Terraform : Create a VPC, IG, SUBNETS , NAT, ROUTE TABLES

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Main.tf or vpc.tf 

 


resource "aws_vpc" "my-vpc-superkite" {
  cidr_block       = "${var.cidr_block}"
  # default uses the same hardware as other aws customer
  instance_tenancy = "${var.instance_tenancy}"  
  /*
  -- enable_dns_hostnames = true
  When this setting is enabled, Amazon Route 53 will automatically
  create DNS records for the instances in the VPC, allowing them to
  be addressed by their hostname. This can be useful for services that
  need to be accessed by their hostname instead of their IP address,
  or for cases where the IP addresses of the instances may change freq  uently. */
  enable_dns_hostnames = true
  /*
  @color red
  -- enable_dns_support   = true @color
  When this setting is enabled, Amazon Route 53 will provide DNS resolution
  for the instances in the VPC, allowing them to be addressed by their hostname.
  This can be useful for services that need to be accessed by their hostname
  instead of their IP address, or for cases where the IP addresses of the
  instances may change frequently. */
  enable_dns_support   = true

  tags = {
    Name = "my-vpc-superkite"
  }
}

# Creating Gateway
resource "aws_internet_gateway" "gw" {
  vpc_id = aws_vpc.my-vpc-superkite.id

  tags = {
    Name        = "${var.environment}-igw"
    Environment = "${var.environment}"
  }
}

resource "aws_subnet" "sreejith_public_subnet" {
  vpc_id     = aws_vpc.my-vpc-superkite.id
  cidr_block = "${var.public_subnet_cidr_block}"

  tags = {
    Name        = "${var.environment}-public_subnet"
    Environment = "${var.environment}"
  }
}

resource "aws_subnet" "sreejith_private_subnet" {
  vpc_id     = aws_vpc.my-vpc-superkite.id
  cidr_block = "${var.private_subnet_cidr_block}"

  tags = {
    Name        = "${var.environment}-private_subnet"
    Environment = "${var.environment}"
  }
}

/* Elastic IP for NAT */
resource "aws_eip" "nat_eip" {
  vpc        = true
}

resource "aws_nat_gateway" "nat" {
  allocation_id = aws_eip.nat_eip.id
  subnet_id     = aws_subnet.sreejith_private_subnet.id
  depends_on    = [aws_internet_gateway.gw]
  tags = {
    Name = "superkite-nat-gateway"
  }
}

/* Routing table for private subnet */
resource "aws_route_table" "superkite-private" {
  vpc_id = aws_vpc.my-vpc-superkite.id
  tags = {
    Name        = "${var.environment}-private-route-table"
    Environment = "${var.environment}"
  }
}

/* Routing table for public subnet */
resource "aws_route_table" "superkite-public" {
  vpc_id = aws_vpc.my-vpc-superkite.id
  tags = {
    Name        = "${var.environment}-public-route-table"
    Environment = "${var.environment}"
  }
}

resource "aws_route" "public_internet_gateway" {
  route_table_id         = "${aws_route_table.superkite-private.id}"
  destination_cidr_block = "0.0.0.0/0"
  gateway_id             = "${aws_internet_gateway.gw.id}"
}

resource "aws_route" "private_internet_gateway" {
  route_table_id         = "${aws_route_table.superkite-public.id}"
  destination_cidr_block = "0.0.0.0/0"
  gateway_id             = "${aws_internet_gateway.gw.id}"
}

/* Route table associations */
resource "aws_route_table_association" "public" {
  subnet_id      = aws_subnet.sreejith_public_subnet.id
  route_table_id = aws_route_table.superkite-public.id
}

/* Route table associations */
resource "aws_route_table_association" "private" {
  subnet_id      = aws_subnet.sreejith_private_subnet.id
  route_table_id = aws_route_table.superkite-private.id
}

/*==== VPC's Default Security Group ======*/
resource "aws_security_group" "superkite_group" {
  name_prefix = "superk_"
  description = "Security group for web servers"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Environment = "asia-staging"
  }
}

variables.tf 

 

variable "cidr_block" {
  description = "The CIDR block to use for the VPC"
  type        = string
  default     = "10.0.0.0/16"
}

variable "private_subnet_cidr_block" {
  description = "The subset CIDR block to use for the VPC"
  type        = string
  default     = "10.0.1.0/26"
}

variable "public_subnet_cidr_block" {
  description = "The subset CIDR block to use for the VPC"
  type        = string
  default     = "10.0.0.0/24"
}

variable "instance_tenancy" {
  description = "instance tenancy"
  type        = string
  default     = "default"
}

variable "environment" {
  description = "instance tenancy"
  type        = string
  default     = "asia-staging"
}



provider.tf

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.59.0"
    }
  }
}

provider "aws" {
  # Configuration options
}


Comments

Post a Comment

Popular posts from this blog

Terraform : AWS : Terraform on AWS with SRE & IaC DevOps | Section 2 : Terraform basics

Image
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Username :sreejith.awsspace@gmail.com Password : E  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ How to run Ansible playbook from Terraform | Terraform Ansible Integration | WhatsAPP No-8817442344  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Learning Path Terraform  -- Whatever we do in AWS is all the services we will present Ansible -- configuration with jenkins with oracle script Linux Shell  Patching AWS SysOps last DevOps : Pipeline Terraform Basics : 4. Step-01: MacOS: Install Terraform  Install Terraform CLI  : Terraform binary which we need to install on our local desktop   AWS CLI : If we are using AWS as the provider to provision the infrastructure on AWS cloud the AWS CLI needs to be installed. VS code editor has the IDE for writing terraform configuration file  Terraform syntax related language ...
Read more

Terraform : AWS : Terraform on AWS | Section 4: Terraform Input Variables and Datasources

Image
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   25. Step-01: Introduction to Variables Section From the terraform perspective . we are going to learn the following on the left and from AWS perspective  We are going to dynamically get the latest AMI id from AWS, using data source terraform concept and then create the EC2 Instance . In addition to that we are also going to associate an existing Key pair to for whatever is present in our EC2 key Pairs to our EC2 instance when it is creating . Earlier we manually configured the NSG - Network security group. here we are going to create two resources called VPC-SSH , VPC-Web,  so that can be used to access the EC2 instance . So using ssh you should be able to access the EC2 instance and using VPC Web security will be used to access the web server. We also need to understand why are we creating two security groups ...
Read more

Terraform VPC - on AWS : Three tier architecture design

Image
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ We are going to build a three tier architecture as follows.   AWS Management Console : First Build manually  We are going to build a VPC \ We are going to create public and private subnets under two different available zone . Two more private subnets for database. In addition to that we are going to create an InternetGateway.  And add the routes for the public subnets where by incoming traffics are also allowed by this public subnets. In addition to that we will create NAT Gateway with elastic IPs. Therefore the EC2 instances in the private subnet can communicate to the internet world using the NAT gateway created on the Public subnets.  Above diagram represents what we are planning to build. We will learn about Terraform Modules and Local Values.    43 . Building VPC Manually using AWS Console. http...
Read more