|
|
@@ -0,0 +1,206 @@
|
|
|
+# create vpc
|
|
|
+
|
|
|
+resource "aws_vpc" "main" {
|
|
|
+ cidr_block = var.cidr
|
|
|
+ instance_tenancy = "default"
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = var.vpc_name
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_subnet" "subnet1" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+ cidr_block = var.subnet1_cidr
|
|
|
+ availability_zone = "us-east-1a"
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pub-subnet1"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+resource "aws_subnet" "subnet2" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+ cidr_block = var.subnet2_cidr
|
|
|
+ availability_zone = "us-east-1b"
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pub-subnet2"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_subnet" "subnet3" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+ cidr_block = var.subnet3_cidr
|
|
|
+ availability_zone = "us-east-1a"
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pvt-subnet1"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+resource "aws_subnet" "subnet4" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+ cidr_block = var.subnet4_cidr
|
|
|
+ availability_zone = "us-east-1b"
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pvt-subnet2"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+resource "aws_internet_gateway" "web-gw" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "web-internetgateway"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_route_table" "pubroute" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+
|
|
|
+ route {
|
|
|
+ cidr_block = "0.0.0.0/0"
|
|
|
+ gateway_id = aws_internet_gateway.web-gw.id
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pubroute"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_route_table" "pvtroute" {
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+
|
|
|
+
|
|
|
+ tags = {
|
|
|
+ Name = "pvtroute"
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_route_table_association" "pubsub1" {
|
|
|
+ subnet_id = aws_subnet.subnet1.id
|
|
|
+ route_table_id = aws_route_table.pubroute.id
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_route_table_association" "pvtsub2" {
|
|
|
+ subnet_id = aws_subnet.subnet2.id
|
|
|
+ route_table_id = aws_route_table.pubroute.id
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+resource "aws_route_table_association" "pvtsub1" {
|
|
|
+ subnet_id = aws_subnet.subnet3.id
|
|
|
+ route_table_id = aws_route_table.pvtroute.id
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_route_table_association" "pvtsub2" {
|
|
|
+ subnet_id = aws_subnet.subnet4.id
|
|
|
+ route_table_id = aws_route_table.pvtroute.id
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+############ EC2 Creation with ALB & Auto scaling Group ##########
|
|
|
+
|
|
|
+resource "aws_security_group" "web_sg" {
|
|
|
+ name_prefix = "web-sg-"
|
|
|
+
|
|
|
+ # Inbound rule for SSH traffic
|
|
|
+ ingress {
|
|
|
+ from_port = 22
|
|
|
+ to_port = 22
|
|
|
+ protocol = "tcp"
|
|
|
+ cidr_blocks = ["0.0.0.0/0"]
|
|
|
+ }
|
|
|
+
|
|
|
+ # Inbound rule for HTTP traffic
|
|
|
+ ingress {
|
|
|
+ from_port = 80
|
|
|
+ to_port = 80
|
|
|
+ protocol = "tcp"
|
|
|
+ cidr_blocks = ["0.0.0.0/0"]
|
|
|
+ }
|
|
|
+
|
|
|
+ # Inbound rule for HTTPS traffic
|
|
|
+ ingress {
|
|
|
+ from_port = 443
|
|
|
+ to_port = 443
|
|
|
+ protocol = "tcp"
|
|
|
+ cidr_blocks = ["0.0.0.0/0"]
|
|
|
+ }
|
|
|
+
|
|
|
+ # Outbound rule allowing all traffic
|
|
|
+ egress {
|
|
|
+ from_port = 0
|
|
|
+ to_port = 0
|
|
|
+ protocol = "-1"
|
|
|
+ cidr_blocks = ["0.0.0.0/0"]
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+resource "aws_launch_configuration" "web_lc" {
|
|
|
+ name_prefix = "web-lc"
|
|
|
+ image_id = var.ami
|
|
|
+ instance_type = var.instance_type
|
|
|
+
|
|
|
+ security_groups = [aws_security_group.web_sg.id]
|
|
|
+ key_name = var.keyname
|
|
|
+ user_data = <<-EOF
|
|
|
+ #!/bin/bash
|
|
|
+ apt update
|
|
|
+ apt upgrade -y
|
|
|
+ EOF
|
|
|
+
|
|
|
+ lifecycle {
|
|
|
+ create_before_destroy = true
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_autoscaling_group" "web_asg" {
|
|
|
+ name_prefix = "web-asg"
|
|
|
+ min_size = 2
|
|
|
+ max_size = 5
|
|
|
+ desired_capacity = 2
|
|
|
+ launch_configuration = aws_launch_configuration.web_lc.name
|
|
|
+
|
|
|
+ // Define your load balancer target group ARNs here
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_lb" "example_alb" {
|
|
|
+ name = "web-alb"
|
|
|
+ internal = false
|
|
|
+ load_balancer_type = "application"
|
|
|
+ subnets = [aws_subnet.subnet1.id, aws_subnet.subnet2.id]
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_lb_listener" "example_listener" {
|
|
|
+ load_balancer_arn = aws_lb.example_alb.arn
|
|
|
+ port = 80
|
|
|
+ protocol = "HTTP"
|
|
|
+
|
|
|
+ default_action {
|
|
|
+ type = "fixed-response"
|
|
|
+ fixed_response {
|
|
|
+ content_type = "/"
|
|
|
+ status_code = "200"
|
|
|
+ }
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_lb_target_group" "web_target_group" {
|
|
|
+ name = "web-target-group"
|
|
|
+ port = 80
|
|
|
+ protocol = "HTTP"
|
|
|
+ vpc_id = aws_vpc.main.id
|
|
|
+}
|
|
|
+
|
|
|
+resource "aws_autoscaling_attachment" "web_asg_attachment" {
|
|
|
+ autoscaling_group_name = aws_autoscaling_group.web_asg.name
|
|
|
+ alb_target_group_arn = aws_lb_target_group.web_target_group.arn
|
|
|
+}
|
