How to Deploy EC2 Instances in Multiple AZs, with a Load Balancer, and SSL Certificate in AWS with Terraform

In this story, we will learn how to build several components to create a good foundation base to deploy high available web applications in AWS.

We will deploy:

• Amazon Linux EC2 Instances in multiple AZs
• An Application Load Balancer (ALB) to distribute the load between these EC2
• ALB Target Group and Listeners for HTTP and HTTPS protocols
• Register DNS Records in Route 53
• Create an SSL certificate using AWS Certificate Manager

If you are interested in deploying similar workloads for internal applications (not accessible from the internet), please look at this story → How to Deploy EC2 Instances with an Internal Load Balancer, and ACM SSL Certificate in AWS with Terraform.

Prerequisite #1: AWS Credentials

Before creating our AWS EC2 Instance, we will need AWS Credentials to execute our Terraform code.

The AWS provider offers a few options for providing credentials for authentication:

• Static credentials
• Environment variables
• Shared credentials/configuration file

For this story, we will use static credentials. Please refer to the “How to create an IAM account and configure Terraform to use AWS static credentials?” story if you need help creating the credentials.

Note: Using static credentials are great for learning and testing; however, hard-coded credentials are not recommended in production environments. Never push hard-coded credentials to code repositories.

Prerequisite #2: AWS Key Pair

We will need an AWS Key Pair, consisting of a public key and a private key. The AWS Key Pair is a set of security credentials that we need to connect to an Amazon EC2 instance.

Amazon EC2 stores the public key on our instance, and we store the private key. For Linux instances, the private key allows us to securely SSH into our instance.