Deploying a 3-Tier Architecture on AWS Using Terraform Modules

When it comes to Infrastructure as Code (IaC), one of the first tools that comes to mind is Terraform. Developed by HashiCorp, Terraform is widely adopted because of its simplicity, ease of installation, and support for multiple cloud providers.

In this blog post, I'll walk you through how to use Terraform modules to deploy a 3-tier architecture on AWS. By the end, you’ll understand how modular Terraform projects are structured and how to build reusable infrastructure components.

What is a Terraform Module?

A Terraform module is a collection of .tf files grouped together to perform a specific task or provision a particular resource. You can think of a module as a reusable template for deploying cloud infrastructure.

Terraform code is written in HCL (HashiCorp Configuration Language), which is human-readable and much easier to understand than languages like C or Java.

The primary purpose of using modules is to avoid code repetition and to promote reusability and maintainability in your infrastructure.

There are:

• Official AWS modules in the Terraform Registry
• Community-contributed modules
• And of course, custom modules you can write yourself

The 3-Tier Architecture We’re Deploying

In this project, we’ll deploy the following infrastructure on AWS:

• A VPC with public and private subnets
• An Internet Gateway for the public subnet
• A NAT Gateway for the private subnet
• EC2 Instances in each tier (Frontend, Backend, and Database)
• Security Groups and Network ACLs to control traffic rules

Here’s a simple breakdown of the three tiers:

📁 Project Folder Structure

Assuming Terraform is already installed on your machine (if not, check out Terraform installation guide), here’s how you should organize your project:

project-root/
│
├── main.tf
├── variables.tf
├── outputs.tf
├── provider.tf
│
└── modules/
    ├── vpc/
    ├── compute/
    └── network/

📝 Note: To keep the blog concise, I won’t paste all the code here. You can find the full source code in my GitHub repository.

🧠 What Each Terraform File Does

The module directories (like vpc, compute, and network) each contain .tf files that define the logic to deploy VPCs, EC2s, and other networking components.

📦 Understanding terraform.tfstate and terraform.tfstate.backup

Terraform keeps track of the infrastructure it manages using a file called terraform.tfstate. This file is critical because it:

• Stores the current state of your deployed infrastructure
• Allows Terraform to know what exists, what to create, update, or destroy

Now here’s where terraform.tfstate.backup comes in:

terraform.tfstate.backup is an automatic backup of your last good known state.

Whenever you run a command like terraform apply, Terraform creates a new terraform.tfstate and moves the previous version to terraform.tfstate.backup. This ensures that:

• If something goes wrong, you can manually restore the backup
• You don’t lose the entire state file due to corruption or interruption

💡 Best Practice: Never share your state file publicly. It often contains sensitive information like resource IDs, passwords, and more. Use remote backends (like S3 with encryption) for production environments.

Final Thoughts

Using Terraform modules makes your infrastructure more modular, scalable, and easy to maintain. Whether you're managing a simple EC2 instance or a full-blown 3-tier app on AWS, breaking your setup into logical modules helps avoid repetition and enhances reusability.

Let me know what you’d like to see next — maybe monitoring this infrastructure with Prometheus and Grafana? Or setting up CI/CD pipelines with GitHub Actions?

🔗 Full Source Code

GitHub Repository – 3-Tier Architecture with Terraform

If you found this post helpful, feel free to like, share, or leave a comment. You can connect with me on LinkedIn for more DevOps and cloud tips!