Khyathi
/
infra-assessment
forknuté z LiveLike/infra-assessment


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
							provider "aws" {
  region = var.region
}

data "aws_vpc" "default" {
  id = var.vpc_id
}
resource "aws_security_group" "instance_sg" {
  name        = "instance_sg"
  description = "Security group for instances"

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = [data.aws_vpc.default.cidr_block]  #  restrict SSH access
  }
}

resource "aws_security_group" "alb_sg" {
  name        = "alb_sg"
  description = "Security group for ALB"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = [data.aws_vpc.default.cidr_block]  # example
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = [data.aws_vpc.default.cidr_block]  # example
  }
}

resource "aws_launch_configuration" "example" {
  name_prefix   = "example-"
  image_id      = var.ami_id
  instance_type = "t2.micro"
  
  security_groups = [aws_security_group.instance_sg.id]

  user_data = <<-EOF
              #!/bin/bash
              apt update
              apt upgrade -y
              EOF

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_autoscaling_group" "my-asg" {
  name                 = "my-asg"
  launch_configuration = aws_launch_configuration.example.name
  min_size             = 2
  max_size             = 5
  desired_capacity     = 2

  vpc_zone_identifier = var.subnet_ids

  instance_refresh {
    strategy = "rolling"
  }
}

resource "aws_lb" "my-lb" {
  name               = "my-lb"
  internal           = false
  load_balancer_type = "application"
  subnets            = var.subnet_ids

  security_groups = var.alb_security_group_ids
}

resource "aws_lb_target_group" "my-tg" {
  name     = "my-tg"
  port     = 80
  protocol = "HTTP"
  vpc_id   = var.vpc_id
}


variable "region" {
  description = "AWS region"
  default     = "us-east-1"
}

variable "subnet_ids" {
  description = "List of subnet IDs"
  type        = list(string)
  default     = ["subnet-0c0f8e163a821cf2a", "subnet-0b0f8e163b821cf2v"]  # Example subnet IDs
}

variable "instance_security_group_ids" {
  description = "List of security group IDs for instances"
  type        = list(string)
  default     = ["sg-0920e86dba2f1b0a"]  # Example security group IDs
}

variable "alb_security_group_ids" {
  description = "List of security group IDs for ALB"
  type        = list(string)
  default     = ["sg-0821e86vba2v1b0a"]  # Example security group IDs
}

variable "vpc_id" {
  description = "VPC ID"
  type        = string
}


variable "ami_id" {
  description = "AMI ID for Ubuntu 22.04"
  type        = string
  default     = "ami-029294a043b4c7a97"  # Example AMI ID
}