Created
July 21, 2021 12:43
-
-
Save GitToby/0c836be3419ea12378e9abf0d608b20d to your computer and use it in GitHub Desktop.
basic aws networking example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform { | |
| required_version = ">= 0.14.9" | |
| required_providers { | |
| aws = { | |
| source = "hashicorp/aws" | |
| version = "~> 3.27" | |
| } | |
| } | |
| } | |
| provider "aws" { | |
| region = "us-east-1" | |
| } | |
| ############################################# | |
| # some data sources and locals for reuse | |
| ############################################# | |
| data "http" "myip" { | |
| url = "https://checkip.amazonaws.com/" | |
| } | |
| data "aws_region" "current" {} | |
| data "aws_elb_service_account" "main" {} | |
| locals { | |
| my_ip = chomp(data.http.myip.body) | |
| my_ip_cidr = "${local.my_ip}/32" | |
| elb_log_prefix = "elb-log" | |
| } | |
| ############################################# | |
| # Create VPC | |
| ############################################# | |
| module "vpc" { | |
| source = "terraform-aws-modules/vpc/aws" | |
| name = "learn-networks" | |
| cidr = "10.0.0.0/16" # 10.0.0.0 -> 10.0.255.255 | |
| azs = [ | |
| "${data.aws_region.current.name}a", | |
| "${data.aws_region.current.name}b", | |
| "${data.aws_region.current.name}c" | |
| ] | |
| public_subnets = [ | |
| "10.0.101.0/24" # 10.0.101.0 -> 10.0.101.255 | |
| ] | |
| tags = { | |
| Terraform = "true" | |
| Environment = "dev" | |
| } | |
| } | |
| ############################################# | |
| # Set up 2 ec2 instances & access from my PC | |
| ############################################# | |
| resource "aws_key_pair" "access_key" { | |
| key_name = "terraform deploy machine access" | |
| } | |
| resource "aws_security_group" "my_ssh_access" { | |
| vpc_id = module.vpc.vpc_id | |
| ingress { | |
| from_port = 22 | |
| protocol = "tcp" | |
| to_port = 22 | |
| cidr_blocks = [ | |
| local.my_ip_cidr | |
| ] | |
| } | |
| } | |
| resource "aws_security_group" "public_http_ingress" { | |
| vpc_id = module.vpc.vpc_id | |
| ingress { | |
| from_port = 8080 | |
| protocol = "tcp" | |
| to_port = 8080 | |
| cidr_blocks = [ | |
| "0.0.0.0/0" | |
| // "10.0.0.0/16" | |
| ] | |
| } | |
| } | |
| resource "aws_security_group" "all_egress" { | |
| vpc_id = module.vpc.vpc_id | |
| egress { | |
| from_port = 0 | |
| to_port = 0 | |
| protocol = "-1" | |
| cidr_blocks = [ | |
| "0.0.0.0/0" | |
| ] | |
| } | |
| } | |
| module "ec2_instance_one" { | |
| source = "terraform-aws-modules/ec2-instance/aws" | |
| version = "~> 2.0" | |
| name = "my-instance-one" | |
| instance_count = 1 | |
| associate_public_ip_address = true | |
| ami = "ami-09e67e426f25ce0d7" | |
| instance_type = "t2.micro" | |
| key_name = aws_key_pair.access_key.id | |
| monitoring = true | |
| vpc_security_group_ids = [ | |
| aws_security_group.my_ssh_access.id, | |
| aws_security_group.all_egress.id | |
| ] | |
| subnet_id = module.vpc.public_subnets[0] | |
| } | |
| module "ec2_instance_two" { | |
| source = "terraform-aws-modules/ec2-instance/aws" | |
| version = "~> 2.0" | |
| name = "my-instance-two" | |
| instance_count = 1 | |
| associate_public_ip_address = true | |
| ami = "ami-09e67e426f25ce0d7" | |
| instance_type = "t2.micro" | |
| key_name = aws_key_pair.access_key.id | |
| monitoring = true | |
| vpc_security_group_ids = [ | |
| aws_security_group.my_ssh_access.id, | |
| aws_security_group.all_egress.id, | |
| aws_security_group.public_http_ingress.id | |
| ] | |
| subnet_id = module.vpc.public_subnets[0] | |
| } | |
| output "ec2_ip_one" { | |
| value = module.ec2_instance_one.public_ip | |
| } | |
| output "ec2_ip_two" { | |
| value = module.ec2_instance_two.public_ip | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment