Home Explore Help
Register Sign In
roberto.barbosa
/
terraform
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4a24b70559
Branches Tags
terraform
/
vpc
/
main.tf

main.tf 3.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. resource "aws_vpc" "main" {
    2. 

  2.   cidr_block           = "${var.cidr}"
    3. 

  3.   enable_dns_hostnames = "${var.enable_dns_hostnames}"
    4. 

  4.   enable_dns_support   = "${var.enable_dns_support}"
    5. 

  5. 

  6.   tags {
    7. 

  7.     Name = "${var.name}"
    8. 

  8.     managed_by	= "terraform"
    9. 

  9.   }
    10. 

  10. }
    11. 

  11. 

  12. resource "aws_internet_gateway" "main" {
    13. 

  13.   vpc_id = "${aws_vpc.main.id}"
    14. 

  14. 

  15.   tags {
    16. 

  16.     Name = "${var.name}-igw"
    17. 

  17.     managed_by	= "terraform"
    18. 

  18.   }
    19. 

  19. }
    20. 

  20. 

  21. resource "aws_route_table" "public" {
    22. 

  22.   vpc_id           = "${aws_vpc.main.id}"
    23. 

  23.   propagating_vgws = ["${var.public_propagating_vgws}"]
    24. 

  24. 

  25.   tags {
    26. 

  26.     Name = "${var.name}-rt-public"
    27. 

  27.     managed_by	= "terraform"
    28. 

  28.   }
    29. 

  29. }
    30. 

  30. 

  31. resource "aws_route" "public_internet_gateway" {
    32. 

  32.   route_table_id         = "${aws_route_table.public.id}"
    33. 

  33.   destination_cidr_block = "0.0.0.0/0"
    34. 

  34.   gateway_id             = "${aws_internet_gateway.main.id}"
    35. 

  35. }
    36. 

  36. 

  37. resource "aws_route" "private_nat_gateway" {
    38. 

  38.   route_table_id         = "${aws_route_table.private.id}"
    39. 

  39.   destination_cidr_block = "0.0.0.0/0"
    40. 

  40.   nat_gateway_id         = "${aws_nat_gateway.natgw.id}"
    41. 

  41. }
    42. 

  42. 

  43. resource "aws_route_table" "private" {
    44. 

  44.   vpc_id           = "${aws_vpc.main.id}"
    45. 

  45.   propagating_vgws = ["${var.private_propagating_vgws}"]
    46. 

  46. 

  47.   tags {
    48. 

  48.     Name = "${var.name}-rt-private-${data.aws_availability_zones.available.names[1]}"
    49. 

  49.     managed_by	= "terraform"
    50. 

  50.   }
    51. 

  51. }
    52. 

  52. 

  53. resource "aws_subnet" "public" {
    54. 

  54.   vpc_id            = "${aws_vpc.main.id}"
    55. 

  55.   cidr_block        = "${var.public_subnet}"
    56. 

  56.   availability_zone = "${data.aws_availability_zones.available.names[0]}"
    57. 

  57. 

  58.   tags {
    59. 

  59.     Name = "${var.name}-subnet-public-${data.aws_availability_zones.available.names[0]}"
    60. 

  60.     managed_by	= "terraform"
    61. 

  61.   }
    62. 

  62. 

  63.   map_public_ip_on_launch = "${var.map_public_ip_on_launch}"
    64. 

  64. }
    65. 

  65. 

  66. resource "aws_subnet" "private" {
    67. 

  67.   vpc_id            = "${aws_vpc.main.id}"
    68. 

  68.   cidr_block        = "${var.private_subnet}"
    69. 

  69.   availability_zone = "${data.aws_availability_zones.available.names[1]}"
    70. 

  70. 

  71.   tags {
    72. 

  72.     Name = "${var.name}-rt-private-${data.aws_availability_zones.available.names[1]}"
    73. 

  73.     managed_by	= "terraform"
    74. 

  74.   }
    75. 

  75. }
    76. 

  76. 

  77. 

  78. resource "aws_eip" "nateip" {
    79. 

  79.   vpc   = true
    80. 

  80. }
    81. 

  81. 

  82. resource "aws_nat_gateway" "natgw" {
    83. 

  83.   allocation_id = "${aws_eip.nateip.id}"
    84. 

  84.   subnet_id     = "${aws_subnet.public.id}"
    85. 

  85. 

  86.   depends_on = ["aws_internet_gateway.main"]
    87. 

  87. }
    88. 

  88. 

  89. resource "aws_route_table_association" "public" {
    90. 

  90.   subnet_id      = "${aws_subnet.public.id}"
    91. 

  91.   route_table_id = "${aws_route_table.public.id}"
    92. 

  92. }
    93. 

  93. 

  94. resource "aws_route_table_association" "private" {
    95. 

  95.   subnet_id      = "${aws_subnet.private.id}"
    96. 

  96.   route_table_id = "${aws_route_table.private.id}"
    97. 

  97. }
    98. 

  98. 

  99. resource "aws_security_group" "inbound" {
    100. 

  100.   name        = "allow-ssh-wnb"
    101. 

  101.   vpc_id      = "${aws_vpc.main.id}"
    102. 

  102.   description = "Allows external incoming ssh and web traffic"
    103. 

  103. 

  104.   ingress {
    105. 

  105.     from_port   = 22
    106. 

  106.     to_port     = 22
    107. 

  107.     protocol    = "tcp"
    108. 

  108.     cidr_blocks = ["0.0.0.0/0"]
    109. 

  109.   }
    110. 

  110. 

  111.   ingress {
    112. 

  112.     from_port   = 80
    113. 

  113.     to_port     = 80
    114. 

  114.     protocol    = "tcp"
    115. 

  115.     cidr_blocks = ["0.0.0.0/0"]
    116. 

  116.   }
    117. 

  117. 

  118.   ingress {
    119. 

  119.     from_port   = 8080
    120. 

  120.     to_port     = 8080
    121. 

  121.     protocol    = "tcp"
    122. 

  122.     cidr_blocks = ["0.0.0.0/0"]
    123. 

  123.   }
    124. 

  124. 

  125.   ingress {
    126. 

  126.     from_port   = 443
    127. 

  127.     to_port     = 443
    128. 

  128.     protocol    = "tcp"
    129. 

  129.     cidr_blocks = ["0.0.0.0/0"]
    130. 

  130.   }
    131. 

  131. 

  132.   egress {
    133. 

  133.     from_port   = 0
    134. 

  134.     to_port     = 0
    135. 

  135.     protocol    = -1
    136. 

  136.     cidr_blocks = ["0.0.0.0/0"]
    137. 

  137.   }
    138. 

  138. 

  139.   lifecycle {
    140. 

  140.     create_before_destroy = true
    141. 

  141.   }
    142. 

  142. }
    143.