Posts

Day 25 - Terraform Import for Existing AWS Resources

Image
Today I worked on Terraform import as part of Day 25 of my AWS Terraform learning series. In real projects, not every AWS resource starts from Terraform. Some resources are created manually from the AWS Console. Some are created by older scripts. Some are created by different teams before Infrastructure as Code is adopted. Terraform import helps bring those existing resources into Terraform state so they can be managed going forward. For this project, I created a few AWS resources manually first, then imported them into Terraform. What I Built I used three existing AWS resources: S3 bucket EC2 instance Security group These resources were created outside Terraform first. Then I wrote Terraform configuration blocks for them and used terraform import to connect those real AWS resources to Terraform state. Architecture The workflow is simple: Existing AWS resources already exist in the AWS account. Terraform configuration defines matching resource blocks. terraform import m...
Post a Comment
Read more

Day 24 - Highly Available and Scalable Django Application on AWS using Terraform

Image
Today I worked on deploying a highly available and scalable Django application on AWS using Terraform. The goal of this project was to understand how production-style AWS infrastructure is designed across multiple Availability Zones while keeping the application secure, scalable, and resilient. Instead of deploying a single EC2 instance in a public subnet, this setup used private EC2 instances behind an Application Load Balancer. The infrastructure also included Auto Scaling Groups, NAT Gateways, route tables, security groups, and multi-AZ networking. Architecture Overview The infrastructure was deployed inside a custom VPC across two Availability Zones. Main components used: VPC with public and private subnets Internet Gateway NAT Gateways for outbound internet access Application Load Balancer Private EC2 instances Auto Scaling Group Dockerized Django application Terraform Infrastructure as Code VPC and Networking Design The VPC CIDR block used was: 10.0.0.0/...
Post a Comment
Read more

Day 23 - Building S3 Security & Operations Monitoring using Terraform, CloudTrail, CloudWatch and SNS

Image
For Day 23 of my AWS Terraform journey, I built a security monitoring solution for Amazon S3 using Terraform modules. The goal of this project was to monitor S3 object-level activity, detect suspicious access patterns, and send email alerts automatically using native AWS services. This project uses: Amazon S3 AWS CloudTrail Amazon CloudWatch Logs CloudWatch Metric Filters CloudWatch Alarms Amazon SNS Terraform Modules Project Objective The monitoring solution performs the following: Creates a monitored S3 bucket with a random suffix Captures S3 object-level API activity using CloudTrail Data Events Sends CloudTrail logs to CloudWatch Logs Uses Metric Filters to detect: AccessDenied or 403 errors Access to restricted prefixes such as private/* Triggers CloudWatch Alarms when suspicious activity is detected Sends email notifications through Amazon SNS Architecture Diagram This diagram should show: User accessing S3 bucket CloudTrail captu...
Post a Comment
Read more