WordPress on AWS - Terraform Deployment

Architecture

                    Internet
                       │
                       ▼
              ┌────────────────┐
              │      ALB       │  (Public Subnets)
              │    HTTPS/80    │
              └───────┬────────┘
                      │
        ┌─────────────┴─────────────┐
        ▼                           ▼
   ┌─────────┐                 ┌─────────┐
   │   EC2   │                 │   EC2   │  (Private Subnets)
   │  (ASG)  │                 │  (ASG)  │
   └────┬────┘                 └────┬────┘
        │                           │
        └─────────┬─────────────────┘
                  │
        ┌─────────┴─────────┐
        ▼                   ▼
   ┌─────────┐         ┌─────────┐
   │   EFS   │         │   RDS   │  (Database Subnets)
   │ (files) │         │ (MySQL) │
   └─────────┘         └─────────┘
                            ▲
                            │
                    ┌───────────────┐
                    │    Lambda     │  (Weekly maintenance)
                    └───────────────┘

Modules

Module	Purpose
networking	VPC, subnets, security groups, NAT/IGW
compute	ALB, ASG, EC2 launch template
rds	MySQL 8.0 database, Secrets Manager
efs	Shared file storage for WordPress
lambda	Scheduled DB maintenance

Configuration

Note: By default, Terraform state is stored locally. For production or team use, configure remote backend in backend.tf (e.g., S3, Terraform Cloud).

Key variables in terraform.tfvars:

• project_name - Resource naming prefix
• environment - Deployment environment
• aws_region - Target AWS region
• vpc_cidr - CIDR block for VPC
• availability_zones - List of AZs to use
• ec2_instance_type - Instance size
• asg_min_size / asg_max_size / asg_desired_capacity - ASG scaling settings
• rds_instance_class - Database size
• rds_allocated_storage - Database storage in GB
• database_name - WordPress database name
• backup_retention_period - RDS backup retention days
• maintenance_schedule - Lambda maintenance cron expression

Deploy

# Initialize
terraform init

# Review changes
terraform plan

# Deploy
terraform apply

Destroy

terraform destroy

Outputs

After deployment, Terraform outputs:

• alb_dns_name - ALB DNS name
• alb_url - Full URL to access WordPress
• rds_endpoint - Database endpoint
• rds_secret_arn - ARN of RDS credentials in Secrets Manager
• wordpress_admin_secret_arn - ARN of WordPress admin credentials secret
• wordpress_admin_username - WordPress admin username
• lambda_function_name - DB maintenance Lambda function name
• vpc_id - VPC ID
• efs_id - EFS file system ID
• efs_dns_name - EFS DNS name
• efs_access_point_id - EFS access point ID

Access WordPress: After deployment completes, open the alb_url output in your browser to access your WordPress site.