Creation of Vpc with public and private subnets and launching wordpress on aws

4 min readJul 24, 2020

In this practical we set up NAAS(Network as a service) in aws. We created a Vpc(virtual private cloud) and launched two subnets a private and a public.We created an internet for gateway and connected it to our vpc for internet access. We created route tables and attached to the public subnet. We automated the whole setup through terraform.

Problem Statement:

Create a VPC.
In that vpc create two subnets a public and a private one.The public subnet should have access to the public world and the private subnet should not have access to the public world.
Create and attach an Internet gateway to vpc for internet connection.
Create an attach the routing table to the public subnet.
Launch a wordpress site having a security group which allows port 80 for user to connect to our site,make it a part of public subnet.
Launch a mysql database in private subnet so that nobody from outside can connect to mysql database.

Step 1: First create a profile through aws cli command.

Then use this command to initialize the working directory having the terraform config files.

>terraform init

Step 2: We create a vpc with hostname enable option to be able to access the instances with hostnames as well and give an ip range from which ip are given to instances.

Step 3: Create an internet gateway for connection to the public world.

Step 4: Create public subnet which gives public ip to its instances and private subnet.We give the ip range from the bigger range provided in vpc to the subnets.

Step 5: Create a routing table and attach it to the public subnet. The rule in the routing table allows any ip to come in from the public world(eg. doing an ssh) or the instances form the public subnet to connect to the internet(public world).

Step 6: Create a security group for wordpress and mysql instance. We allow port 80 and 22 on wordpress instances so that users can connect to the wordpress site and through port 22 we can connect to the wordpress instance.We allow port 3306 since through it the wordpress connects to the database .Due to increase in load we may have to create more than one instances and to avoid connecting each of them manually to the database we create a security group and keep it comon in all the instances of wordpress and write a rule to allow this security group while creating mysql security group.