Internet
│
▼
┌────────────────┐
│ ALB │ (Public Subnets)
│ HTTPS/80 │
└───────┬────────┘
│
┌─────────────┴─────────────┐
▼ ▼
┌─────────┐ ┌─────────┐
│ EC2 │ │ EC2 │ (Private Subnets)
│ (ASG) │ │ (ASG) │
└────┬────┘ └────┬────┘
│ │
└─────────┬─────────────────┘
│
┌─────────┴─────────┐
▼ ▼
┌─────────┐ ┌─────────┐
│ EFS │ │ RDS │ (Database Subnets)
│ (files) │ │ (MySQL) │
└─────────┘ └─────────┘
▲
│
┌───────────────┐
│ Lambda │ (Weekly maintenance)
└───────────────┘
| Module | Purpose |
|---|---|
networking |
VPC, subnets, security groups, NAT/IGW |
compute |
ALB, ASG, EC2 launch template |
rds |
MySQL 8.0 database, Secrets Manager |
efs |
Shared file storage for WordPress |
lambda |
Scheduled DB maintenance |
Note: By default, Terraform state is stored locally. For production or team use, configure remote backend in
backend.tf(e.g., S3, Terraform Cloud).
Key variables in terraform.tfvars:
project_name- Resource naming prefixenvironment- Deployment environmentaws_region- Target AWS regionvpc_cidr- CIDR block for VPCavailability_zones- List of AZs to useec2_instance_type- Instance sizeasg_min_size/asg_max_size/asg_desired_capacity- ASG scaling settingsrds_instance_class- Database sizerds_allocated_storage- Database storage in GBdatabase_name- WordPress database namebackup_retention_period- RDS backup retention daysmaintenance_schedule- Lambda maintenance cron expression
# Initialize
terraform init
# Review changes
terraform plan
# Deploy
terraform applyterraform destroyAfter deployment, Terraform outputs:
alb_dns_name- ALB DNS namealb_url- Full URL to access WordPressrds_endpoint- Database endpointrds_secret_arn- ARN of RDS credentials in Secrets Managerwordpress_admin_secret_arn- ARN of WordPress admin credentials secretwordpress_admin_username- WordPress admin usernamelambda_function_name- DB maintenance Lambda function namevpc_id- VPC IDefs_id- EFS file system IDefs_dns_name- EFS DNS nameefs_access_point_id- EFS access point ID
Access WordPress: After deployment completes, open the
alb_urloutput in your browser to access your WordPress site.