diff --git a/README.md b/README.md index 3aa5149..c27ab2e 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,10 @@ * These files are part of my Udemy course about Terraform * Course URL: https://www.udemy.com/learn-devops-infrastructure-automation-with-terraform/?couponCode=TERRAFORM_GIT +# Compatibility + +* This is the >=terraform-0.12 branch. For compatibility with older versions, use the terraform-0.11 branch. + # Demo overview Demo Directory | Description ------------ | ------------- diff --git a/demo-1/instance.tf b/demo-1/instance.tf index d2a78b5..4de24ff 100644 --- a/demo-1/instance.tf +++ b/demo-1/instance.tf @@ -1,4 +1,5 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" } + diff --git a/demo-1/provider.tf b/demo-1/provider.tf index 9f26b63..696b517 100644 --- a/demo-1/provider.tf +++ b/demo-1/provider.tf @@ -1,6 +1,6 @@ provider "aws" { - access_key = "${var.AWS_ACCESS_KEY}" - secret_key = "${var.AWS_SECRET_KEY}" - region = "${var.AWS_REGION}" + access_key = var.AWS_ACCESS_KEY + secret_key = var.AWS_SECRET_KEY + region = var.AWS_REGION } diff --git a/demo-1/vars.tf b/demo-1/vars.tf index 1a0b3dc..5dc7c2d 100644 --- a/demo-1/vars.tf +++ b/demo-1/vars.tf @@ -1,13 +1,19 @@ -variable "AWS_ACCESS_KEY" {} -variable "AWS_SECRET_KEY" {} +variable "AWS_ACCESS_KEY" { +} + +variable "AWS_SECRET_KEY" { +} + variable "AWS_REGION" { default = "eu-west-1" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-0d729a60" } } + diff --git a/demo-1/versions.tf b/demo-1/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-1/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-10/cloudinit.tf b/demo-10/cloudinit.tf index 5e04888..4c0b056 100644 --- a/demo-10/cloudinit.tf +++ b/demo-10/cloudinit.tf @@ -1,29 +1,30 @@ data "template_file" "init-script" { - template = "${file("scripts/init.cfg")}" - vars { - REGION = "${var.AWS_REGION}" + template = file("scripts/init.cfg") + vars = { + REGION = var.AWS_REGION } } -data "template_file" "shell-script" { - template = "${file("scripts/volumes.sh")}" - vars { - DEVICE = "${var.INSTANCE_DEVICE_NAME}" - } -} -data "template_cloudinit_config" "cloudinit-example" { - gzip = false +data "template_file" "shell-script" { + template = file("scripts/volumes.sh") + vars = { + DEVICE = var.INSTANCE_DEVICE_NAME + } +} + +data "template_cloudinit_config" "cloudinit-example" { + gzip = false base64_encode = false part { filename = "init.cfg" content_type = "text/cloud-config" - content = "${data.template_file.init-script.rendered}" + content = data.template_file.init-script.rendered } part { content_type = "text/x-shellscript" - content = "${data.template_file.shell-script.rendered}" + content = data.template_file.shell-script.rendered } - } + diff --git a/demo-10/instance.tf b/demo-10/instance.tf index ad7b32b..4a065b6 100644 --- a/demo-10/instance.tf +++ b/demo-10/instance.tf @@ -1,33 +1,32 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" # the VPC subnet - subnet_id = "${aws_subnet.main-public-1.id}" + subnet_id = aws_subnet.main-public-1.id # the security group - vpc_security_group_ids = ["${aws_security_group.allow-ssh.id}"] + vpc_security_group_ids = [aws_security_group.allow-ssh.id] # the public SSH key - key_name = "${aws_key_pair.mykeypair.key_name}" + key_name = aws_key_pair.mykeypair.key_name # user data - user_data = "${data.template_cloudinit_config.cloudinit-example.rendered}" - + user_data = data.template_cloudinit_config.cloudinit-example.rendered } resource "aws_ebs_volume" "ebs-volume-1" { - availability_zone = "eu-west-1a" - size = 20 - type = "gp2" - tags { - Name = "extra volume data" - } + availability_zone = "eu-west-1a" + size = 20 + type = "gp2" + tags = { + Name = "extra volume data" + } } resource "aws_volume_attachment" "ebs-volume-1-attachment" { - device_name = "${var.INSTANCE_DEVICE_NAME}" - volume_id = "${aws_ebs_volume.ebs-volume-1.id}" - instance_id = "${aws_instance.example.id}" + device_name = var.INSTANCE_DEVICE_NAME + volume_id = aws_ebs_volume.ebs-volume-1.id + instance_id = aws_instance.example.id } diff --git a/demo-10/key.tf b/demo-10/key.tf index 0d3c220..58b093f 100644 --- a/demo-10/key.tf +++ b/demo-10/key.tf @@ -1,4 +1,5 @@ resource "aws_key_pair" "mykeypair" { - key_name = "mykeypair" - public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" + key_name = "mykeypair" + public_key = file(var.PATH_TO_PUBLIC_KEY) } + diff --git a/demo-10/provider.tf b/demo-10/provider.tf index ded6d8c..7925c73 100644 --- a/demo-10/provider.tf +++ b/demo-10/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-10/securitygroup.tf b/demo-10/securitygroup.tf index 05c0e12..1ec204b 100644 --- a/demo-10/securitygroup.tf +++ b/demo-10/securitygroup.tf @@ -1,21 +1,22 @@ resource "aws_security_group" "allow-ssh" { - vpc_id = "${aws_vpc.main.id}" - name = "allow-ssh" + vpc_id = aws_vpc.main.id + name = "allow-ssh" description = "security group that allows ssh and all egress traffic" egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -tags { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { Name = "allow-ssh" } } + diff --git a/demo-10/vars.tf b/demo-10/vars.tf index 179eca7..b9430d1 100644 --- a/demo-10/vars.tf +++ b/demo-10/vars.tf @@ -1,20 +1,25 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + variable "INSTANCE_DEVICE_NAME" { default = "/dev/xvdh" } + diff --git a/demo-10/versions.tf b/demo-10/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-10/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-10/vpc.tf b/demo-10/vpc.tf index 1325feb..4e9d809 100644 --- a/demo-10/vpc.tf +++ b/demo-10/vpc.tf @@ -1,110 +1,117 @@ # Internet VPC resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - instance_tenancy = "default" - enable_dns_support = "true" - enable_dns_hostnames = "true" - enable_classiclink = "false" - tags { - Name = "main" - } + cidr_block = "10.0.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + enable_dns_hostnames = "true" + enable_classiclink = "false" + tags = { + Name = "main" + } } - # Subnets resource "aws_subnet" "main-public-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1a" - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } + resource "aws_subnet" "main-public-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.2.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1b" - tags { - Name = "main-public-2" - } + tags = { + Name = "main-public-2" + } } + resource "aws_subnet" "main-public-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.3.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1c" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.3.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1c" - tags { - Name = "main-public-3" - } + tags = { + Name = "main-public-3" + } } + resource "aws_subnet" "main-private-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.4.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.4.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1a" - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + resource "aws_subnet" "main-private-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.5.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.5.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1b" - tags { - Name = "main-private-2" - } + tags = { + Name = "main-private-2" + } } -resource "aws_subnet" "main-private-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.6.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1c" - tags { - Name = "main-private-3" - } +resource "aws_subnet" "main-private-3" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.6.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1c" + + tags = { + Name = "main-private-3" + } } # Internet GW resource "aws_internet_gateway" "main-gw" { - vpc_id = "${aws_vpc.main.id}" + vpc_id = aws_vpc.main.id - tags { - Name = "main" - } + tags = { + Name = "main" + } } # route tables resource "aws_route_table" "main-public" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.main-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main-gw.id + } - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } # route associations public resource "aws_route_table_association" "main-public-1-a" { - subnet_id = "${aws_subnet.main-public-1.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-1.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-2-a" { - subnet_id = "${aws_subnet.main-public-2.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-2.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-3-a" { - subnet_id = "${aws_subnet.main-public-3.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-3.id + route_table_id = aws_route_table.main-public.id } + diff --git a/demo-11/provider.tf b/demo-11/provider.tf index ded6d8c..7925c73 100644 --- a/demo-11/provider.tf +++ b/demo-11/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-11/route53.tf b/demo-11/route53.tf index b4d26de..2ec049d 100644 --- a/demo-11/route53.tf +++ b/demo-11/route53.tf @@ -1,34 +1,38 @@ resource "aws_route53_zone" "newtech-academy" { - name = "newtech.academy" + name = "newtech.academy" } + resource "aws_route53_record" "server1-record" { - zone_id = "${aws_route53_zone.newtech-academy.zone_id}" - name = "server1.newtech.academy" - type = "A" - ttl = "300" - records = ["104.236.247.8"] + zone_id = aws_route53_zone.newtech-academy.zone_id + name = "server1.newtech.academy" + type = "A" + ttl = "300" + records = ["104.236.247.8"] } + resource "aws_route53_record" "www-record" { - zone_id = "${aws_route53_zone.newtech-academy.zone_id}" - name = "www.newtech.academy" - type = "A" - ttl = "300" - records = ["104.236.247.8"] + zone_id = aws_route53_zone.newtech-academy.zone_id + name = "www.newtech.academy" + type = "A" + ttl = "300" + records = ["104.236.247.8"] } + resource "aws_route53_record" "mail1-record" { - zone_id = "${aws_route53_zone.newtech-academy.zone_id}" - name = "newtech.academy" - type = "MX" - ttl = "300" - records = [ - "1 aspmx.l.google.com.", - "5 alt1.aspmx.l.google.com.", - "5 alt2.aspmx.l.google.com.", - "10 aspmx2.googlemail.com.", - "10 aspmx3.googlemail.com." - ] + zone_id = aws_route53_zone.newtech-academy.zone_id + name = "newtech.academy" + type = "MX" + ttl = "300" + records = [ + "1 aspmx.l.google.com.", + "5 alt1.aspmx.l.google.com.", + "5 alt2.aspmx.l.google.com.", + "10 aspmx2.googlemail.com.", + "10 aspmx3.googlemail.com.", + ] } output "ns-servers" { - value = "${aws_route53_zone.newtech-academy.name_servers}" + value = aws_route53_zone.newtech-academy.name_servers } + diff --git a/demo-11/vars.tf b/demo-11/vars.tf index 7c29d8c..ac7990c 100644 --- a/demo-11/vars.tf +++ b/demo-11/vars.tf @@ -1,3 +1,4 @@ variable "AWS_REGION" { default = "eu-west-1" } + diff --git a/demo-11/versions.tf b/demo-11/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-11/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-12/instance.tf b/demo-12/instance.tf index d3abc89..8e57338 100644 --- a/demo-12/instance.tf +++ b/demo-12/instance.tf @@ -1,14 +1,14 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" # the VPC subnet - subnet_id = "${aws_subnet.main-public-1.id}" + subnet_id = aws_subnet.main-public-1.id # the security group - vpc_security_group_ids = ["${aws_security_group.example-instance.id}"] + vpc_security_group_ids = [aws_security_group.example-instance.id] # the public SSH key - key_name = "${aws_key_pair.mykeypair.key_name}" - + key_name = aws_key_pair.mykeypair.key_name } + diff --git a/demo-12/key.tf b/demo-12/key.tf index 0d3c220..58b093f 100644 --- a/demo-12/key.tf +++ b/demo-12/key.tf @@ -1,4 +1,5 @@ resource "aws_key_pair" "mykeypair" { - key_name = "mykeypair" - public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" + key_name = "mykeypair" + public_key = file(var.PATH_TO_PUBLIC_KEY) } + diff --git a/demo-12/output.tf b/demo-12/output.tf index b698a6b..079b025 100644 --- a/demo-12/output.tf +++ b/demo-12/output.tf @@ -1,6 +1,8 @@ output "instance" { - value = "${aws_instance.example.public_ip}" + value = aws_instance.example.public_ip } + output "rds" { - value = "${aws_db_instance.mariadb.endpoint}" + value = aws_db_instance.mariadb.endpoint } + diff --git a/demo-12/provider.tf b/demo-12/provider.tf index ded6d8c..7925c73 100644 --- a/demo-12/provider.tf +++ b/demo-12/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-12/rds.tf b/demo-12/rds.tf index 21f4a73..9aee3c6 100644 --- a/demo-12/rds.tf +++ b/demo-12/rds.tf @@ -1,40 +1,39 @@ resource "aws_db_subnet_group" "mariadb-subnet" { - name = "mariadb-subnet" - description = "RDS subnet group" - subnet_ids = ["${aws_subnet.main-private-1.id}","${aws_subnet.main-private-2.id}"] + name = "mariadb-subnet" + description = "RDS subnet group" + subnet_ids = [aws_subnet.main-private-1.id, aws_subnet.main-private-2.id] } resource "aws_db_parameter_group" "mariadb-parameters" { - name = "mariadb-parameters" - family = "mariadb10.1" - description = "MariaDB parameter group" + name = "mariadb-parameters" + family = "mariadb10.1" + description = "MariaDB parameter group" - parameter { - name = "max_allowed_packet" - value = "16777216" - } - -} - - -resource "aws_db_instance" "mariadb" { - allocated_storage = 100 # 100 GB of storage, gives us more IOPS than a lower number - engine = "mariadb" - engine_version = "10.1.14" - instance_class = "db.t2.small" # use micro if you want to use the free tier - identifier = "mariadb" - name = "mariadb" - username = "root" # username - password = "${var.RDS_PASSWORD}" # password - db_subnet_group_name = "${aws_db_subnet_group.mariadb-subnet.name}" - parameter_group_name = "${aws_db_parameter_group.mariadb-parameters.name}" - multi_az = "false" # set to true to have high availability: 2 instances synchronized with each other - vpc_security_group_ids = ["${aws_security_group.allow-mariadb.id}"] - storage_type = "gp2" - backup_retention_period = 30 # how long you’re going to keep your backups - availability_zone = "${aws_subnet.main-private-1.availability_zone}" # prefered AZ - skip_final_snapshot = true # skip final snapshot when doing terraform destroy - tags { - Name = "mariadb-instance" + parameter { + name = "max_allowed_packet" + value = "16777216" } } + +resource "aws_db_instance" "mariadb" { + allocated_storage = 100 # 100 GB of storage, gives us more IOPS than a lower number + engine = "mariadb" + engine_version = "10.1.14" + instance_class = "db.t2.small" # use micro if you want to use the free tier + identifier = "mariadb" + name = "mariadb" + username = "root" # username + password = var.RDS_PASSWORD # password + db_subnet_group_name = aws_db_subnet_group.mariadb-subnet.name + parameter_group_name = aws_db_parameter_group.mariadb-parameters.name + multi_az = "false" # set to true to have high availability: 2 instances synchronized with each other + vpc_security_group_ids = [aws_security_group.allow-mariadb.id] + storage_type = "gp2" + backup_retention_period = 30 # how long you’re going to keep your backups + availability_zone = aws_subnet.main-private-1.availability_zone # prefered AZ + skip_final_snapshot = true # skip final snapshot when doing terraform destroy + tags = { + Name = "mariadb-instance" + } +} + diff --git a/demo-12/securitygroup.tf b/demo-12/securitygroup.tf index ab7eca5..ff881b3 100644 --- a/demo-12/securitygroup.tf +++ b/demo-12/securitygroup.tf @@ -1,43 +1,43 @@ resource "aws_security_group" "example-instance" { - vpc_id = "${aws_vpc.main.id}" - name = "allow-ssh" + vpc_id = aws_vpc.main.id + name = "allow-ssh" description = "security group that allows ssh and all egress traffic" egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -tags { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { Name = "example-instance" } } resource "aws_security_group" "allow-mariadb" { - vpc_id = "${aws_vpc.main.id}" - name = "allow-mariadb" + vpc_id = aws_vpc.main.id + name = "allow-mariadb" description = "allow-mariadb" ingress { - from_port = 3306 - to_port = 3306 - protocol = "tcp" - security_groups = ["${aws_security_group.example-instance.id}"] # allowing access from our example instance + from_port = 3306 + to_port = 3306 + protocol = "tcp" + security_groups = [aws_security_group.example-instance.id] # allowing access from our example instance } egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - self = true + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + self = true } - tags { + tags = { Name = "allow-mariadb" } } diff --git a/demo-12/vars.tf b/demo-12/vars.tf index d4a15c5..0397cbb 100644 --- a/demo-12/vars.tf +++ b/demo-12/vars.tf @@ -1,18 +1,24 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } -variable "RDS_PASSWORD" { } + +variable "RDS_PASSWORD" { +} + diff --git a/demo-12/versions.tf b/demo-12/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-12/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-12/vpc.tf b/demo-12/vpc.tf index 1325feb..4e9d809 100644 --- a/demo-12/vpc.tf +++ b/demo-12/vpc.tf @@ -1,110 +1,117 @@ # Internet VPC resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - instance_tenancy = "default" - enable_dns_support = "true" - enable_dns_hostnames = "true" - enable_classiclink = "false" - tags { - Name = "main" - } + cidr_block = "10.0.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + enable_dns_hostnames = "true" + enable_classiclink = "false" + tags = { + Name = "main" + } } - # Subnets resource "aws_subnet" "main-public-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1a" - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } + resource "aws_subnet" "main-public-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.2.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1b" - tags { - Name = "main-public-2" - } + tags = { + Name = "main-public-2" + } } + resource "aws_subnet" "main-public-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.3.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1c" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.3.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1c" - tags { - Name = "main-public-3" - } + tags = { + Name = "main-public-3" + } } + resource "aws_subnet" "main-private-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.4.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.4.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1a" - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + resource "aws_subnet" "main-private-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.5.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.5.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1b" - tags { - Name = "main-private-2" - } + tags = { + Name = "main-private-2" + } } -resource "aws_subnet" "main-private-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.6.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1c" - tags { - Name = "main-private-3" - } +resource "aws_subnet" "main-private-3" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.6.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1c" + + tags = { + Name = "main-private-3" + } } # Internet GW resource "aws_internet_gateway" "main-gw" { - vpc_id = "${aws_vpc.main.id}" + vpc_id = aws_vpc.main.id - tags { - Name = "main" - } + tags = { + Name = "main" + } } # route tables resource "aws_route_table" "main-public" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.main-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main-gw.id + } - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } # route associations public resource "aws_route_table_association" "main-public-1-a" { - subnet_id = "${aws_subnet.main-public-1.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-1.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-2-a" { - subnet_id = "${aws_subnet.main-public-2.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-2.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-3-a" { - subnet_id = "${aws_subnet.main-public-3.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-3.id + route_table_id = aws_route_table.main-public.id } + diff --git a/demo-13/iam.tf b/demo-13/iam.tf index fe6b296..2553895 100644 --- a/demo-13/iam.tf +++ b/demo-13/iam.tf @@ -1,28 +1,33 @@ # group definition resource "aws_iam_group" "administrators" { - name = "administrators" + name = "administrators" } + resource "aws_iam_policy_attachment" "administrators-attach" { - name = "administrators-attach" - groups = ["${aws_iam_group.administrators.name}"] - policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" + name = "administrators-attach" + groups = [aws_iam_group.administrators.name] + policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" } + # user resource "aws_iam_user" "admin1" { - name = "admin1" + name = "admin1" } + resource "aws_iam_user" "admin2" { - name = "admin2" + name = "admin2" } + resource "aws_iam_group_membership" "administrators-users" { - name = "administrators-users" - users = [ - "${aws_iam_user.admin1.name}", - "${aws_iam_user.admin2.name}", - ] - group = "${aws_iam_group.administrators.name}" + name = "administrators-users" + users = [ + aws_iam_user.admin1.name, + aws_iam_user.admin2.name, + ] + group = aws_iam_group.administrators.name } output "warning" { - value = "WARNING: make sure you're not using the AdministratorAccess policy for other users/groups/roles. If this is the case, don't run terraform destroy, but manually unlink the created resources" + value = "WARNING: make sure you're not using the AdministratorAccess policy for other users/groups/roles. If this is the case, don't run terraform destroy, but manually unlink the created resources" } + diff --git a/demo-13/provider.tf b/demo-13/provider.tf index ded6d8c..7925c73 100644 --- a/demo-13/provider.tf +++ b/demo-13/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-13/vars.tf b/demo-13/vars.tf index 7c29d8c..ac7990c 100644 --- a/demo-13/vars.tf +++ b/demo-13/vars.tf @@ -1,3 +1,4 @@ variable "AWS_REGION" { default = "eu-west-1" } + diff --git a/demo-13/versions.tf b/demo-13/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-13/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-14/iam.tf b/demo-14/iam.tf index bf2f55b..32ce49a 100644 --- a/demo-14/iam.tf +++ b/demo-14/iam.tf @@ -1,6 +1,6 @@ resource "aws_iam_role" "s3-mybucket-role" { - name = "s3-mybucket-role" - assume_role_policy = < net user ${var.INSTANCE_USERNAME} '${var.INSTANCE_PASSWORD}' /add /y net localgroup administrators ${var.INSTANCE_USERNAME} /add @@ -27,6 +27,7 @@ net start winrm EOF + provisioner "file" { source = "test.txt" destination = "C:/test.txt" @@ -35,7 +36,8 @@ EOF host = coalesce(self.public_ip, self.private_ip) type = "winrm" timeout = "10m" - user = "${var.INSTANCE_USERNAME}" - password = "${var.INSTANCE_PASSWORD}" + user = var.INSTANCE_USERNAME + password = var.INSTANCE_PASSWORD } } + diff --git a/demo-3/instance.tf b/demo-3/instance.tf index 2623cd0..6511ddf 100644 --- a/demo-3/instance.tf +++ b/demo-3/instance.tf @@ -1,10 +1,12 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" provisioner "local-exec" { - command = "echo ${aws_instance.example.private_ip} >> private_ips.txt" + command = "echo ${aws_instance.example.private_ip} >> private_ips.txt" } } + output "ip" { - value = "${aws_instance.example.public_ip}" + value = aws_instance.example.public_ip } + diff --git a/demo-3/provider.tf b/demo-3/provider.tf index 9f26b63..696b517 100644 --- a/demo-3/provider.tf +++ b/demo-3/provider.tf @@ -1,6 +1,6 @@ provider "aws" { - access_key = "${var.AWS_ACCESS_KEY}" - secret_key = "${var.AWS_SECRET_KEY}" - region = "${var.AWS_REGION}" + access_key = var.AWS_ACCESS_KEY + secret_key = var.AWS_SECRET_KEY + region = var.AWS_REGION } diff --git a/demo-3/vars.tf b/demo-3/vars.tf index 2138359..b3c441c 100644 --- a/demo-3/vars.tf +++ b/demo-3/vars.tf @@ -1,13 +1,19 @@ -variable "AWS_ACCESS_KEY" {} -variable "AWS_SECRET_KEY" {} +variable "AWS_ACCESS_KEY" { +} + +variable "AWS_SECRET_KEY" { +} + variable "AWS_REGION" { default = "eu-west-1" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + diff --git a/demo-3/versions.tf b/demo-3/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-3/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-4/instance.tf b/demo-4/instance.tf index 2623cd0..6511ddf 100644 --- a/demo-4/instance.tf +++ b/demo-4/instance.tf @@ -1,10 +1,12 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" provisioner "local-exec" { - command = "echo ${aws_instance.example.private_ip} >> private_ips.txt" + command = "echo ${aws_instance.example.private_ip} >> private_ips.txt" } } + output "ip" { - value = "${aws_instance.example.public_ip}" + value = aws_instance.example.public_ip } + diff --git a/demo-4/provider.tf b/demo-4/provider.tf index ded6d8c..7925c73 100644 --- a/demo-4/provider.tf +++ b/demo-4/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-4/vars.tf b/demo-4/vars.tf index 504ec30..4d189e0 100644 --- a/demo-4/vars.tf +++ b/demo-4/vars.tf @@ -1,11 +1,13 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + diff --git a/demo-4/versions.tf b/demo-4/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-4/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-5/provider.tf b/demo-5/provider.tf index ded6d8c..7925c73 100644 --- a/demo-5/provider.tf +++ b/demo-5/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-5/securitygroup.tf b/demo-5/securitygroup.tf index 2be2f8f..4de36a9 100644 --- a/demo-5/securitygroup.tf +++ b/demo-5/securitygroup.tf @@ -1,20 +1,20 @@ data "aws_ip_ranges" "european_ec2" { - regions = [ "eu-west-1", "eu-central-1" ] - services = [ "ec2" ] + regions = ["eu-west-1", "eu-central-1"] + services = ["ec2"] } resource "aws_security_group" "from_europe" { - name = "from_europe" + name = "from_europe" ingress { - from_port = "443" - to_port = "443" - protocol = "tcp" - cidr_blocks = [ "${data.aws_ip_ranges.european_ec2.cidr_blocks}" ] + from_port = "443" + to_port = "443" + protocol = "tcp" + cidr_blocks = data.aws_ip_ranges.european_ec2.cidr_blocks } - tags { - CreateDate = "${data.aws_ip_ranges.european_ec2.create_date}" - SyncToken = "${data.aws_ip_ranges.european_ec2.sync_token}" + tags = { + CreateDate = data.aws_ip_ranges.european_ec2.create_date + SyncToken = data.aws_ip_ranges.european_ec2.sync_token } - } + diff --git a/demo-5/vars.tf b/demo-5/vars.tf index 504ec30..4d189e0 100644 --- a/demo-5/vars.tf +++ b/demo-5/vars.tf @@ -1,11 +1,13 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + diff --git a/demo-5/versions.tf b/demo-5/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-5/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-6/default_vpc.tf b/demo-6/default_vpc.tf index 5a6030a..3ab8369 100644 --- a/demo-6/default_vpc.tf +++ b/demo-6/default_vpc.tf @@ -4,30 +4,33 @@ # default VPC resource "aws_default_vpc" "default" { - tags { - Name = "Default VPC" - } + tags = { + Name = "Default VPC" + } } # default subnets resource "aws_default_subnet" "default_az1" { availability_zone = "${var.AWS_REGION}a" - tags { - Name = "Default subnet for ${var.AWS_REGION}a" - } + tags = { + Name = "Default subnet for ${var.AWS_REGION}a" + } } + resource "aws_default_subnet" "default_az2" { availability_zone = "${var.AWS_REGION}b" - tags { - Name = "Default subnet for ${var.AWS_REGION}b" - } + tags = { + Name = "Default subnet for ${var.AWS_REGION}b" + } } + resource "aws_default_subnet" "default_az3" { availability_zone = "${var.AWS_REGION}c" - tags { - Name = "Default subnet for ${var.AWS_REGION}c" - } + tags = { + Name = "Default subnet for ${var.AWS_REGION}c" + } } + diff --git a/demo-6/key.tf b/demo-6/key.tf index 9962e34..de08692 100644 --- a/demo-6/key.tf +++ b/demo-6/key.tf @@ -1,4 +1,5 @@ resource "aws_key_pair" "mykey" { - key_name = "mykey" - public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" + key_name = "mykey" + public_key = file(var.PATH_TO_PUBLIC_KEY) } + diff --git a/demo-6/modules.tf b/demo-6/modules.tf index 57f878b..6b814c8 100644 --- a/demo-6/modules.tf +++ b/demo-6/modules.tf @@ -1,15 +1,17 @@ module "consul" { - source = "github.com/wardviaene/terraform-consul-module.git" - key_name = "${aws_key_pair.mykey.key_name}" - key_path = "${var.PATH_TO_PRIVATE_KEY}" - region = "${var.AWS_REGION}" - vpc_id = "${aws_default_vpc.default.id}" - subnets { - "0" = "${aws_default_subnet.default_az1.id}" - "1" = "${aws_default_subnet.default_az2.id}" - "2" = "${aws_default_subnet.default_az3.id}" + source = "github.com/wardviaene/terraform-consul-module.git?ref=terraform-0.12" + key_name = aws_key_pair.mykey.key_name + key_path = var.PATH_TO_PRIVATE_KEY + region = var.AWS_REGION + vpc_id = aws_default_vpc.default.id + subnets = { + "0" = aws_default_subnet.default_az1.id + "1" = aws_default_subnet.default_az2.id + "2" = aws_default_subnet.default_az3.id } } + output "consul-output" { - value = "${module.consul.server_address}" + value = module.consul.server_address } + diff --git a/demo-6/provider.tf b/demo-6/provider.tf index ded6d8c..375d9cd 100644 --- a/demo-6/provider.tf +++ b/demo-6/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-6/vars.tf b/demo-6/vars.tf index ce2e56b..3878f40 100644 --- a/demo-6/vars.tf +++ b/demo-6/vars.tf @@ -1,9 +1,12 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + diff --git a/demo-6/versions.tf b/demo-6/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-6/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-7/nat.tf b/demo-7/nat.tf index 69f1141..f32efc2 100644 --- a/demo-7/nat.tf +++ b/demo-7/nat.tf @@ -1,35 +1,40 @@ # nat gw resource "aws_eip" "nat" { - vpc = true + vpc = true } + resource "aws_nat_gateway" "nat-gw" { - allocation_id = "${aws_eip.nat.id}" - subnet_id = "${aws_subnet.main-public-1.id}" - depends_on = ["aws_internet_gateway.main-gw"] + allocation_id = aws_eip.nat.id + subnet_id = aws_subnet.main-public-1.id + depends_on = [aws_internet_gateway.main-gw] } # VPC setup for NAT resource "aws_route_table" "main-private" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - nat_gateway_id = "${aws_nat_gateway.nat-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + nat_gateway_id = aws_nat_gateway.nat-gw.id + } - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + # route associations private resource "aws_route_table_association" "main-private-1-a" { - subnet_id = "${aws_subnet.main-private-1.id}" - route_table_id = "${aws_route_table.main-private.id}" + subnet_id = aws_subnet.main-private-1.id + route_table_id = aws_route_table.main-private.id } + resource "aws_route_table_association" "main-private-2-a" { - subnet_id = "${aws_subnet.main-private-2.id}" - route_table_id = "${aws_route_table.main-private.id}" + subnet_id = aws_subnet.main-private-2.id + route_table_id = aws_route_table.main-private.id } + resource "aws_route_table_association" "main-private-3-a" { - subnet_id = "${aws_subnet.main-private-3.id}" - route_table_id = "${aws_route_table.main-private.id}" + subnet_id = aws_subnet.main-private-3.id + route_table_id = aws_route_table.main-private.id } + diff --git a/demo-7/provider.tf b/demo-7/provider.tf index ded6d8c..7925c73 100644 --- a/demo-7/provider.tf +++ b/demo-7/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-7/vars.tf b/demo-7/vars.tf index ce2e56b..3878f40 100644 --- a/demo-7/vars.tf +++ b/demo-7/vars.tf @@ -1,9 +1,12 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + diff --git a/demo-7/versions.tf b/demo-7/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-7/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-7/vpc.tf b/demo-7/vpc.tf index 1325feb..4e9d809 100644 --- a/demo-7/vpc.tf +++ b/demo-7/vpc.tf @@ -1,110 +1,117 @@ # Internet VPC resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - instance_tenancy = "default" - enable_dns_support = "true" - enable_dns_hostnames = "true" - enable_classiclink = "false" - tags { - Name = "main" - } + cidr_block = "10.0.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + enable_dns_hostnames = "true" + enable_classiclink = "false" + tags = { + Name = "main" + } } - # Subnets resource "aws_subnet" "main-public-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1a" - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } + resource "aws_subnet" "main-public-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.2.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1b" - tags { - Name = "main-public-2" - } + tags = { + Name = "main-public-2" + } } + resource "aws_subnet" "main-public-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.3.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1c" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.3.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1c" - tags { - Name = "main-public-3" - } + tags = { + Name = "main-public-3" + } } + resource "aws_subnet" "main-private-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.4.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.4.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1a" - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + resource "aws_subnet" "main-private-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.5.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.5.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1b" - tags { - Name = "main-private-2" - } + tags = { + Name = "main-private-2" + } } -resource "aws_subnet" "main-private-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.6.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1c" - tags { - Name = "main-private-3" - } +resource "aws_subnet" "main-private-3" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.6.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1c" + + tags = { + Name = "main-private-3" + } } # Internet GW resource "aws_internet_gateway" "main-gw" { - vpc_id = "${aws_vpc.main.id}" + vpc_id = aws_vpc.main.id - tags { - Name = "main" - } + tags = { + Name = "main" + } } # route tables resource "aws_route_table" "main-public" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.main-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main-gw.id + } - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } # route associations public resource "aws_route_table_association" "main-public-1-a" { - subnet_id = "${aws_subnet.main-public-1.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-1.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-2-a" { - subnet_id = "${aws_subnet.main-public-2.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-2.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-3-a" { - subnet_id = "${aws_subnet.main-public-3.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-3.id + route_table_id = aws_route_table.main-public.id } + diff --git a/demo-8/instance.tf b/demo-8/instance.tf index f4daa01..7f00edc 100644 --- a/demo-8/instance.tf +++ b/demo-8/instance.tf @@ -1,13 +1,14 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" # the VPC subnet - subnet_id = "${aws_subnet.main-public-1.id}" + subnet_id = aws_subnet.main-public-1.id # the security group - vpc_security_group_ids = ["${aws_security_group.allow-ssh.id}"] + vpc_security_group_ids = [aws_security_group.allow-ssh.id] # the public SSH key - key_name = "${aws_key_pair.mykeypair.key_name}" + key_name = aws_key_pair.mykeypair.key_name } + diff --git a/demo-8/key.tf b/demo-8/key.tf index 0d3c220..58b093f 100644 --- a/demo-8/key.tf +++ b/demo-8/key.tf @@ -1,4 +1,5 @@ resource "aws_key_pair" "mykeypair" { - key_name = "mykeypair" - public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" + key_name = "mykeypair" + public_key = file(var.PATH_TO_PUBLIC_KEY) } + diff --git a/demo-8/provider.tf b/demo-8/provider.tf index ded6d8c..7925c73 100644 --- a/demo-8/provider.tf +++ b/demo-8/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-8/securitygroup.tf b/demo-8/securitygroup.tf index 05c0e12..1ec204b 100644 --- a/demo-8/securitygroup.tf +++ b/demo-8/securitygroup.tf @@ -1,21 +1,22 @@ resource "aws_security_group" "allow-ssh" { - vpc_id = "${aws_vpc.main.id}" - name = "allow-ssh" + vpc_id = aws_vpc.main.id + name = "allow-ssh" description = "security group that allows ssh and all egress traffic" egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -tags { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { Name = "allow-ssh" } } + diff --git a/demo-8/vars.tf b/demo-8/vars.tf index d880ef6..2712edf 100644 --- a/demo-8/vars.tf +++ b/demo-8/vars.tf @@ -1,17 +1,21 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + diff --git a/demo-8/versions.tf b/demo-8/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-8/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-8/vpc.tf b/demo-8/vpc.tf index 1325feb..4e9d809 100644 --- a/demo-8/vpc.tf +++ b/demo-8/vpc.tf @@ -1,110 +1,117 @@ # Internet VPC resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - instance_tenancy = "default" - enable_dns_support = "true" - enable_dns_hostnames = "true" - enable_classiclink = "false" - tags { - Name = "main" - } + cidr_block = "10.0.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + enable_dns_hostnames = "true" + enable_classiclink = "false" + tags = { + Name = "main" + } } - # Subnets resource "aws_subnet" "main-public-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1a" - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } + resource "aws_subnet" "main-public-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.2.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1b" - tags { - Name = "main-public-2" - } + tags = { + Name = "main-public-2" + } } + resource "aws_subnet" "main-public-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.3.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1c" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.3.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1c" - tags { - Name = "main-public-3" - } + tags = { + Name = "main-public-3" + } } + resource "aws_subnet" "main-private-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.4.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.4.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1a" - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + resource "aws_subnet" "main-private-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.5.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.5.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1b" - tags { - Name = "main-private-2" - } + tags = { + Name = "main-private-2" + } } -resource "aws_subnet" "main-private-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.6.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1c" - tags { - Name = "main-private-3" - } +resource "aws_subnet" "main-private-3" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.6.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1c" + + tags = { + Name = "main-private-3" + } } # Internet GW resource "aws_internet_gateway" "main-gw" { - vpc_id = "${aws_vpc.main.id}" + vpc_id = aws_vpc.main.id - tags { - Name = "main" - } + tags = { + Name = "main" + } } # route tables resource "aws_route_table" "main-public" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.main-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main-gw.id + } - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } # route associations public resource "aws_route_table_association" "main-public-1-a" { - subnet_id = "${aws_subnet.main-public-1.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-1.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-2-a" { - subnet_id = "${aws_subnet.main-public-2.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-2.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-3-a" { - subnet_id = "${aws_subnet.main-public-3.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-3.id + route_table_id = aws_route_table.main-public.id } + diff --git a/demo-9/instance.tf b/demo-9/instance.tf index e615b01..88c1183 100644 --- a/demo-9/instance.tf +++ b/demo-9/instance.tf @@ -1,29 +1,29 @@ resource "aws_instance" "example" { - ami = "${lookup(var.AMIS, var.AWS_REGION)}" + ami = var.AMIS[var.AWS_REGION] instance_type = "t2.micro" # the VPC subnet - subnet_id = "${aws_subnet.main-public-1.id}" + subnet_id = aws_subnet.main-public-1.id # the security group - vpc_security_group_ids = ["${aws_security_group.allow-ssh.id}"] + vpc_security_group_ids = [aws_security_group.allow-ssh.id] # the public SSH key - key_name = "${aws_key_pair.mykeypair.key_name}" + key_name = aws_key_pair.mykeypair.key_name } resource "aws_ebs_volume" "ebs-volume-1" { - availability_zone = "eu-west-1a" - size = 20 - type = "gp2" - tags { - Name = "extra volume data" - } + availability_zone = "eu-west-1a" + size = 20 + type = "gp2" + tags = { + Name = "extra volume data" + } } resource "aws_volume_attachment" "ebs-volume-1-attachment" { device_name = "/dev/xvdh" - volume_id = "${aws_ebs_volume.ebs-volume-1.id}" - instance_id = "${aws_instance.example.id}" + volume_id = aws_ebs_volume.ebs-volume-1.id + instance_id = aws_instance.example.id } diff --git a/demo-9/key.tf b/demo-9/key.tf index 0d3c220..58b093f 100644 --- a/demo-9/key.tf +++ b/demo-9/key.tf @@ -1,4 +1,5 @@ resource "aws_key_pair" "mykeypair" { - key_name = "mykeypair" - public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" + key_name = "mykeypair" + public_key = file(var.PATH_TO_PUBLIC_KEY) } + diff --git a/demo-9/provider.tf b/demo-9/provider.tf index ded6d8c..7925c73 100644 --- a/demo-9/provider.tf +++ b/demo-9/provider.tf @@ -1,3 +1,4 @@ -provider "aws" { - region = "${var.AWS_REGION}" +provider "aws" { + region = var.AWS_REGION } + diff --git a/demo-9/securitygroup.tf b/demo-9/securitygroup.tf index 05c0e12..1ec204b 100644 --- a/demo-9/securitygroup.tf +++ b/demo-9/securitygroup.tf @@ -1,21 +1,22 @@ resource "aws_security_group" "allow-ssh" { - vpc_id = "${aws_vpc.main.id}" - name = "allow-ssh" + vpc_id = aws_vpc.main.id + name = "allow-ssh" description = "security group that allows ssh and all egress traffic" egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] } ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -tags { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + tags = { Name = "allow-ssh" } } + diff --git a/demo-9/vars.tf b/demo-9/vars.tf index d880ef6..2712edf 100644 --- a/demo-9/vars.tf +++ b/demo-9/vars.tf @@ -1,17 +1,21 @@ variable "AWS_REGION" { default = "eu-west-1" } + variable "PATH_TO_PRIVATE_KEY" { default = "mykey" } + variable "PATH_TO_PUBLIC_KEY" { default = "mykey.pub" } + variable "AMIS" { - type = "map" + type = map(string) default = { us-east-1 = "ami-13be557e" us-west-2 = "ami-06b94666" eu-west-1 = "ami-844e0bf7" } } + diff --git a/demo-9/versions.tf b/demo-9/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/demo-9/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/demo-9/vpc.tf b/demo-9/vpc.tf index 1325feb..4e9d809 100644 --- a/demo-9/vpc.tf +++ b/demo-9/vpc.tf @@ -1,110 +1,117 @@ # Internet VPC resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - instance_tenancy = "default" - enable_dns_support = "true" - enable_dns_hostnames = "true" - enable_classiclink = "false" - tags { - Name = "main" - } + cidr_block = "10.0.0.0/16" + instance_tenancy = "default" + enable_dns_support = "true" + enable_dns_hostnames = "true" + enable_classiclink = "false" + tags = { + Name = "main" + } } - # Subnets resource "aws_subnet" "main-public-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1a" - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } + resource "aws_subnet" "main-public-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.2.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.2.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1b" - tags { - Name = "main-public-2" - } + tags = { + Name = "main-public-2" + } } + resource "aws_subnet" "main-public-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.3.0/24" - map_public_ip_on_launch = "true" - availability_zone = "eu-west-1c" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.3.0/24" + map_public_ip_on_launch = "true" + availability_zone = "eu-west-1c" - tags { - Name = "main-public-3" - } + tags = { + Name = "main-public-3" + } } + resource "aws_subnet" "main-private-1" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.4.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1a" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.4.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1a" - tags { - Name = "main-private-1" - } + tags = { + Name = "main-private-1" + } } + resource "aws_subnet" "main-private-2" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.5.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1b" + vpc_id = aws_vpc.main.id + cidr_block = "10.0.5.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1b" - tags { - Name = "main-private-2" - } + tags = { + Name = "main-private-2" + } } -resource "aws_subnet" "main-private-3" { - vpc_id = "${aws_vpc.main.id}" - cidr_block = "10.0.6.0/24" - map_public_ip_on_launch = "false" - availability_zone = "eu-west-1c" - tags { - Name = "main-private-3" - } +resource "aws_subnet" "main-private-3" { + vpc_id = aws_vpc.main.id + cidr_block = "10.0.6.0/24" + map_public_ip_on_launch = "false" + availability_zone = "eu-west-1c" + + tags = { + Name = "main-private-3" + } } # Internet GW resource "aws_internet_gateway" "main-gw" { - vpc_id = "${aws_vpc.main.id}" + vpc_id = aws_vpc.main.id - tags { - Name = "main" - } + tags = { + Name = "main" + } } # route tables resource "aws_route_table" "main-public" { - vpc_id = "${aws_vpc.main.id}" - route { - cidr_block = "0.0.0.0/0" - gateway_id = "${aws_internet_gateway.main-gw.id}" - } + vpc_id = aws_vpc.main.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.main-gw.id + } - tags { - Name = "main-public-1" - } + tags = { + Name = "main-public-1" + } } # route associations public resource "aws_route_table_association" "main-public-1-a" { - subnet_id = "${aws_subnet.main-public-1.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-1.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-2-a" { - subnet_id = "${aws_subnet.main-public-2.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-2.id + route_table_id = aws_route_table.main-public.id } + resource "aws_route_table_association" "main-public-3-a" { - subnet_id = "${aws_subnet.main-public-3.id}" - route_table_id = "${aws_route_table.main-public.id}" + subnet_id = aws_subnet.main-public-3.id + route_table_id = aws_route_table.main-public.id } + diff --git a/docker-demo-1/ecr.tf b/docker-demo-1/ecr.tf index c136228..addea5d 100644 --- a/docker-demo-1/ecr.tf +++ b/docker-demo-1/ecr.tf @@ -1,3 +1,4 @@ resource "aws_ecr_repository" "myapp" { name = "myapp" } + diff --git a/docker-demo-1/output.tf b/docker-demo-1/output.tf index 0dd1091..b7702af 100644 --- a/docker-demo-1/output.tf +++ b/docker-demo-1/output.tf @@ -1,3 +1,4 @@ output "myapp-repository-URL" { - value = "${aws_ecr_repository.myapp.repository_url}" + value = aws_ecr_repository.myapp.repository_url } + diff --git a/docker-demo-1/provider.tf b/docker-demo-1/provider.tf index 5a52b53..7925c73 100644 --- a/docker-demo-1/provider.tf +++ b/docker-demo-1/provider.tf @@ -1,4 +1,4 @@ provider "aws" { - region = "${var.AWS_REGION}" + region = var.AWS_REGION } diff --git a/docker-demo-1/vars.tf b/docker-demo-1/vars.tf index 7c29d8c..ac7990c 100644 --- a/docker-demo-1/vars.tf +++ b/docker-demo-1/vars.tf @@ -1,3 +1,4 @@ variable "AWS_REGION" { default = "eu-west-1" } + diff --git a/docker-demo-1/versions.tf b/docker-demo-1/versions.tf new file mode 100644 index 0000000..ac97c6a --- /dev/null +++ b/docker-demo-1/versions.tf @@ -0,0 +1,4 @@ + +terraform { + required_version = ">= 0.12" +} diff --git a/docker-demo-2/ecr.tf b/docker-demo-2/ecr.tf index c136228..addea5d 100644 --- a/docker-demo-2/ecr.tf +++ b/docker-demo-2/ecr.tf @@ -1,3 +1,4 @@ resource "aws_ecr_repository" "myapp" { name = "myapp" } + diff --git a/docker-demo-2/ecs.tf b/docker-demo-2/ecs.tf index 4dc7f7e..905bf69 100644 --- a/docker-demo-2/ecs.tf +++ b/docker-demo-2/ecs.tf @@ -1,28 +1,31 @@ # cluster resource "aws_ecs_cluster" "example-cluster" { - name = "example-cluster" + name = "example-cluster" } + resource "aws_launch_configuration" "ecs-example-launchconfig" { name_prefix = "ecs-launchconfig" - image_id = "${lookup(var.ECS_AMIS, var.AWS_REGION)}" - instance_type = "${var.ECS_INSTANCE_TYPE}" - key_name = "${aws_key_pair.mykeypair.key_name}" - iam_instance_profile = "${aws_iam_instance_profile.ecs-ec2-role.id}" - security_groups = ["${aws_security_group.ecs-securitygroup.id}"] + image_id = var.ECS_AMIS[var.AWS_REGION] + instance_type = var.ECS_INSTANCE_TYPE + key_name = aws_key_pair.mykeypair.key_name + iam_instance_profile = aws_iam_instance_profile.ecs-ec2-role.id + security_groups = [aws_security_group.ecs-securitygroup.id] user_data = "#!/bin/bash\necho 'ECS_CLUSTER=example-cluster' > /etc/ecs/ecs.config\nstart ecs" - lifecycle { create_before_destroy = true } -} -resource "aws_autoscaling_group" "ecs-example-autoscaling" { - name = "ecs-example-autoscaling" - vpc_zone_identifier = ["${aws_subnet.main-public-1.id}", "${aws_subnet.main-public-2.id}"] - launch_configuration = "${aws_launch_configuration.ecs-example-launchconfig.name}" - min_size = 1 - max_size = 1 - tag { - key = "Name" - value = "ecs-ec2-container" - propagate_at_launch = true + lifecycle { + create_before_destroy = true } } +resource "aws_autoscaling_group" "ecs-example-autoscaling" { + name = "ecs-example-autoscaling" + vpc_zone_identifier = [aws_subnet.main-public-1.id, aws_subnet.main-public-2.id] + launch_configuration = aws_launch_configuration.ecs-example-launchconfig.name + min_size = 1 + max_size = 1 + tag { + key = "Name" + value = "ecs-ec2-container" + propagate_at_launch = true + } +} diff --git a/docker-demo-2/iam.tf b/docker-demo-2/iam.tf index 2d9b1ff..64a2b59 100644 --- a/docker-demo-2/iam.tf +++ b/docker-demo-2/iam.tf @@ -1,7 +1,7 @@ # ecs ec2 role resource "aws_iam_role" "ecs-ec2-role" { - name = "ecs-ec2-role" - assume_role_policy = <