How to configure VPC and subnets with Terraform

Amazon Web Services (AWS) infrastructure management can be difficult and time-consuming. AWS offers many different services, and setting them up by hand can be difficult to maintain and prone to errors. Provisioning and maintaining our AWS resources may be easier and more automated using Terraform, an effective infrastructure-as-code tool. In this answer, we’ll walk through configuring AWS infrastructure with Terraform.

What is Terraform?

HashiCorp developed the open-source infrastructure-as-code utility Terraform. It enables us to use a declarative configuration languageA declarative configuration language defines system settings by specifying the desired state rather than procedural steps. to describe and provision infrastructure resources. Terraform allows us to specify the ideal state of the infrastructure and manages the process of adding, removing, or altering resources to bring it into compliance.

Prerequisites

Before getting started, we'll need the following prerequisites:

  • AWS account: We must have an AWS account and access key credentials.

  • AWS CLI: Configure the AWS account, using aws configure command, through the console.

  • Terraform installed: Install Terraform on the local machine by following the official documentationhttps://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli.

Steps to configure VPC and subnets with Terraform

Here is a detailed step-by-step guide on configuring a VPC and subnets on AWS using Terraform.

Step 1: Configure AWS CLI

Configure the AWS CLI using aws configure command and use access and secret access keys for configuration. Provide us-east-1 as the region and use json as the output format.

Read more on how to generate access and secret access keys in AWS.

Step 2: Initialize the Terraform configuration

Create a new folder/directory for the Terraform configuration and create a file named main.tf. This file will contain the configuration for the AWS infrastructure. Initialize the Terraform configuration by running:

terraform init

This command downloads the necessary provider plugins and sets up a working directory for us.

Step 3: Define AWS provider

In the main.tf file, define the AWS provider by specifying the AWS region.

provider "aws" {
  region = "us-east-1"
}
Command to initialize AWS provider

Step 4: Create VPC

Create a VPCA virtual private cloud (VPC) is a secure environment in a public cloud that isolates its resources from the other resources on the cloud. with a specified CIDRClassless Inter-Domain Routing is a method for allocating IP addresses for IP routing. block.

resource "aws_vpc" "my_vpc_2024" {
  cidr_block = "10.0.0.0/16"
  enable_dns_support = true
  enable_dns_hostnames = true
  tags = {
    Name = "my_vpc_2024"
  }
}
Command to create AWS VPC

Code explanation: This creates an AWS VPC with the IP range 10.0.0.0/16, enables DNS support and hostnames, and tags it with the name "my_vpc_2024".

Step 5: Create subnets

Create public and private subnetsA subnetwork, or subnet, is a logical subdivision of an IP network. within the same VPC.

resource "aws_subnet" "subnet_a" {
  vpc_id     = aws_vpc.my_vpc_2024.id
  cidr_block = "10.0.0.0/24"
  availability_zone = "us-east-1a"
  map_public_ip_on_launch = true
  tags = {
    Name = "SubnetA"
  }
}
resource "aws_subnet" "subnet_b" {
  vpc_id     = aws_vpc.my_vpc_2024.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1b"
  map_public_ip_on_launch = true
  tags = {
    Name = "SubnetB"
  }
}
Command to create VPC subnets

Code explanation: This creates two subnets within the VPC "my_vpc_2024", each with a different IP range and availability zone, and assigns public IPs to instances on launch. SubnetA is in “us-east-1a” with the IP range 10.0.0.0/24, and SubnetB is in “us-east-1b” with the IP range 10.0.1.0/24.

Step 6: Create internet gateway and route tables

Create an Internet Gateway for the public subnet and configure route tables for public and private subnets. An internet gateway allows VPCs to connect to the internet, while route tables handles the traffic routing for a VPC.

resource "aws_internet_gateway" "vpc_internet_gateway" {
  vpc_id = aws_vpc.my_vpc_2024.id
  tags = {
    Name = "VPC_InternetGateway"
  }
}  
resource "aws_route_table" "vpc_route_table" {
  vpc_id = aws_vpc.my_vpc_2024.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.vpc_internet_gateway.id
  }
  tags = {
    Name = "VPC_RouteTable"
  }
}
Command to create route tables

Code explanation: This code configures an internet gateway for the VPC “my_vpc_2024” to enable internet access, and sets up a route table that directs all non-local traffic (0.0.0.0/0) to the internet gateway for routing within the VPC. Both resources are tagged for identification purposes.

Step 7: Plan and apply changes

To observe the modifications Terraform will make to the infrastructure, run terraform plan. We can preview the resources that will be produced, altered, or removed with the aid of this command.

If everything in the plan seems good, we may use terraform apply and start the modifications. Before moving further, Terraform will ask us to validate the changes. Type yes for confirmation. It will generate the designated AWS resources after confirmation.

terraform apply

Step 8: Monitor and manage resources

Terraform can be used to manage and monitor the AWS resources. For instance, if we want to update the CIDR block of a subnet, we can edit the configuration in your main.tf file and then rerun terraform apply. Terraform will make the necessary updates to the current resources.

Step 9: Destroy resources

When we no longer need the AWS resources, we can use Terraform to destroy them. Run terraform destroy, and Terraform will remove all the resources defined in the configuration.

terraform destroy
Command to destroy resources using terraform

Best practices

  • Version control: Store the Terraform configurations in version control systems like Git to track changes over time.

  • State management: Terraform employs state files to monitor the infrastructure’s condition. A remote state backend might be useful for improved durability and teamwork.

  • Security: Always store sensitive data such as access keys securely, using environment variables or dedicated secret management services.

Test your code

To connect to the AWS CLI, use the following terminal command:

aws configure

Then, utilize the file main.tf located in the usercode directory to execute and follow the steps given above to implement the resources on the cloud. Use cat main.tf to see the file already created for you.
Use the terraform init command to initialize terraform in the usercode directory and then follow step 7 and onwards for deployment.

Terminal 1
Terminal
Loading...

Conclusion

Terraform is an effective tool for managing and configuring infrastructure on AWS, GCP, and Azure. In this Answer, we explored how to configure a VPC and subnets on AWS using Terraform. By following these steps, we can simplify the process of creating, updating, and destroying resources on AWS in a stable and reproducible manner. Always use caution while changing the AWS resources and adhere to standard practices for infrastructure as code to guarantee a seamless and safe experience.

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved