how-to
/
all-in-one
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '175ae97e4b'
${ noResults }
all-in-one/terraform
History
Yik Teng Hie 4cd23964ec add angular & terraform quick guide 5 years ago
..
README.md add angular & terraform quick guide 5 years ago

README.md

Terraform

  • Terraform

  • Sample terraform main.tf

    providers "aws" {
	region = ""
    access_key = ""
    secret_key = ""

}

# 1. create VPC
resource "aws_vpc" "main" {
    cidr_block = "10.0.0.0/16"
}

# 2. Create Internet Gateway
resource "aws_internet_gateway" "gw" {
    vpc_id = aws_vpc.prod-vpc.id
}

# 3. Create Custom Route Table
resource "aws_route_table" "prod-route-table" {
  vpc_id = aws_vpc.prod-vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.gw.id
  }

  route {
    ipv6_cidr_block        = "::/0"
    gateway_id = aws_internet_gateway.gw.id
  }

  tags = {
    Name = "Prod"
  }
}

# 4. Create subnet
resource "aws_subnet" "subnet-1" {
	vpc_id = aws_vpc.prod-vpc.id 
    cidr_block = "10.0.1.0/24"
    availability_zone = "us-east-1a"

    tags = {
        Name = "prod-subnet"
    }
}

# 5. Associate subnet to route table
resource "aws_route_table_association" "a" {
    subnet_id = aws_subnet.subnet-1.id
    route_table_id = aws_route_table.prod-route-table.id
}

# 6. Create Security Group
resource "aws_security_group" "allow_web" {
  name        = "allow_tls"
  description = "Allow TLS inbound traffic"
  vpc_id      = aws_vpc.prod-vpc.id

  ingress {
    description      = "HTTPS"
    from_port        = 443
    to_port          = 443
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]

  }

  ingress {
    description      = "HTTP"
    from_port        = 80
    to_port          = 80
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]

  }

  ingress {
    description      = "SSH"
    from_port        = 22
    to_port          = 22
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]

  }

  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }

  tags = {
    Name = "allow_web"
  }
}

# 7. Create network interface
resource "aws_network_interface" "web-server-nic" {
  subnet_id       = aws_subnet.subnet-1.id
  private_ips     = ["10.0.1.50"]
  security_groups = [aws_security_group.allow_web.id]

}

# 8. Elastic IP
resource "aws_eip" "lb" {
  vpc      = true
  instance = aws_instance.web-server-nic.id
  associate_with_private_ip = "10.0.1.50"
  depends_on = [aws_internet_gateway.gw]
}

# 9. Create ubuntu server
resource "aws_instance" "web-server-instance" {
    ami = ""
    instance_type = "t2.micro"
    availability_zone = "us-east-1a"
    key_name = "main-key"

    network_interface {
        device_index = 0
        network_interface_id = aws_network_interface.web-server-nic.id
    }

    user_data = <<-EOF
				#!/bin/bash
				sudo apt update -y
				sudo apt install apache2 -y
				sudo systemctl start apache2
				sudo bash -c 'echo your very first web server > /var/www/html/index.html'
				EOF
	tags = {
		Name = "web-server"
	}
}

# console log value
output "server_private_ip" {
	value = aws_instance.web-server-instance.private_ip
}

  • Commands

    $ terraform init

$ terraform apply --auto-approve
$ terraform apply [-target <instance>]

$ terraform destroy
$ terraform destroy [-target <instance>]

$ terraform state list

$ terraform state show <name>

$ terraform refresh

$ terraform output

  • variable. terraform.tfvars

    
# string variable
subnet_prefix = "10.0.200.0/24"

# list of objects
subnet_prefix = [{cidr_block = "10.0.1.0/24", name="subnet-1"}, {cidr_block = "10.0.2.0/64", name= "subnet-2"}]