Skip to content

vidalme/proto3

BranchesTags

Repository files navigation

AWS Infrastructure Automation with Boto3

A Python-based Infrastructure as Code (IaC) project that automates the provisioning and management of AWS resources using Boto3. This project creates a complete multi-tier application infrastructure on AWS, including VPC, subnets, security groups, and EC2 instances.

🏗️ Architecture Overview

This project creates a complete AWS infrastructure stack with:

  • VPC with custom CIDR block
  • Internet Gateway for internet access
  • 4 Subnets across multiple availability zones
  • Route Tables with public routing configuration
  • Security Groups for frontend and backend tiers
  • EC2 Instances distributed across subnets with alternating security group assignments
  • Key Pairs for secure SSH access

📋 Prerequisites

  • Python 3.8+
  • AWS CLI configured with appropriate credentials
  • An AWS account with necessary permissions for EC2, VPC operations

🚀 Quick Start

1. Install Dependencies

pip install -r requirements.txt

2. Environment Configuration

Create a .env file in the project root with the following variables:

AWS_REGION=us-east-1
PROJECT=proto3
AUTHOR=Your Name
ENV=dev
VPC_CIDR=10.0.0.0/20
EC2_AMI_ID=ami-020cba7c55df1f615
EC2_INSTANCE_TYPE=t2.micro
EC2_KEY_PAIR_NAME=proto3-key

3. Provision Infrastructure

python application_stack_provision.py

4. Destroy Infrastructure

python application_stack_destroy.py

📁 Project Structure

proto3/
├── application_stack_provision.py  # Main provisioning script
├── application_stack_destroy.py    # Main destruction script
├── vpc.py                         # VPC management
├── internet_gateway.py            # Internet Gateway operations
├── subnet.py                      # Subnet creation and management
├── route_table.py                 # Route table configuration
├── security_group.py              # Security group rules
├── ec2.py                         # EC2 instance management
├── state.py                       # State management (WIP)
├── requirements.txt               # Python dependencies
├── utils/
│   ├── tagger.py                  # Resource tagging utilities
│   └── region_azs.py              # Availability zone helpers
└── .env                           # Environment configuration

🔧 Core Components

VPC Module (vpc.py)

  • Creates VPC with configurable CIDR block
  • Implements existence checking to prevent duplicates
  • Handles VPC deletion with safety checks for default VPC

Security Groups (security_group.py)

  • Frontend Security Group: SSH (22) and HTTP (80) access
  • Backend Security Group: MySQL (3306) access from frontend tier
  • Implements proper security group dependencies

EC2 Management (ec2.py)

  • Creates EC2 instances across multiple subnets
  • Alternates between frontend and backend security groups
  • Automatic key pair generation with ED25519 encryption
  • Configurable instance types and AMI IDs

Subnet Configuration (subnet.py)

  • Creates 4 subnets with predefined CIDR blocks:
    • 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24
  • Distributes subnets across available availability zones
  • Implements duplicate checking

Route Tables (route_table.py)

  • Creates public route table with internet gateway routing
  • Associates even-numbered subnets with public routing
  • Supports future private subnet implementation

🏷️ Resource Tagging

All resources are automatically tagged with:

  • project: Project identifier
  • author: Resource creator
  • env: Environment (dev/staging/prod)
  • Name: Descriptive resource name

⚠️ Important Notes

Resource Dependencies

The provisioning order is critical for successful deployment:

  1. VPC
  2. Internet Gateway
  3. Subnets
  4. Route Tables
  5. Security Groups
  6. EC2 Instances

Destruction Order

Resources must be destroyed in reverse order to avoid dependency conflicts:

  1. EC2 Instances
  2. Security Groups
  3. Route Tables
  4. Subnets
  5. Internet Gateway
  6. VPC

Cost Management

  • ⚠️ FINOPS WARNING: Always run the destroy script after testing to avoid unnecessary AWS charges
  • Default instance type is t2.micro (eligible for AWS Free Tier)
  • EBS volumes are configured with 100GB storage

🔄 State Management

The project includes a basic state management module (state.py) for future implementation of:

  • Resource state tracking
  • Dependency management
  • Rollback capabilities

🛡️ Security Features

  • ED25519 key pairs for enhanced SSH security
  • Layered security groups with principle of least privilege
  • Backend tier isolated from direct internet access
  • Configurable CIDR blocks for network segmentation

🔍 Monitoring and Logging

  • Comprehensive console logging for all operations
  • Error handling with detailed exception messages
  • Resource ID tracking throughout the lifecycle

🤝 Contributing

This project follows a modular architecture. When adding new AWS services:

  1. Create a dedicated module file
  2. Implement both create and destroy functions
  3. Add proper error handling and logging
  4. Include resource tagging using the tagit() utility
  5. Update the main provision/destroy scripts

📚 AWS Resources Created

Resource Type Count Configuration
VPC 1 Custom CIDR
Internet Gateway 1 Attached to VPC
Subnets 4 Multi-AZ distribution
Route Tables 1 Public routing
Security Groups 2 Frontend/Backend tiers
EC2 Instances 4 Distributed across subnets
Key Pairs 1 ED25519 encryption

📄 License

This project is for educational and development purposes. Please ensure you comply with AWS terms of service and your organization's cloud policies.

About

AWS Infrastructure Automation with Boto3

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages