Multi-Region AWS Infrastructure Automation with Terraform Workspaces

🚀 Automating Multi-Region AWS EC2 Infrastructure with Terraform and Workspaces

✍️ By: [PALUKURI BHASHWANTH]

---

📌 Introduction

Managing infrastructure across multiple AWS regions can get complicated fast. In this blog, I’ll walk you through how I used Terraform, AWS, and Terraform Workspaces to automatically provision and manage EC2 instances across two different regions: us-east-1 (Virginia) and ap-south-1 (Mumbai).

---

🧱 Project Structure

Here’s the directory layout of my Terraform project:

csharpCopyEdit.
├── ec2-res.tf               # EC2 instance resources
├── ec2-sg.tf                # Security group definitions
├── main.tf                  # Provider configurations
├── var.tf                   # All variable definitions
├── terraform.tfstate*       # State tracking files
└── terraform.tfstate.d/     # Workspace-specific states

---

⚙️ Provider Configuration (main.tf)

To work with two AWS regions, I defined two providers — one default and one aliased:

hclCopyEditprovider "aws" {
  region     = "us-east-1"
  access_key = var.ac_key
  secret_key = var.sec_key
}

provider "aws" {
  alias      = "Mumbai"
  region     = "ap-south-1"
  access_key = var.ac_key
  secret_key = var.sec_key
}

✅ Tip: Avoid hardcoding access keys in real environments — use environment variables or the AWS credentials file instead.

---

💻 EC2 Instance Resource Definitions (ec2-res.tf)

I provisioned instances in both regions using the correct providers and aliases:

hclCopyEditresource "aws_instance" "synamedia" {
  count         = 3
  ami           = var.ami_instance_id1
  instance_type = var.dynamic_instance_type ? "t3.micro" : "c7i-flex.large"
  key_name      = var.instance_pem_key
  availability_zone = "us-east-1a"
  vpc_security_group_ids = [aws_security_group.sg_1.id]

  tags = {
    Name    = var.instance_name[count.index]
    Project = "OMD"
  }

  root_block_device {
    volume_size = 30
  }
}

resource "aws_instance" "werfen" {
  provider      = aws.Mumbai
  count         = 3
  ami           = var.ami_instance_id2
  instance_type = var.dynamic_instance_type ? "t3.micro" : "c7i-flex.large"
  key_name      = var.instance_pem_key1
  availability_zone = var.mumbai_avail_zone_choose ? "ap-south-1a" : "ap-south-1b"

  tags = {
    Name    = var.instance_name[count.index]
    Project = "Instrumentation Laboratory ACL ELITE Pro"
  }

  lifecycle {
    create_before_destroy = true
  }

  root_block_device {
    volume_size = 30
  }
}

---

🔒 Security Group Setup (ec2-sg.tf)

This reusable security group allows TCP traffic on dynamic ports:

hclCopyEditresource "aws_security_group" "sg_1" {
  name        = "deploy-1"
  description = "Security group for EC2"
  vpc_id      = "vpc-0a490d1c5a1160322"

  dynamic "ingress" {
    for_each = var.ports
    content {
      from_port   = ingress.value
      to_port     = ingress.value
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    }
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

---

🧩 Variable Definitions (var.tf)

Make sure you use valid variable names (no hyphens):

hCopyEditvariable "ac_key" { ... }
variable "sec_key" { ... }
variable "ami_instance_id1" { ... }
variable "ami_instance_id2" { ... }
variable "instance_name" { type = list(string) }
variable "ports" { type = list(number) }

---

🧠 Using Terraform Workspaces

Workspaces help manage multiple environment states:

🔁 Commands I used:

bashCopyEditterraform workspace new dev
terraform workspace select dev
terraform apply

terraform workspace new test
terraform workspace select test
terraform apply

Each workspace maintains its own terraform.tfstate under:

bashCopyEditterraform.tfstate.d/dev/
terraform.tfstate.d/test/

This allows you to deploy the same code to multiple environments without conflict.

---

✅ What I Learned

• Aliased providers let you work with multiple AWS regions in a single Terraform config.

• Terraform workspaces isolate environments cleanly.

• Using dynamic blocks (like in ports) is a great way to write flexible infra.

• Proper naming of variables is critical — hyphens (-) will break things.

---

📝 Conclusion

Using Terraform with workspaces and multi-region providers is a powerful way to scale infrastructure deployments across environments and geographies. If you’re just starting with Terraform, this setup teaches you reusable patterns you'll need for any real-world project.

---

📌 Next Steps (Optional for Readers)

• Add backend support with S3 + DynamoDB for remote state.

• Use terraform.tfvars files for environment-specific variables.

• Integrate with CI/CD tools like GitHub Actions or Jenkins.