apply in one terminal and, while it's running, open another and run it again:

terraform apply

You should see:

Error acquiring the state lock
Lock Info:
  ID:               terraform-20240406...
  Path:             vpc/terraform.tfstate
  Operation:        OperationTypeApply
  Who:              user@hostname

This confirms DynamoDB is handling state locks correctly.

๐Ÿงช Health Check Script

Use this Bash script to check if your backend is configured properly:

chmod +x check-backend-health.sh
./check-backend-health.sh

๐Ÿงน Cleanup

To destroy everything:

terraform destroy

โœ… Final Thoughts

Using Terraform with remote backends like S3 and DynamoDB not only centralizes your state files but also ensures collaboration and prevents state corruption. With this setup, you're ready to scale your infrastructure confidently.

Let me know if you want to extend this setup with EC2, RDS, or container services like ECS or EKS!

0
Subscribe to my newsletter

Read articles from Aditya Khadanga directly inside your inbox. Subscribe to the newsletter, and don't miss out.

vpc setups3 + dynamodbhow to setup aws vpc using terraform remote backendTerraformAWSterraform remote backendS3DynamoDBaditya khadangaDevopsCloud infrastructureremote-backend

Written by

Aditya Khadanga
Aditya Khadanga

A DevOps practitioner dedicated to sharing practical knowledge. Expect in-depth tutorials and clear explanations of DevOps concepts, from fundamentals to advanced techniques. Join me on this journey of continuous learning and improvement!