So far, we have created a VPC with a single subnet. While we played around with master-slave instances and dependencies between them, these were just temporal changes to show how Terraform handles these use cases. Now it's time to add more meat to the template: let's create an instance, with a security group attached to it.

Let's say we have a web application named MightyTrousers and we need a server for this, protected from unwanted traffic by a security group:

resource "aws_security_group" "allow_http" { name = "allow_http" description = "Allow HTTP traffic" vpc_id = "${aws_vpc.my_vpc.id}" ingress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } egress { from_port = 0 to_port = 0 protocol ...