From a192d0b94e469e00e91024a89408a151fb7004cd Mon Sep 17 00:00:00 2001 From: Edward Viaene Date: Fri, 15 Jun 2018 10:57:00 +0000 Subject: [PATCH] demo-18 --- demo-18/instance.tf | 29 +++++++++++++++++++++++++ demo-18/key.tf | 4 ++++ demo-18/provider.tf | 3 +++ demo-18/securitygroup.tf | 47 ++++++++++++++++++++++++++++++++++++++++ demo-18/vars.tf | 15 +++++++++++++ demo-18/vpc.tf | 37 +++++++++++++++++++++++++++++++ 6 files changed, 135 insertions(+) create mode 100644 demo-18/instance.tf create mode 100644 demo-18/key.tf create mode 100644 demo-18/provider.tf create mode 100644 demo-18/securitygroup.tf create mode 100644 demo-18/vars.tf create mode 100644 demo-18/vpc.tf diff --git a/demo-18/instance.tf b/demo-18/instance.tf new file mode 100644 index 0000000..135388d --- /dev/null +++ b/demo-18/instance.tf @@ -0,0 +1,29 @@ +data "aws_ami" "ubuntu" { + most_recent = true + + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} + +resource "aws_instance" "example" { + ami = "${data.aws_ami.ubuntu.id}" + instance_type = "t2.micro" + + # the VPC subnet + subnet_id = "${var.ENV == "prod" ? module.vpc-prod.public_subnets[0] : module.vpc-dev.public_subnets[0] }" + + # the security group + vpc_security_group_ids = ["${var.ENV == "prod" ? aws_security_group.allow-ssh-prod.id : aws_security_group.allow-ssh-dev.id }"] + + # the public SSH key + key_name = "${aws_key_pair.mykeypair.key_name}" +} diff --git a/demo-18/key.tf b/demo-18/key.tf new file mode 100644 index 0000000..2b92f43 --- /dev/null +++ b/demo-18/key.tf @@ -0,0 +1,4 @@ +resource "aws_key_pair" "mykeypair" { + key_name = "mykeypair" + public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" +} diff --git a/demo-18/provider.tf b/demo-18/provider.tf new file mode 100644 index 0000000..5606109 --- /dev/null +++ b/demo-18/provider.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = "${var.AWS_REGION}" +} diff --git a/demo-18/securitygroup.tf b/demo-18/securitygroup.tf new file mode 100644 index 0000000..6509648 --- /dev/null +++ b/demo-18/securitygroup.tf @@ -0,0 +1,47 @@ +resource "aws_security_group" "allow-ssh-prod" { + vpc_id = "${module.vpc-prod.vpc_id}" + name = "allow-ssh" + description = "security group that allows ssh and all egress traffic" + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + tags { + Name = "allow-ssh" + } +} + +resource "aws_security_group" "allow-ssh-dev" { + vpc_id = "${module.vpc-dev.vpc_id}" + name = "allow-ssh" + description = "security group that allows ssh and all egress traffic" + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + tags { + Name = "allow-ssh" + } +} diff --git a/demo-18/vars.tf b/demo-18/vars.tf new file mode 100644 index 0000000..d89ef11 --- /dev/null +++ b/demo-18/vars.tf @@ -0,0 +1,15 @@ +variable "AWS_REGION" { + default = "eu-west-1" +} + +variable "PATH_TO_PRIVATE_KEY" { + default = "mykey" +} + +variable "PATH_TO_PUBLIC_KEY" { + default = "mykey.pub" +} + +variable "ENV" { + default = "prod" +} diff --git a/demo-18/vpc.tf b/demo-18/vpc.tf new file mode 100644 index 0000000..b25704a --- /dev/null +++ b/demo-18/vpc.tf @@ -0,0 +1,37 @@ +module "vpc-prod" { + source = "terraform-aws-modules/vpc/aws" + + name = "vpc-prod" + cidr = "10.0.0.0/16" + + azs = ["${var.AWS_REGION}a", "${var.AWS_REGION}b", "${var.AWS_REGION}c"] + private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + + enable_nat_gateway = false + enable_vpn_gateway = false + + tags = { + Terraform = "true" + Environment = "prod" + } +} + +module "vpc-dev" { + source = "terraform-aws-modules/vpc/aws" + + name = "vpc-dev" + cidr = "10.0.0.0/16" + + azs = ["${var.AWS_REGION}a", "${var.AWS_REGION}b", "${var.AWS_REGION}c"] + private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] + public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] + + enable_nat_gateway = false + enable_vpn_gateway = false + + tags = { + Terraform = "true" + Environment = "dev" + } +}