Skip to content
DevOps Projects

Two-Tier AWS Infrastructure with Terraform

Costmedium
Deployability iac ready
Status cloud lab
Validation terraform fmt -check
Terraform EC2 VPC aws terraform
Use the guide first.

The full learning guide is on this page. Open the repository files only when a step asks you to inspect code, fork the project, or download raw assets.

Read safety guide Project files on GitHub

Project Guide

Section titled “Project Guide”

LinkedIn GitHub AWS Terraform

two-tier

Overview

Section titled “Overview”

Welcome to the Terraform project for deploying a Two-Tier architecture on AWS! This project adopts a modular and security-enhanced approach to create a scalable and maintainable infrastructure.

Features

Section titled “Features”
  • Modular Structure: The project is organized into dedicated modules for each AWS service, promoting reusability and maintainability.
  • Security Focus: Utilize IAM roles and policies to ensure a secure infrastructure.
  • Infrastructure as Code (IaC): Deploy and manage your infrastructure using Terraform, enabling version control and reproducibility.
  • Service-Specific Modules: Each module corresponds to a specific AWS service, allowing for targeted management.

🛡️ 2026 DevSecOps Enhancements (What You Will Learn)

Section titled “🛡️ 2026 DevSecOps Enhancements (What You Will Learn)”

This repository’s Terraform modules have been hardened to comply with 2026 AWS Security architectural standards. Note the following improvements:

  1. Zero Trust EC2 Ingress: The web-tier-sg no longer allows open 0.0.0.0/0 ingress on ports 80/443. The web instances strictly accept traffic downstream from the Application Load Balancer Security Group.
  2. Encrypted RDS at Rest: The aws-rds module explicitly enforces storage_encrypted = true on the database cluster to comply with modern data residency regulations.

Getting Started

Section titled “Getting Started”

Follow these steps to deploy the Two-Tier architecture:

  1. Clone the Repository:

    Terminal window
    git clone https://github.com/DevCloudNinjas/DevOps-Projects
    cd DevOps-Projects/project-11-aws-2tier-terraform/

  2. Plan and Apply:

    Terminal window
    terraform init
    terraform plan -var-file=variables.tfvars
    terraform apply -var-file=variables.tfvars --auto-approve

  3. Cleanup: When done the exploration, run the following to destroy the infrastructure

    Terminal window
    terraform destroy -var-file=variables.tfvars --auto-approve

Project Highlights

Section titled “Project Highlights”

  • VPC: The Foundation: Create a robust Virtual Private Cloud (VPC) to establish a secure and isolated environment for your application.

  • Load Balancing Magic: Harness the power of the Application Load Balancer (ALB) to intelligently distribute incoming traffic across multiple EC2 instances, ensuring optimal performance and high availability.

  • Auto Scaling Wonders: Leverage the Auto Scaling Group to dynamically adjust the number of EC2 instances based on demand. This ensures your application scales seamlessly, providing resilience and cost efficiency.

  • Database Sorcery: Dive into the world of managed databases with Amazon RDS. Easily deploy, scale, and manage relational databases without the operational overhead.

  • DNS Mastery: Achieve domain registration and DNS management excellence with Amazon Route 53. Seamlessly connect your applications to the internet while ensuring high availability and low-latency responses.

  • Web Application Firewall (WAF) Protection: Safeguard your applications from web exploits and ensure a secure user experience with AWS WAF, a web application firewall that helps protect your web applications from common web exploits.

  • Content Delivery Network (CDN) Acceleration: Boost the delivery of your content globally with a Content Delivery Network. Accelerate load times, enhance user experience, and reduce latency using Amazon CloudFront.

  • SSL Certificate Management with ACM: Ensure secure communication between your users and the application with Amazon Certificate Manager (ACM). Easily provision, manage, and deploy SSL/TLS certificates.

  • IAM for Robust Security: Implement robust security measures with Identity and Access Management (IAM). Define granular permissions and access controls to secure your AWS resources.

  • Infrastructure as Code (IaC) Excellence: Embrace Infrastructure as Code (IaC) with Terraform, facilitating the provisioning and management of AWS resources in a declarative and scalable manner.

These project highlights showcase the comprehensive AWS services integrated into the Two-Tier architecture, providing a solid foundation for your applications with security, scalability, and performance at the forefront.

Detailed Guide

Section titled “Detailed Guide”

For an in-depth walkthrough of the project, check out the detailed guide on Hashnode.

Connect with Me

Section titled “Connect with Me”

Contributions

Section titled “Contributions”

Feel free to contribute and adapt this project to suit your needs. We welcome your ideas and improvements.

License

Section titled “License”

This project is licensed under the MIT License.