├── 03_07_custommodule
    ├── modules
    │   └── nodejs-instance
    │   │   ├── README.md
    │   │   ├── outputs.tf
    │   │   ├── variables.tf
    │   │   ├── LICENSE
    │   │   └── main.tf
    ├── terraform.tfvars.backup
    ├── main.tf
    └── variables.tf
├── 02_01_variables
    ├── terraform.tfvars.backup
    └── main.tf
├── 02_11-12_modules
    ├── terraform.tfvars.backup
    └── main.tf
├── 02_02-07_variables
    ├── terraform.tfvars.backup
    └── main.tf
├── 03_02-03_remotestate
    ├── terraform.tfvars.backup
    ├── commands.txt
    ├── main.tf
    └── remote_resources
    │   └── s3_backend.tf
├── 02_08-09_expressions_functions
    ├── terraform.tfvars.backup
    └── main.tf
├── 03_04_complex
    ├── terraform.tfvars.backup
    ├── provider.tf
    ├── variables.tf
    ├── datasource.tf
    ├── vpc.tf
    ├── instance.tf
    └── security_group.tf
├── 04_04_terraform_cloud_cli
    ├── terraform.tfvars.backup
    ├── backend.tf
    ├── provider.tf
    ├── datasource.tf
    ├── vpc.tf
    ├── variables.tf
    ├── instance.tf
    └── security_group.tf
├── 04_05_terraform_cloud_vcs
    ├── terraform.tfvars.backup
    ├── variables.backup
    ├── provider.tf
    ├── datasource.tf
    ├── vpc.tf
    ├── variables.tf
    ├── instance.tf
    └── security_group.tf
├── 02_10_count
    ├── terraform.tfvars.backup
    └── main.tf
├── .github
    ├── CODEOWNERS
    ├── PULL_REQUEST_TEMPLATE.md
    └── ISSUE_TEMPLATE.md
├── 04_03_terraform_cloud
    ├── variables.backup
    ├── provider.tf
    ├── datasource.tf
    ├── variables.tf
    ├── vpc.tf
    ├── instance.tf
    └── security_group.tf
├── .gitignore
├── 03_05-06_multi_environment
    ├── manifests
    │   ├── provider.tf
    │   ├── datasource.tf
    │   ├── vpc.tf
    │   ├── variables.tf
    │   ├── instance.tf
    │   └── security_group.tf
    ├── environments
    │   ├── 1_qa
    │   │   ├── provider.tf
    │   │   └── qa.auto.tfvars.backup
    │   ├── 0_development
    │   │   ├── provider.tf
    │   │   └── development.auto.tfvars.backup
    │   └── 2_production
    │   │   ├── provider.tf
    │   │   └── production.auto.tfvars.backup
    └── commands.txt
├── 01_05_base
    ├── terraform.tfvars.backup
    └── main.tf
├── CONTRIBUTING.md
├── NOTICE
├── README.md
├── 04_02_jenkins
    └── Jenkinsfile
└── LICENSE


/03_07_custommodule/modules/nodejs-instance/README.md:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/02_01_variables/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""


--------------------------------------------------------------------------------
/02_11-12_modules/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""


--------------------------------------------------------------------------------
/02_02-07_variables/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""


--------------------------------------------------------------------------------
/03_02-03_remotestate/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""


--------------------------------------------------------------------------------
/02_08-09_expressions_functions/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""


--------------------------------------------------------------------------------
/03_04_complex/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""
4 | 
5 | region = ""


--------------------------------------------------------------------------------
/03_07_custommodule/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""
4 | 
5 | region = ""


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""
4 | 
5 | region = ""


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""
4 | 
5 | region = ""


--------------------------------------------------------------------------------
/02_10_count/terraform.tfvars.backup:
--------------------------------------------------------------------------------
1 | aws_access_key = ""
2 | 
3 | aws_secret_key = ""
4 | 
5 | iam_accounts = ["Bob","Sally","Mary","Joe"]


--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | # Codeowners for these exercise files:
2 | # * (asterisk) deotes "all files and folders"
3 | # Example: * @producer @instructor
4 | 


--------------------------------------------------------------------------------
/04_03_terraform_cloud/variables.backup:
--------------------------------------------------------------------------------
1 | variable "instance_tags" {
2 |     type = map
3 |     default = {
4 |       "environment" = "dev"
5 |     }
6 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/variables.backup:
--------------------------------------------------------------------------------
1 | variable "instance_tags" {
2 |     type = map
3 |     default = {
4 |       "environment" = "dev"
5 |     }
6 | }


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.terraform
 2 | *.pem
 3 | *.tfvars
 4 | *.tfplan
 5 | *.tfstate
 6 | *.tfstate.backup
 7 | *.lock.info
 8 | .terraform
 9 | .DS_Store
10 | commands.txt


--------------------------------------------------------------------------------
/.github/PULL_REQUEST_TEMPLATE.md:
--------------------------------------------------------------------------------
1 | <!-- This repository *does not* accept pull requests (PRs). All pull requests will be closed. See CONTRIBUTING.md for further details. -->
2 | 


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/backend.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   backend "remote" {
 3 |     organization = "red30"
 4 | 
 5 |     workspaces {
 6 |       name = "cli-workspace"
 7 |     }
 8 |   }
 9 | }
10 | 


--------------------------------------------------------------------------------
/03_07_custommodule/modules/nodejs-instance/outputs.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # OUTPUT
3 | # //////////////////////////////
4 | output "instance_dns" {
5 |   value = aws_instance.nodejs.*.public_dns
6 | }


--------------------------------------------------------------------------------
/03_04_complex/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/1_qa/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/0_development/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/2_production/provider.tf:
--------------------------------------------------------------------------------
1 | # //////////////////////////////
2 | # PROVIDERS
3 | # //////////////////////////////
4 | provider "aws" {
5 |   access_key = var.aws_access_key
6 |   secret_key = var.aws_secret_key
7 |   region     = var.region
8 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/1_qa/qa.auto.tfvars.backup:
--------------------------------------------------------------------------------
 1 | aws_access_key = ""
 2 | 
 3 | aws_secret_key = ""
 4 | 
 5 | region = ""
 6 | 
 7 | env_instance_type = "t2.micro"
 8 | 
 9 | env_instance_tags = {
10 |     "environment" = "qa"
11 | }
12 | 
13 | env_instance_count = 2


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/0_development/development.auto.tfvars.backup:
--------------------------------------------------------------------------------
 1 | aws_access_key = ""
 2 | 
 3 | aws_secret_key = ""
 4 | 
 5 | region = ""
 6 | 
 7 | env_instance_type = "t2.micro"
 8 | 
 9 | env_instance_tags = {
10 |     "environment" = "development"
11 | }
12 | 
13 | env_instance_count = 1


--------------------------------------------------------------------------------
/03_05-06_multi_environment/environments/2_production/production.auto.tfvars.backup:
--------------------------------------------------------------------------------
 1 | aws_access_key = ""
 2 | 
 3 | aws_secret_key = ""
 4 | 
 5 | region = ""
 6 | 
 7 | env_instance_type = "t2.micro"
 8 | 
 9 | env_instance_tags = {
10 |     "environment" = "production"
11 | }
12 | 
13 | env_instance_count = 4


--------------------------------------------------------------------------------
/03_02-03_remotestate/commands.txt:
--------------------------------------------------------------------------------
1 | terraform init \
2 |     -backend-config="bucket=red30-tfstate" \
3 |     -backend-config="key=red30/ecommerceapp/app.state" \
4 |     -backend-config="region=us-east-2" \
5 |     -backend-config="dynamodb_table=red30-tfstatelock" \
6 |     -backend-config="access_key={ACCESS_KEY}" \
7 |     -backend-config="secret_key={SECRET_KEY}"
8 | 


--------------------------------------------------------------------------------
/01_05_base/terraform.tfvars.backup:
--------------------------------------------------------------------------------
 1 | # MAC/LINUX
 2 | # aws ec2 create-key-pair --key-name tf_key --query 'KeyMaterial' --output text > tf_key.pem
 3 | ###
 4 | # WINDOWS
 5 | # aws ec2 create-key-pair --key-name tf_key --query 'KeyMaterial' --output text | out-file -encoding ascii -filepath tf_key.pem
 6 | 
 7 | aws_access_key = ""
 8 | 
 9 | aws_secret_key = ""
10 | 
11 | ssh_key_name = ""
12 | 
13 | private_key_path = ""


--------------------------------------------------------------------------------
/03_04_complex/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | # //////////////////////////////
13 | # OUTPUT
14 | # //////////////////////////////
15 | output "instance-ip" {
16 |   value = module.ec2_cluster.public_ip
17 | }


--------------------------------------------------------------------------------
/03_07_custommodule/main.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # PROVIDERS
 3 | # //////////////////////////////
 4 | provider "aws" {
 5 |   access_key = var.aws_access_key
 6 |   secret_key = var.aws_secret_key
 7 |   region     = var.region
 8 | }
 9 | 
10 | module "node_instance" {
11 |     source = "./modules/nodejs-instance"
12 |     instance_count = 2
13 |     environment_tags = {
14 |         "environment_id" = "development"
15 |     }
16 | }


--------------------------------------------------------------------------------
/03_07_custommodule/modules/nodejs-instance/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "ami_id" {
 2 |     description = "The ID of the NodeJS AMI to deploy"
 3 |     default = "ami-6685a403"
 4 | }
 5 | 
 6 | variable instance_count {
 7 |   type = number
 8 |   default = 1
 9 | }
10 | 
11 | variable "vpc_cidr" {
12 |   default = "172.16.0.0/16"
13 | }
14 | 
15 | variable "subnet_cidr" {
16 |   default = "172.16.0.0/24"
17 | }
18 | 
19 | variable environment_tags {
20 |     type = map(string)
21 | }


--------------------------------------------------------------------------------
/03_04_complex/datasource.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # DATA
 3 | # //////////////////////////////
 4 | data "aws_ami" "aws-linux" {
 5 |   most_recent = true
 6 |   owners      = ["amazon"]
 7 | 
 8 |   filter {
 9 |     name   = "name"
10 |     values = ["amzn-ami-hvm*"]
11 |   }
12 | 
13 |   filter {
14 |     name   = "root-device-type"
15 |     values = ["ebs"]
16 |   }
17 | 
18 |   filter {
19 |     name   = "virtualization-type"
20 |     values = ["hvm"]
21 |   }
22 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/datasource.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # DATA
 3 | # //////////////////////////////
 4 | data "aws_ami" "aws-linux" {
 5 |   most_recent = true
 6 |   owners      = ["amazon"]
 7 | 
 8 |   filter {
 9 |     name   = "name"
10 |     values = ["amzn-ami-hvm*"]
11 |   }
12 | 
13 |   filter {
14 |     name   = "root-device-type"
15 |     values = ["ebs"]
16 |   }
17 | 
18 |   filter {
19 |     name   = "virtualization-type"
20 |     values = ["hvm"]
21 |   }
22 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/datasource.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # DATA
 3 | # //////////////////////////////
 4 | data "aws_ami" "aws-linux" {
 5 |   most_recent = true
 6 |   owners      = ["amazon"]
 7 | 
 8 |   filter {
 9 |     name   = "name"
10 |     values = ["amzn-ami-hvm*"]
11 |   }
12 | 
13 |   filter {
14 |     name   = "root-device-type"
15 |     values = ["ebs"]
16 |   }
17 | 
18 |   filter {
19 |     name   = "virtualization-type"
20 |     values = ["hvm"]
21 |   }
22 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/datasource.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # DATA
 3 | # //////////////////////////////
 4 | data "aws_ami" "aws-linux" {
 5 |   most_recent = true
 6 |   owners      = ["amazon"]
 7 | 
 8 |   filter {
 9 |     name   = "name"
10 |     values = ["amzn-ami-hvm*"]
11 |   }
12 | 
13 |   filter {
14 |     name   = "root-device-type"
15 |     values = ["ebs"]
16 |   }
17 | 
18 |   filter {
19 |     name   = "virtualization-type"
20 |     values = ["hvm"]
21 |   }
22 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/datasource.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # DATA
 3 | # //////////////////////////////
 4 | data "aws_ami" "aws-linux" {
 5 |   most_recent = true
 6 |   owners      = ["amazon"]
 7 | 
 8 |   filter {
 9 |     name   = "name"
10 |     values = ["amzn-ami-hvm*"]
11 |   }
12 | 
13 |   filter {
14 |     name   = "root-device-type"
15 |     values = ["ebs"]
16 |   }
17 | 
18 |   filter {
19 |     name   = "virtualization-type"
20 |     values = ["hvm"]
21 |   }
22 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | variable "instance_count" {
13 |   type = number
14 |   default = 1
15 | }
16 | 
17 | # //////////////////////////////
18 | # OUTPUT
19 | # //////////////////////////////
20 | output "instance-ip" {
21 |   value = module.ec2_cluster.public_ip
22 | }


--------------------------------------------------------------------------------
/03_04_complex/vpc.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VPC
 3 | # //////////////////////////////
 4 | module "vpc" {
 5 |   source = "terraform-aws-modules/vpc/aws"
 6 |   name = "frontend-vpc"
 7 |   cidr = "10.0.0.0/16"
 8 | 
 9 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
10 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
11 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
12 | 
13 |   enable_nat_gateway = true
14 |   single_nat_gateway = true
15 |   # one_nat_gateway_per_az = true
16 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/vpc.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VPC
 3 | # //////////////////////////////
 4 | module "vpc" {
 5 |   source = "terraform-aws-modules/vpc/aws"
 6 |   name = "frontend-vpc"
 7 |   cidr = "10.0.0.0/16"
 8 | 
 9 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
10 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
11 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
12 | 
13 |   enable_nat_gateway = true
14 |   single_nat_gateway = true
15 |   # one_nat_gateway_per_az = true
16 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/vpc.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VPC
 3 | # //////////////////////////////
 4 | module "vpc" {
 5 |   source = "terraform-aws-modules/vpc/aws"
 6 |   name = "frontend-vpc"
 7 |   cidr = "10.0.0.0/16"
 8 | 
 9 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
10 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
11 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
12 | 
13 |   enable_nat_gateway = true
14 |   single_nat_gateway = true
15 |   # one_nat_gateway_per_az = true
16 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/vpc.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VPC
 3 | # //////////////////////////////
 4 | module "vpc" {
 5 |   source = "terraform-aws-modules/vpc/aws"
 6 |   name = "frontend-vpc"
 7 |   cidr = "10.0.0.0/16"
 8 | 
 9 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
10 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
11 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
12 | 
13 |   enable_nat_gateway = true
14 |   single_nat_gateway = true
15 |   # one_nat_gateway_per_az = true
16 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/vpc.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VPC
 3 | # //////////////////////////////
 4 | module "vpc" {
 5 |   source = "terraform-aws-modules/vpc/aws"
 6 |   name = "frontend-vpc"
 7 |   cidr = "10.0.0.0/16"
 8 | 
 9 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
10 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
11 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
12 | 
13 |   enable_nat_gateway = true
14 |   single_nat_gateway = true
15 |   # one_nat_gateway_per_az = true
16 | }


--------------------------------------------------------------------------------
/03_07_custommodule/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | variable "vpc_cidr" {
13 |   default = "172.16.0.0/16"
14 | }
15 | 
16 | variable "subnet_cidr" {
17 |   default = "172.16.0.0/24"
18 | }
19 | 
20 | # //////////////////////////////
21 | # OUTPUT
22 | # //////////////////////////////
23 | output "instance_dns" {
24 |   value = module.node_instance.instance_dns
25 | }


--------------------------------------------------------------------------------
/03_04_complex/instance.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # EC2 MODULE
 3 | # //////////////////////////////
 4 | module "ec2_cluster" {
 5 |   source                 = "terraform-aws-modules/ec2-instance/aws"
 6 |   version                = "~> 2.0"
 7 | 
 8 |   name                   = "frontend-linux"
 9 |   instance_count         = 1
10 | 
11 |   ami                    = data.aws_ami.aws-linux.id
12 |   instance_type          = "t2.micro"
13 | 
14 |   vpc_security_group_ids = [aws_security_group.sg_frontend.id]
15 |   subnet_id              = module.vpc.public_subnets[1]
16 | 
17 | }


--------------------------------------------------------------------------------
/03_07_custommodule/modules/nodejs-instance/LICENSE:
--------------------------------------------------------------------------------
 1 | Licensed under the Apache License, Version 2.0 (the "License");
 2 | you may not use this file except in compliance with the License.
 3 | You may obtain a copy of the License at
 4 | 
 5 |     http://www.apache.org/licenses/LICENSE-2.0
 6 | 
 7 | Unless required by applicable law or agreed to in writing, software
 8 | distributed under the License is distributed on an "AS IS" BASIS,
 9 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10 | See the License for the specific language governing permissions and
11 | limitations under the License.


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | variable env_instance_type {}
13 | 
14 | 
15 | variable env_instance_tags {
16 |     type = map(string)
17 | }
18 | 
19 | variable env_instance_count {
20 |   type = number
21 | }
22 | 
23 | # //////////////////////////////
24 | # OUTPUT
25 | # //////////////////////////////
26 | output "instance-ip" {
27 |   value = module.ec2_cluster.public_ip
28 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | variable "instance_count" {
13 |   type = number
14 |   default = 1
15 | }
16 | 
17 | variable "instance_tags" {
18 |     type = map
19 |     default = {
20 |       "environment" = "dev"
21 |     }
22 | }
23 | # //////////////////////////////
24 | # OUTPUT
25 | # //////////////////////////////
26 | output "instance-ip" {
27 |   value = module.ec2_cluster.public_ip
28 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/instance.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # EC2 MODULE
 3 | # //////////////////////////////
 4 | module "ec2_cluster" {
 5 |   source                 = "terraform-aws-modules/ec2-instance/aws"
 6 |   version                = "~> 2.0"
 7 | 
 8 |   name                   = "frontend-linux"
 9 |   instance_count         = var.instance_count
10 | 
11 |   ami                    = data.aws_ami.aws-linux.id
12 |   instance_type          = "t2.micro"
13 | 
14 |   vpc_security_group_ids = [aws_security_group.sg_frontend.id]
15 |   subnet_id              = module.vpc.public_subnets[1]
16 | 
17 |   tags = var.instance_tags
18 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/variables.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | variable "instance_count" {
13 |   type = number
14 |   default = 1
15 | }
16 | 
17 | variable "instance_tags" {
18 |     type = map
19 |     default = {
20 |       "environment" = "dev"
21 |     }
22 | }
23 | 
24 | # //////////////////////////////
25 | # OUTPUT
26 | # //////////////////////////////
27 | output "instance-ip" {
28 |   value = module.ec2_cluster.public_ip
29 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/instance.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # EC2 MODULE
 3 | # //////////////////////////////
 4 | module "ec2_cluster" {
 5 |   source                 = "terraform-aws-modules/ec2-instance/aws"
 6 |   version                = "~> 2.0"
 7 | 
 8 |   name                   = "frontend-linux"
 9 |   instance_count         = var.instance_count
10 | 
11 |   ami                    = data.aws_ami.aws-linux.id
12 |   instance_type          = "t2.micro"
13 | 
14 |   vpc_security_group_ids = [aws_security_group.sg_frontend.id]
15 |   subnet_id              = module.vpc.public_subnets[1]
16 | 
17 |   tags = var.instance_tags
18 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/instance.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # EC2 MODULE
 3 | # //////////////////////////////
 4 | module "ec2_cluster" {
 5 |   source                 = "terraform-aws-modules/ec2-instance/aws"
 6 |   version                = "~> 2.0"
 7 | 
 8 |   name                   = "frontend-linux"
 9 |   instance_count         = var.instance_count
10 | 
11 |   ami                    = data.aws_ami.aws-linux.id
12 |   instance_type          = "t2.micro"
13 | 
14 |   vpc_security_group_ids = [aws_security_group.sg_frontend.id]
15 |   subnet_id              = module.vpc.public_subnets[1]
16 | 
17 |   tags = var.instance_tags
18 | }


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | 
2 | Contribution Agreement
3 | ======================
4 | 
5 | This repository does not accept pull requests (PRs). All pull requests will be closed.
6 | 
7 | However, if any contributions (through pull requests, issues, feedback or otherwise) are provided, as a contributor, you represent that the code you submit is your original work or that of your employer (in which case you represent you have the right to bind your employer). By submitting code (or otherwise providing feedback), you (and, if applicable, your employer) are licensing the submitted code (and/or feedback) to LinkedIn and the open source community subject to the BSD 2-Clause license.
8 | 


--------------------------------------------------------------------------------
/NOTICE:
--------------------------------------------------------------------------------
 1 | Copyright 2019 LinkedIn Corporation
 2 | All Rights Reserved.
 3 | 
 4 | Licensed under the LinkedIn Learning Exercise File License (the "License").
 5 | See LICENSE in the project root for license information.
 6 | 
 7 | Please note, this project may automatically load third party code from external 
 8 | repositories (for example, NPM modules, Composer packages, or other dependencies). 
 9 | If so, such third party code may be subject to other license terms than as set 
10 | forth above. In addition, such third party code may also depend on and load 
11 | multiple tiers of dependencies. Please review the applicable licenses of the 
12 | additional dependencies.
13 | 


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/instance.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # EC2 MODULE
 3 | # //////////////////////////////
 4 | module "ec2_cluster" {
 5 |   source                 = "terraform-aws-modules/ec2-instance/aws"
 6 |   version                = "~> 2.0"
 7 | 
 8 |   name                   = "frontend-linux"
 9 |   instance_count         = var.env_instance_count
10 | 
11 |   ami                    = data.aws_ami.aws-linux.id
12 |   instance_type          = var.env_instance_type
13 | 
14 |   vpc_security_group_ids = [aws_security_group.sg_frontend.id]
15 |   subnet_id              = module.vpc.public_subnets[1]
16 | 
17 |   tags = var.env_instance_tags
18 | }


--------------------------------------------------------------------------------
/03_04_complex/security_group.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # SECURITY GROUP
 3 | # //////////////////////////////
 4 | resource "aws_security_group" "sg_frontend" {
 5 |   name   = "sg_frontend"
 6 |   vpc_id = module.vpc.vpc_id
 7 | 
 8 |   ingress {
 9 |     from_port = 80
10 |     to_port = 80
11 |     protocol = "tcp"
12 |     cidr_blocks = ["0.0.0.0/0"]
13 |   }
14 | 
15 |   ingress {
16 |     from_port = 443
17 |     to_port = 443
18 |     protocol = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   ingress {
23 |     from_port = 22
24 |     to_port = 22
25 |     protocol = "tcp"
26 |     cidr_blocks = ["0.0.0.0/0"]
27 |   }
28 | 
29 |   egress {
30 |     from_port = 0
31 |     to_port = 0
32 |     protocol = "-1"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 | }


--------------------------------------------------------------------------------
/04_03_terraform_cloud/security_group.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # SECURITY GROUP
 3 | # //////////////////////////////
 4 | resource "aws_security_group" "sg_frontend" {
 5 |   name   = "sg_frontend"
 6 |   vpc_id = module.vpc.vpc_id
 7 | 
 8 |   ingress {
 9 |     from_port = 80
10 |     to_port = 80
11 |     protocol = "tcp"
12 |     cidr_blocks = ["0.0.0.0/0"]
13 |   }
14 | 
15 |   ingress {
16 |     from_port = 443
17 |     to_port = 443
18 |     protocol = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   ingress {
23 |     from_port = 22
24 |     to_port = 22
25 |     protocol = "tcp"
26 |     cidr_blocks = ["0.0.0.0/0"]
27 |   }
28 | 
29 |   egress {
30 |     from_port = 0
31 |     to_port = 0
32 |     protocol = "-1"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 | }


--------------------------------------------------------------------------------
/04_04_terraform_cloud_cli/security_group.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # SECURITY GROUP
 3 | # //////////////////////////////
 4 | resource "aws_security_group" "sg_frontend" {
 5 |   name   = "sg_frontend"
 6 |   vpc_id = module.vpc.vpc_id
 7 | 
 8 |   ingress {
 9 |     from_port = 80
10 |     to_port = 80
11 |     protocol = "tcp"
12 |     cidr_blocks = ["0.0.0.0/0"]
13 |   }
14 | 
15 |   ingress {
16 |     from_port = 443
17 |     to_port = 443
18 |     protocol = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   ingress {
23 |     from_port = 22
24 |     to_port = 22
25 |     protocol = "tcp"
26 |     cidr_blocks = ["0.0.0.0/0"]
27 |   }
28 | 
29 |   egress {
30 |     from_port = 0
31 |     to_port = 0
32 |     protocol = "-1"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 | }


--------------------------------------------------------------------------------
/04_05_terraform_cloud_vcs/security_group.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # SECURITY GROUP
 3 | # //////////////////////////////
 4 | resource "aws_security_group" "sg_frontend" {
 5 |   name   = "sg_frontend"
 6 |   vpc_id = module.vpc.vpc_id
 7 | 
 8 |   ingress {
 9 |     from_port = 80
10 |     to_port = 80
11 |     protocol = "tcp"
12 |     cidr_blocks = ["0.0.0.0/0"]
13 |   }
14 | 
15 |   ingress {
16 |     from_port = 443
17 |     to_port = 443
18 |     protocol = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   ingress {
23 |     from_port = 22
24 |     to_port = 22
25 |     protocol = "tcp"
26 |     cidr_blocks = ["0.0.0.0/0"]
27 |   }
28 | 
29 |   egress {
30 |     from_port = 0
31 |     to_port = 0
32 |     protocol = "-1"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/manifests/security_group.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # SECURITY GROUP
 3 | # //////////////////////////////
 4 | resource "aws_security_group" "sg_frontend" {
 5 |   name   = "sg_frontend"
 6 |   vpc_id = module.vpc.vpc_id
 7 | 
 8 |   ingress {
 9 |     from_port = 80
10 |     to_port = 80
11 |     protocol = "tcp"
12 |     cidr_blocks = ["0.0.0.0/0"]
13 |   }
14 | 
15 |   ingress {
16 |     from_port = 443
17 |     to_port = 443
18 |     protocol = "tcp"
19 |     cidr_blocks = ["0.0.0.0/0"]
20 |   }
21 | 
22 |   ingress {
23 |     from_port = 22
24 |     to_port = 22
25 |     protocol = "tcp"
26 |     cidr_blocks = ["0.0.0.0/0"]
27 |   }
28 | 
29 |   egress {
30 |     from_port = 0
31 |     to_port = 0
32 |     protocol = "-1"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 | }


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE.md:
--------------------------------------------------------------------------------
 1 | <!--
 2 | BEFORE POSTING YOUR ISSUE:
 3 | - These comments won't show up when you submit the issue.
 4 | - Please use the sections below to provide information about the issue.
 5 | - Be specific: Add as much detail as possible.
 6 | -->
 7 | 
 8 | ## Issue Overview
 9 | <!-- A brief overview of the issue --->
10 | 
11 | ## Describe your environment
12 | <!-- Provide details about your environment: what editor, browser, and other software you are using and any other specifics to your setup -->
13 | 
14 | ## Steps to Reproduce
15 | <!-- Provide an unambiguous set of steps to reproduce this bug. Include code to reproduce, if relevant. Include a live link if available. -->
16 | 1.
17 | 2.
18 | 3.
19 | 4.
20 | 
21 | ## Expected Behavior
22 | <!-- What behavior did you expect? -->
23 | 
24 | ## Current Behavior
25 | <!-- What happened instead of the expected behavior? Describe the difference. -->
26 | 
27 | ## Possible Solution
28 | <!-- Optional: Do you have a fix or a suggestion on how to fix the issue? -->
29 | 
30 | ## Screenshots / Video
31 | <!-- Optional: Add any screenshots or video of the issue if available. -->
32 | 
33 | ## Related Issues
34 | <!-- List related issues -->
35 | 


--------------------------------------------------------------------------------
/03_02-03_remotestate/main.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # BACKEND
 3 | # //////////////////////////////
 4 | terraform {
 5 |   backend "s3" {
 6 |   }
 7 | }
 8 | 
 9 | # //////////////////////////////
10 | # VARIABLES
11 | # //////////////////////////////
12 | variable "aws_access_key" {}
13 | 
14 | variable "aws_secret_key" {}
15 | 
16 | variable "region" {
17 |   default = "us-east-2"
18 | }
19 | 
20 | variable "vpc_cidr" {
21 |   default = "172.16.0.0/16"
22 | }
23 | 
24 | variable "subnet1_cidr" {
25 |   default = "172.16.0.0/24"
26 | }
27 | 
28 | # //////////////////////////////
29 | # PROVIDERS
30 | # //////////////////////////////
31 | provider "aws" {
32 |   access_key = var.aws_access_key
33 |   secret_key = var.aws_secret_key
34 |   region     = var.region
35 | }
36 | 
37 | 
38 | # //////////////////////////////
39 | # MODULES
40 | # //////////////////////////////
41 | module "vpc" {
42 |   source = "terraform-aws-modules/vpc/aws"
43 | 
44 |   name = "vpc-module-example"
45 | 
46 |   cidr = "10.0.0.0/16"
47 | 
48 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
49 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
50 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
51 | 
52 |   enable_nat_gateway = true
53 |   single_nat_gateway = true
54 | }


--------------------------------------------------------------------------------
/03_05-06_multi_environment/commands.txt:
--------------------------------------------------------------------------------
 1 | export AWS_PAGER=""
 2 | 
 3 | --ALL INSTANCES--
 4 |     aws ec2 describe-instances \
 5 |     --filters Name=tag-key,Values=Name \
 6 |     --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value,Environment:Tags[?Key==`environment`]|[0].Value}' \
 7 |     --output table
 8 | 
 9 | --DEV INSTANCES--
10 |     aws ec2 describe-instances \
11 |     --filters Name=tag:environment,Values=development \
12 |     --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value,Environment:Tags[?Key==`environment`]|[0].Value}' \
13 |     --output table
14 | 
15 | --QA INSTANCES--
16 |     aws ec2 describe-instances \
17 |     --filters Name=tag:environment,Values=qa \
18 |     --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value,Environment:Tags[?Key==`environment`]|[0].Value}' \
19 |     --output table
20 | 
21 | --PRODUCTION INSTANCES--
22 |     aws ec2 describe-instances \
23 |     --filters Name=tag:environment,Values=production \
24 |     --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value,Environment:Tags[?Key==`environment`]|[0].Value}' \
25 |     --output table
26 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Advanced Terraform
 2 | This is the repository for the LinkedIn Learning course Advanced Terraform. The full course is available from [LinkedIn Learning][lil-course-url].
 3 | 
 4 | ![Advanced Terraform][lil-thumbnail-url] 
 5 | Terraform simplifies and accelerates the configuration of cloud-based environments. DevOps engineers looking to use Terraform in the real world can start by learning how to work with the Terraform CLI and the HashiCorp Configuration Language (HCL). In this course, David Swersky covers these concepts and more, helping you go beyond the basics with this powerful infrastructure as code solution. Using practical use cases, David shows how to manage and automate your infrastructure with Terraform. He steps through how to analyze an existing application running in a client's data center, and design a Terraform configuration that supports the application in AWS. He also goes over advanced concepts, including how to set the values of variables in a Terraform configuration. Plus, he steps through how to develop an application infrastructure with Terraform, create an infrastructure CI/CD pipeline using GitHub and Terraform Cloud, and more.
 6 | 
 7 | ## Instructions
 8 | This repository has a folder for each of the videos in the course. The naming convention is [CHAPTER]_[NAME], e.g.: **01_05_base**
 9 | 
10 | 
11 | ## Installing
12 | 1. To use these exercise files, you must have the following installed:
13 | 	- [list of requirements for course]
14 | 2. Fork this repository to your own account
15 | 3. Clone your fork to your local machine using the terminal (Mac), CMD (Windows), or a GUI tool like SourceTree.
16 | 
17 | ### Instructor
18 | 
19 | **David Swersky**
20 | 
21 | _DevOps and Enterprise Architect with 20+ years of IT experience_
22 | 
23 | Check out some of my other courses on [LinkedIn Learning](https://www.linkedin.com/learning/instructors/david-swersky).
24 | 
25 | [lil-course-url]: https://www.linkedin.com/learning/advanced-terraform
26 | [lil-thumbnail-url]: https://cdn.lynda.com/course/2823489/2823489-1604938909984-16x9.jpg
27 | 


--------------------------------------------------------------------------------
/03_07_custommodule/modules/nodejs-instance/main.tf:
--------------------------------------------------------------------------------
 1 | # VPC
 2 | resource "aws_vpc" "vpc" {
 3 |   cidr_block = var.vpc_cidr
 4 |   enable_dns_hostnames = "true"
 5 | }
 6 | 
 7 | # SUBNET
 8 | resource "aws_subnet" "subnet" {
 9 |   cidr_block = var.subnet_cidr
10 |   vpc_id = aws_vpc.vpc.id
11 |   map_public_ip_on_launch = "true"
12 |   availability_zone = data.aws_availability_zones.available.names[1]
13 | }
14 | 
15 | # INTERNET_GATEWAY
16 | resource "aws_internet_gateway" "igw" {
17 |   vpc_id = aws_vpc.vpc.id
18 | }
19 | 
20 | # ROUTE_TABLE
21 | resource "aws_route_table" "route_table" {
22 |   vpc_id = aws_vpc.vpc.id
23 | 
24 |   route {
25 |     cidr_block = "0.0.0.0/0"
26 |     gateway_id = aws_internet_gateway.igw.id
27 |   }
28 | }
29 | 
30 | resource "aws_route_table_association" "rta" {
31 |   subnet_id = aws_subnet.subnet.id
32 |   route_table_id = aws_route_table.route_table.id
33 | }
34 | 
35 | # SECURITY_GROUP
36 | resource "aws_security_group" "sg-nodejs-instance" {
37 |   name = "nodejs_sg"
38 |   vpc_id = aws_vpc.vpc.id
39 | 
40 |   ingress {
41 |     from_port = 80
42 |     to_port = 80
43 |     protocol = "tcp"
44 |     cidr_blocks = ["0.0.0.0/0"]
45 |   }
46 | 
47 |   ingress {
48 |     from_port = 443
49 |     to_port = 443
50 |     protocol = "tcp"
51 |     cidr_blocks = ["0.0.0.0/0"]
52 |   }
53 | 
54 |   ingress {
55 |     from_port = 22
56 |     to_port = 22
57 |     protocol = "tcp"
58 |     cidr_blocks = ["0.0.0.0/0"]
59 |   }
60 |   
61 |   egress {
62 |     from_port = 0
63 |     to_port = 0
64 |     protocol = "-1"
65 |     cidr_blocks = ["0.0.0.0/0"]
66 |   }
67 | }
68 | 
69 | # INSTANCE
70 | resource "aws_instance" "nodejs" {
71 |   count = var.instance_count
72 |   
73 |   ami = var.ami_id
74 |   instance_type = "t2.micro"
75 |   subnet_id = aws_subnet.subnet.id
76 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
77 | 
78 |   tags = var.environment_tags
79 | }
80 | 
81 | # //////////////////////////////
82 | # DATA
83 | # //////////////////////////////
84 | data "aws_availability_zones" "available" {
85 |   state = "available"
86 | }


--------------------------------------------------------------------------------
/02_11-12_modules/main.tf:
--------------------------------------------------------------------------------
 1 | # //////////////////////////////
 2 | # VARIABLES
 3 | # //////////////////////////////
 4 | variable "aws_access_key" {}
 5 | 
 6 | variable "aws_secret_key" {}
 7 | 
 8 | variable "region" {
 9 |   default = "us-east-2"
10 | }
11 | 
12 | 
13 | # //////////////////////////////
14 | # PROVIDERS
15 | # //////////////////////////////
16 | provider "aws" {
17 |   access_key = var.aws_access_key
18 |   secret_key = var.aws_secret_key
19 |   region     = var.region
20 | }
21 | 
22 | # //////////////////////////////
23 | # SECURITY GROUP
24 | # //////////////////////////////
25 | resource "aws_security_group" "sg_frontend" {
26 |   name   = "sg_frontend"
27 |   vpc_id = module.vpc.vpc_id
28 | 
29 |   ingress {
30 |     from_port = 80
31 |     to_port = 80
32 |     protocol = "tcp"
33 |     cidr_blocks = ["0.0.0.0/0"]
34 |   }
35 | 
36 |   ingress {
37 |     from_port = 443
38 |     to_port = 443
39 |     protocol = "tcp"
40 |     cidr_blocks = ["0.0.0.0/0"]
41 |   }
42 | 
43 |   ingress {
44 |     from_port = 22
45 |     to_port = 22
46 |     protocol = "tcp"
47 |     cidr_blocks = ["0.0.0.0/0"]
48 |   }
49 | 
50 |   egress {
51 |     from_port = 0
52 |     to_port = 0
53 |     protocol = "-1"
54 |     cidr_blocks = ["0.0.0.0/0"]
55 |   }
56 | 
57 | }
58 | 
59 | # //////////////////////////////
60 | # MODULES
61 | # //////////////////////////////
62 | module "vpc" {
63 |   source = "terraform-aws-modules/vpc/aws"
64 |   name = "frontend-vpc"
65 |   cidr = "10.0.0.0/16"
66 | 
67 |   azs             = ["us-east-2a", "us-east-2b", "us-east-2c"]
68 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
69 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
70 | 
71 |   enable_nat_gateway = true
72 |   single_nat_gateway = true
73 |   # one_nat_gateway_per_az = true
74 | }
75 | 
76 | 
77 | # //////////////////////////////
78 | # DATA
79 | # //////////////////////////////
80 | data "aws_ami" "aws-linux" {
81 |   most_recent = true
82 |   owners      = ["amazon"]
83 | 
84 |   filter {
85 |     name   = "name"
86 |     values = ["amzn-ami-hvm*"]
87 |   }
88 | 
89 |   filter {
90 |     name   = "root-device-type"
91 |     values = ["ebs"]
92 |   }
93 | 
94 |   filter {
95 |     name   = "virtualization-type"
96 |     values = ["hvm"]
97 |   }
98 | }


--------------------------------------------------------------------------------
/03_02-03_remotestate/remote_resources/s3_backend.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "bucket_name" {
  9 |   default = "red30-tfstate"
 10 | }
 11 | 
 12 | # //////////////////////////////
 13 | # PROVIDER
 14 | # //////////////////////////////
 15 | provider "aws" {
 16 |   access_key = var.aws_access_key
 17 |   secret_key = var.aws_secret_key
 18 |   region = "us-east-2"
 19 | }
 20 | 
 21 | # //////////////////////////////
 22 | # TERRAFORM USER
 23 | # //////////////////////////////
 24 | data "aws_iam_user" "terraform" {
 25 |   user_name = "terraform"
 26 | }
 27 | 
 28 | # //////////////////////////////
 29 | # S3 BUCKET
 30 | # //////////////////////////////
 31 | resource "aws_s3_bucket" "red30-tfremotestate" {
 32 |   bucket = var.bucket_name
 33 |   force_destroy = true
 34 |   acl = "private"
 35 | 
 36 |   versioning {
 37 |     enabled = true
 38 |   }
 39 | 
 40 |   # Grant read/write access to the terraform user
 41 |   policy = <<EOF
 42 | {
 43 |     "Version": "2008-10-17",
 44 |     "Statement": [
 45 |         {
 46 |             "Sid": "",
 47 |             "Effect": "Allow",
 48 |             "Principal": {
 49 |                 "AWS": "${data.aws_iam_user.terraform.arn}"
 50 |             },
 51 |             "Action": "s3:*",
 52 |             "Resource": "arn:aws:s3:::${var.bucket_name}/*"
 53 |         }
 54 |     ]
 55 | }
 56 | EOF
 57 | }
 58 | 
 59 | resource "aws_s3_bucket_public_access_block" "red30-tfremotestate" {
 60 |   bucket = aws_s3_bucket.red30-tfremotestate.id
 61 | 
 62 |   block_public_acls   = true
 63 |   block_public_policy = true
 64 |   ignore_public_acls = true
 65 |   restrict_public_buckets = true
 66 | }
 67 | 
 68 | # //////////////////////////////
 69 | # DYNAMODB TABLE
 70 | # //////////////////////////////
 71 | resource "aws_dynamodb_table" "tf_db_statelock" {
 72 |   name           = "red30-tfstatelock"
 73 |   read_capacity  = 20
 74 |   write_capacity = 20
 75 |   hash_key       = "LockID"
 76 | 
 77 |   attribute {
 78 |     name = "LockID"
 79 |     type = "S"
 80 |   }
 81 | }
 82 | 
 83 | # //////////////////////////////
 84 | # IAM POLICY
 85 | # //////////////////////////////
 86 | resource "aws_iam_user_policy" "terraform_user_dbtable" {
 87 |   name = "terraform"
 88 |   user = data.aws_iam_user.terraform.user_name
 89 |   policy = <<EOF
 90 | {
 91 |     "Version": "2012-10-17",
 92 |     "Statement": [
 93 |         {
 94 |             "Effect": "Allow",
 95 |             "Action": ["dynamodb:*"],
 96 |             "Resource": [
 97 |                 "${aws_dynamodb_table.tf_db_statelock.arn}"
 98 |             ]
 99 |         }
100 |    ]
101 | }
102 | 
103 | EOF
104 | }
105 | 
106 | 


--------------------------------------------------------------------------------
/01_05_base/main.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "ssh_key_name" {}
  9 | 
 10 | variable "private_key_path" {}
 11 | 
 12 | variable "region" {
 13 |   default = "us-east-2"
 14 | }
 15 | 
 16 | variable "vpc_cidr" {
 17 |   default = "172.16.0.0/16"
 18 | }
 19 | 
 20 | variable "subnet1_cidr" {
 21 |   default = "172.16.0.0/24"
 22 | }
 23 | 
 24 | # //////////////////////////////
 25 | # PROVIDERS
 26 | # //////////////////////////////
 27 | provider "aws" {
 28 |   access_key = var.aws_access_key
 29 |   secret_key = var.aws_secret_key
 30 |   region     = var.region
 31 | }
 32 | 
 33 | # //////////////////////////////
 34 | # RESOURCES
 35 | # //////////////////////////////
 36 | 
 37 | # VPC
 38 | resource "aws_vpc" "vpc1" {
 39 |   cidr_block = var.vpc_cidr
 40 |   enable_dns_hostnames = "true"
 41 | }
 42 | 
 43 | # SUBNET
 44 | resource "aws_subnet" "subnet1" {
 45 |   cidr_block = var.subnet1_cidr
 46 |   vpc_id = aws_vpc.vpc1.id
 47 |   map_public_ip_on_launch = "true"
 48 |   availability_zone = data.aws_availability_zones.available.names[1]
 49 | }
 50 | 
 51 | # INTERNET_GATEWAY
 52 | resource "aws_internet_gateway" "gateway1" {
 53 |   vpc_id = aws_vpc.vpc1.id
 54 | }
 55 | 
 56 | # ROUTE_TABLE
 57 | resource "aws_route_table" "route_table1" {
 58 |   vpc_id = aws_vpc.vpc1.id
 59 | 
 60 |   route {
 61 |     cidr_block = "0.0.0.0/0"
 62 |     gateway_id = aws_internet_gateway.gateway1.id
 63 |   }
 64 | }
 65 | 
 66 | resource "aws_route_table_association" "route-subnet1" {
 67 |   subnet_id = aws_subnet.subnet1.id
 68 |   route_table_id = aws_route_table.route_table1.id
 69 | }
 70 | 
 71 | # SECURITY_GROUP
 72 | resource "aws_security_group" "sg-nodejs-instance" {
 73 |   name = "nodejs_sg"
 74 |   vpc_id = aws_vpc.vpc1.id
 75 | 
 76 |   ingress {
 77 |     from_port = 80
 78 |     to_port = 80
 79 |     protocol = "tcp"
 80 |     cidr_blocks = ["0.0.0.0/0"]
 81 |   }
 82 | 
 83 |   ingress {
 84 |     from_port = 443
 85 |     to_port = 443
 86 |     protocol = "tcp"
 87 |     cidr_blocks = ["0.0.0.0/0"]
 88 |   }
 89 | 
 90 |   ingress {
 91 |     from_port = 22
 92 |     to_port = 22
 93 |     protocol = "tcp"
 94 |     cidr_blocks = ["0.0.0.0/0"]
 95 |   }
 96 |   
 97 |   egress {
 98 |     from_port = 0
 99 |     to_port = 0
100 |     protocol = "-1"
101 |     cidr_blocks = ["0.0.0.0/0"]
102 |   }
103 | }
104 | 
105 | # INSTANCE
106 | resource "aws_instance" "nodejs1" {
107 |   ami = data.aws_ami.aws-linux.id
108 |   instance_type = "t2.micro"
109 |   subnet_id = aws_subnet.subnet1.id
110 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
111 |   key_name               = var.ssh_key_name
112 | 
113 |   connection {
114 |     type        = "ssh"
115 |     host        = self.public_ip
116 |     user        = "ec2-user"
117 |     private_key = file(var.private_key_path)
118 |   }
119 | }
120 | 
121 | 
122 | # //////////////////////////////
123 | # DATA
124 | # //////////////////////////////
125 | data "aws_availability_zones" "available" {
126 |   state = "available"
127 | }
128 | 
129 | data "aws_ami" "aws-linux" {
130 |   most_recent = true
131 |   owners      = ["amazon"]
132 | 
133 |   filter {
134 |     name   = "name"
135 |     values = ["amzn-ami-hvm*"]
136 |   }
137 | 
138 |   filter {
139 |     name   = "root-device-type"
140 |     values = ["ebs"]
141 |   }
142 | 
143 |   filter {
144 |     name   = "virtualization-type"
145 |     values = ["hvm"]
146 |   }
147 | }
148 | 
149 | # //////////////////////////////
150 | # OUTPUT
151 | # //////////////////////////////
152 | output "instance-dns" {
153 |   value = aws_instance.nodejs1.public_dns
154 | }


--------------------------------------------------------------------------------
/02_02-07_variables/main.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "region" {
  9 |   default = "us-east-2"
 10 | }
 11 | 
 12 | variable "vpc_cidr" {
 13 |   default = "172.16.0.0/16"
 14 | }
 15 | 
 16 | variable "subnet1_cidr" {
 17 |   default = "172.16.0.0/24"
 18 | }
 19 | 
 20 | variable "environment_list" {
 21 |   type = list(string)
 22 |   default = ["DEV","QA","STAGE","PROD"]
 23 | }
 24 | 
 25 | variable "environment_map" {
 26 |   type = map(string)
 27 |   default = {
 28 |     "DEV" = "DEV",
 29 |     "QA" = "QA",
 30 |     "STAGE" = "STAGE",
 31 |     "PROD" = "PROD"
 32 |   }
 33 | }
 34 | 
 35 | variable "environment_instance_type" {
 36 |   type = map(string)
 37 |   default = {
 38 |     "DEV" = "t2.micro",
 39 |     "QA" = "t2.micro",
 40 |     "STAGE" = "t2.micro",
 41 |     "PROD" = "t2.micro"
 42 |   }
 43 | }
 44 | 
 45 | variable "environment_instance_settings" {
 46 |   type = map(object({instance_type=string, monitoring=bool}))
 47 |   default = {
 48 |     "DEV" = {
 49 |       instance_type = "t2.micro", 
 50 |       monitoring = false
 51 |     },
 52 |    "QA" = {
 53 |       instance_type = "t2.micro", 
 54 |       monitoring = false
 55 |     },
 56 |     "STAGE" = {
 57 |       instance_type = "t2.micro", 
 58 |       monitoring = false
 59 |     },
 60 |     "PROD" = {
 61 |       instance_type = "t2.micro", 
 62 |       monitoring = true
 63 |     }
 64 |   }
 65 | }
 66 | 
 67 | # //////////////////////////////
 68 | # PROVIDERS
 69 | # //////////////////////////////
 70 | provider "aws" {
 71 |   access_key = var.aws_access_key
 72 |   secret_key = var.aws_secret_key
 73 |   region     = var.region
 74 | }
 75 | 
 76 | # //////////////////////////////
 77 | # RESOURCES
 78 | # //////////////////////////////
 79 | 
 80 | # VPC
 81 | resource "aws_vpc" "vpc1" {
 82 |   cidr_block = var.vpc_cidr
 83 |   enable_dns_hostnames = "true"
 84 | }
 85 | 
 86 | # SUBNET
 87 | resource "aws_subnet" "subnet1" {
 88 |   cidr_block = var.subnet1_cidr
 89 |   vpc_id = aws_vpc.vpc1.id
 90 |   map_public_ip_on_launch = "true"
 91 |   availability_zone = data.aws_availability_zones.available.names[1]
 92 | }
 93 | 
 94 | # INTERNET_GATEWAY
 95 | resource "aws_internet_gateway" "gateway1" {
 96 |   vpc_id = aws_vpc.vpc1.id
 97 | }
 98 | 
 99 | # ROUTE_TABLE
100 | resource "aws_route_table" "route_table1" {
101 |   vpc_id = aws_vpc.vpc1.id
102 | 
103 |   route {
104 |     cidr_block = "0.0.0.0/0"
105 |     gateway_id = aws_internet_gateway.gateway1.id
106 |   }
107 | }
108 | 
109 | resource "aws_route_table_association" "route-subnet1" {
110 |   subnet_id = aws_subnet.subnet1.id
111 |   route_table_id = aws_route_table.route_table1.id
112 | }
113 | 
114 | # SECURITY_GROUP
115 | resource "aws_security_group" "sg-nodejs-instance" {
116 |   name = "nodejs_sg"
117 |   vpc_id = aws_vpc.vpc1.id
118 | 
119 |   ingress {
120 |     from_port = 80
121 |     to_port = 80
122 |     protocol = "tcp"
123 |     cidr_blocks = ["0.0.0.0/0"]
124 |   }
125 | 
126 |   ingress {
127 |     from_port = 22
128 |     to_port = 22
129 |     protocol = "tcp"
130 |     cidr_blocks = ["0.0.0.0/0"]
131 |   }
132 |   
133 |   egress {
134 |     from_port = 0
135 |     to_port = 0
136 |     protocol = "-1"
137 |     cidr_blocks = ["0.0.0.0/0"]
138 |   }
139 | }
140 | 
141 | # INSTANCE
142 | resource "aws_instance" "nodejs1" {
143 |   ami = data.aws_ami.aws-linux.id
144 |   instance_type = var.environment_instance_type["DEV"]
145 |   //instance_type = var.environment_instance_settings["PROD"].instance_type
146 |   subnet_id = aws_subnet.subnet1.id
147 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
148 | 
149 |   monitoring = var.environment_instance_settings["PROD"].monitoring
150 | 
151 |   tags = {Environment = var.environment_list[0]}
152 | 
153 | }
154 | 
155 | # //////////////////////////////
156 | # DATA
157 | # //////////////////////////////
158 | data "aws_availability_zones" "available" {}
159 | 
160 | data "aws_ami" "aws-linux" {
161 |   most_recent = true
162 |   owners      = ["amazon"]
163 | 
164 |   filter {
165 |     name   = "name"
166 |     values = ["amzn-ami-hvm*"]
167 |   }
168 | 
169 |   filter {
170 |     name   = "root-device-type"
171 |     values = ["ebs"]
172 |   }
173 | 
174 |   filter {
175 |     name   = "virtualization-type"
176 |     values = ["hvm"]
177 |   }
178 | }
179 | 
180 | # //////////////////////////////
181 | # OUTPUT
182 | # //////////////////////////////
183 | output "instance-dns" {
184 |   value = aws_instance.nodejs1.public_dns
185 | }


--------------------------------------------------------------------------------
/02_08-09_expressions_functions/main.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "region" {
  9 |   default = "us-east-2"
 10 | }
 11 | 
 12 | variable "vpc_cidr" {
 13 |   default = "172.16.0.0/16"
 14 | }
 15 | 
 16 | variable "subnet1_cidr" {
 17 |   default = "172.16.0.0/24"
 18 | }
 19 | 
 20 | variable "environment_list" {
 21 |   type = list(string)
 22 |   default = ["DEV","QA","STAGE","PROD"]
 23 | }
 24 | 
 25 | variable "environment_map" {
 26 |   type = map(string)
 27 |   default = {
 28 |     "DEV" = "DEV",
 29 |     "QA" = "QA",
 30 |     "STAGE" = "STAGE",
 31 |     "PROD" = "PROD"
 32 |   }
 33 | }
 34 | 
 35 | variable "environment_instance_type" {
 36 |   type = map(string)
 37 |   default = {
 38 |     "DEV" = "t2.micro",
 39 |     "QA" = "t2.micro",
 40 |     "STAGE" = "t2.micro",
 41 |     "PROD" = "t2.micro"
 42 |   }
 43 | }
 44 | 
 45 | variable "environment_instance_settings" {
 46 |   type = map(object({instance_type=string, monitoring=bool}))
 47 |   default = {
 48 |     "DEV" = {
 49 |       instance_type = "t2.micro", 
 50 |       monitoring = false
 51 |     },
 52 |    "QA" = {
 53 |       instance_type = "t2.micro", 
 54 |       monitoring = false
 55 |     },
 56 |     "STAGE" = {
 57 |       instance_type = "t2.micro", 
 58 |       monitoring = false
 59 |     },
 60 |     "PROD" = {
 61 |       instance_type = "t2.micro", 
 62 |       monitoring = true
 63 |     }
 64 |   }
 65 | }
 66 | 
 67 | # //////////////////////////////
 68 | # PROVIDERS
 69 | # //////////////////////////////
 70 | provider "aws" {
 71 |   access_key = var.aws_access_key
 72 |   secret_key = var.aws_secret_key
 73 |   region     = var.region
 74 | }
 75 | 
 76 | # //////////////////////////////
 77 | # RESOURCES
 78 | # //////////////////////////////
 79 | 
 80 | # VPC
 81 | resource "aws_vpc" "vpc1" {
 82 |   cidr_block = var.vpc_cidr
 83 |   enable_dns_hostnames = "true"
 84 | }
 85 | 
 86 | # SUBNET
 87 | resource "aws_subnet" "subnet1" {
 88 |   cidr_block = var.subnet1_cidr
 89 |   vpc_id = aws_vpc.vpc1.id
 90 |   map_public_ip_on_launch = "true"
 91 |   availability_zone = data.aws_availability_zones.available.names[1]
 92 | }
 93 | 
 94 | # INTERNET_GATEWAY
 95 | resource "aws_internet_gateway" "gateway1" {
 96 |   vpc_id = aws_vpc.vpc1.id
 97 | }
 98 | 
 99 | # ROUTE_TABLE
100 | resource "aws_route_table" "route_table1" {
101 |   vpc_id = aws_vpc.vpc1.id
102 | 
103 |   route {
104 |     cidr_block = "0.0.0.0/0"
105 |     gateway_id = aws_internet_gateway.gateway1.id
106 |   }
107 | }
108 | 
109 | resource "aws_route_table_association" "route-subnet1" {
110 |   subnet_id = aws_subnet.subnet1.id
111 |   route_table_id = aws_route_table.route_table1.id
112 | }
113 | 
114 | # SECURITY_GROUP
115 | resource "aws_security_group" "sg-nodejs-instance" {
116 |   name = "nodejs_sg"
117 |   vpc_id = aws_vpc.vpc1.id
118 | 
119 |   ingress {
120 |     from_port = 80
121 |     to_port = 80
122 |     protocol = "tcp"
123 |     cidr_blocks = ["0.0.0.0/0"]
124 |   }
125 | 
126 |   ingress {
127 |     from_port = 22
128 |     to_port = 22
129 |     protocol = "tcp"
130 |     cidr_blocks = ["0.0.0.0/0"]
131 |   }
132 |   
133 |   egress {
134 |     from_port = 0
135 |     to_port = 0
136 |     protocol = "-1"
137 |     cidr_blocks = ["0.0.0.0/0"]
138 |   }
139 | }
140 | 
141 | # INSTANCE
142 | resource "aws_instance" "nodejs1" {
143 |   ami = data.aws_ami.aws-linux.id
144 |   instance_type = var.environment_instance_type["DEV"]
145 |   //instance_type = var.environment_instance_settings["PROD"].instance_type
146 |   subnet_id = aws_subnet.subnet1.id
147 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
148 | 
149 |   monitoring = var.environment_instance_settings["PROD"].monitoring
150 | 
151 |   tags = {Environment = var.environment_list[0]}
152 | 
153 | }
154 | 
155 | # //////////////////////////////
156 | # DATA
157 | # //////////////////////////////
158 | data "aws_availability_zones" "available" {}
159 | 
160 | data "aws_ami" "aws-linux" {
161 |   most_recent = true
162 |   owners      = ["amazon"]
163 | 
164 |   filter {
165 |     name   = "name"
166 |     values = ["amzn-ami-hvm*"]
167 |   }
168 | 
169 |   filter {
170 |     name   = "root-device-type"
171 |     values = ["ebs"]
172 |   }
173 | 
174 |   filter {
175 |     name   = "virtualization-type"
176 |     values = ["hvm"]
177 |   }
178 | }
179 | 
180 | # //////////////////////////////
181 | # OUTPUT
182 | # //////////////////////////////
183 | output "instance-dns" {
184 |   value = aws_instance.nodejs1.public_dns
185 | }


--------------------------------------------------------------------------------
/02_10_count/main.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "iam_accounts" {
  9 |   type = set(string)
 10 | }
 11 | 
 12 | variable "region" {
 13 |   default = "us-east-2"
 14 | }
 15 | 
 16 | variable "vpc_cidr" {
 17 |   default = "172.16.0.0/16"
 18 | }
 19 | 
 20 | variable "subnet1_cidr" {
 21 |   default = "172.16.0.0/24"
 22 | }
 23 | 
 24 | variable "environment_list" {
 25 |   type = list(string)
 26 |   default = ["DEV","QA","STAGE","PROD"]
 27 | }
 28 | 
 29 | variable "environment_map" {
 30 |   type = map(string)
 31 |   default = {
 32 |     "DEV" = "DEV",
 33 |     "QA" = "QA",
 34 |     "STAGE" = "STAGE",
 35 |     "PROD" = "PROD"
 36 |   }
 37 | }
 38 | 
 39 | variable "environment_instance_type" {
 40 |   type = map(string)
 41 |   default = {
 42 |     "DEV" = "t2.micro",
 43 |     "QA" = "t2.micro",
 44 |     "STAGE" = "t2.micro",
 45 |     "PROD" = "t2.micro"
 46 |   }
 47 | }
 48 | 
 49 | variable "environment_instance_settings" {
 50 |   type = map(object({instance_type=string, monitoring=bool}))
 51 |   default = {
 52 |     "DEV" = {
 53 |       instance_type = "t2.micro", 
 54 |       monitoring = false
 55 |     },
 56 |    "QA" = {
 57 |       instance_type = "t2.micro", 
 58 |       monitoring = false
 59 |     },
 60 |     "STAGE" = {
 61 |       instance_type = "t2.micro", 
 62 |       monitoring = false
 63 |     },
 64 |     "PROD" = {
 65 |       instance_type = "t2.micro", 
 66 |       monitoring = true
 67 |     }
 68 |   }
 69 | }
 70 | 
 71 | # //////////////////////////////
 72 | # PROVIDERS
 73 | # //////////////////////////////
 74 | provider "aws" {
 75 |   access_key = var.aws_access_key
 76 |   secret_key = var.aws_secret_key
 77 |   region     = var.region
 78 | }
 79 | 
 80 | # //////////////////////////////
 81 | # RESOURCES
 82 | # //////////////////////////////
 83 | 
 84 | # VPC
 85 | resource "aws_vpc" "vpc1" {
 86 |   cidr_block = var.vpc_cidr
 87 |   enable_dns_hostnames = "true"
 88 | }
 89 | 
 90 | # SUBNET
 91 | resource "aws_subnet" "subnet1" {
 92 |   cidr_block = var.subnet1_cidr
 93 |   vpc_id = aws_vpc.vpc1.id
 94 |   map_public_ip_on_launch = "true"
 95 |   availability_zone = data.aws_availability_zones.available.names[1]
 96 | }
 97 | 
 98 | # INTERNET_GATEWAY
 99 | resource "aws_internet_gateway" "gateway1" {
100 |   vpc_id = aws_vpc.vpc1.id
101 | }
102 | 
103 | # ROUTE_TABLE
104 | resource "aws_route_table" "route_table1" {
105 |   vpc_id = aws_vpc.vpc1.id
106 | 
107 |   route {
108 |     cidr_block = "0.0.0.0/0"
109 |     gateway_id = aws_internet_gateway.gateway1.id
110 |   }
111 | }
112 | 
113 | resource "aws_route_table_association" "route-subnet1" {
114 |   subnet_id = aws_subnet.subnet1.id
115 |   route_table_id = aws_route_table.route_table1.id
116 | }
117 | 
118 | # SECURITY_GROUP
119 | resource "aws_security_group" "sg-nodejs-instance" {
120 |   name = "nodejs_sg"
121 |   vpc_id = aws_vpc.vpc1.id
122 | 
123 |   ingress {
124 |     from_port = 80
125 |     to_port = 80
126 |     protocol = "tcp"
127 |     cidr_blocks = ["0.0.0.0/0"]
128 |   }
129 | 
130 |   ingress {
131 |     from_port = 22
132 |     to_port = 22
133 |     protocol = "tcp"
134 |     cidr_blocks = ["0.0.0.0/0"]
135 |   }
136 |   
137 |   egress {
138 |     from_port = 0
139 |     to_port = 0
140 |     protocol = "-1"
141 |     cidr_blocks = ["0.0.0.0/0"]
142 |   }
143 | }
144 | 
145 | # INSTANCE
146 | resource "aws_instance" "nodejs1" {
147 |   //count = 4
148 | 
149 |   ami = data.aws_ami.aws-linux.id
150 |   instance_type = var.environment_instance_settings["PROD"].instance_type
151 |   subnet_id = aws_subnet.subnet1.id
152 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
153 | 
154 |   monitoring = var.environment_instance_settings["PROD"].monitoring
155 | 
156 |   tags = {Environment = var.environment_list[0]}
157 | }
158 | 
159 | 
160 | # //////////////////////////////
161 | # DATA
162 | # //////////////////////////////
163 | data "aws_availability_zones" "available" {}
164 | 
165 | data "aws_ami" "aws-linux" {
166 |   most_recent = true
167 |   owners      = ["amazon"]
168 | 
169 |   filter {
170 |     name   = "name"
171 |     values = ["amzn-ami-hvm*"]
172 |   }
173 | 
174 |   filter {
175 |     name   = "root-device-type"
176 |     values = ["ebs"]
177 |   }
178 | 
179 |   filter {
180 |     name   = "virtualization-type"
181 |     values = ["hvm"]
182 |   }
183 | }
184 | 
185 | # //////////////////////////////
186 | # OUTPUT
187 | # //////////////////////////////
188 | output "instance-dns" {
189 |   value = aws_instance.nodejs1.public_dns
190 | }


--------------------------------------------------------------------------------
/02_01_variables/main.tf:
--------------------------------------------------------------------------------
  1 | # //////////////////////////////
  2 | # VARIABLES
  3 | # //////////////////////////////
  4 | variable "aws_access_key" {}
  5 | 
  6 | variable "aws_secret_key" {}
  7 | 
  8 | variable "region" {
  9 |   default = "us-east-2"
 10 | }
 11 | 
 12 | variable "vpc_cidr" {
 13 |   default = "172.16.0.0/16"
 14 | }
 15 | 
 16 | variable "subnet1_cidr" {
 17 |   default = "172.16.0.0/24"
 18 | }
 19 | 
 20 | variable "environment_list" {
 21 |   type = list(string)
 22 |   default = ["DEV","QA","STAGE","PROD"]
 23 | }
 24 | 
 25 | variable "environment_map" {
 26 |   type = map(string)
 27 |   default = {
 28 |     "DEV" = "DEV",
 29 |     "QA" = "QA",
 30 |     "STAGE" = "STAGE",
 31 |     "PROD" = "PROD"
 32 |   }
 33 | }
 34 | 
 35 | variable "environment_instance_type" {
 36 |   type = map(string)
 37 |   default = {
 38 |     "DEV" = "t2.micro",
 39 |     "QA" = "t2.micro",
 40 |     "STAGE" = "t2.micro",
 41 |     "PROD" = "t2.micro"
 42 |   }
 43 | }
 44 | 
 45 | variable "environment_instance_settings" {
 46 |   type = map(object({instance_type=string, monitoring=bool}))
 47 |   default = {
 48 |     "DEV" = {
 49 |       instance_type = "t2.micro", 
 50 |       monitoring = false
 51 |     },
 52 |    "QA" = {
 53 |       instance_type = "t2.micro", 
 54 |       monitoring = false
 55 |     },
 56 |     "STAGE" = {
 57 |       instance_type = "t2.micro", 
 58 |       monitoring = false
 59 |     },
 60 |     "PROD" = {
 61 |       instance_type = "t2.micro", 
 62 |       monitoring = true
 63 |     }
 64 |   }
 65 | }
 66 | 
 67 | # //////////////////////////////
 68 | # PROVIDERS
 69 | # //////////////////////////////
 70 | provider "aws" {
 71 |   access_key = var.aws_access_key
 72 |   secret_key = var.aws_secret_key
 73 |   region     = var.region
 74 | }
 75 | 
 76 | # //////////////////////////////
 77 | # RESOURCES
 78 | # //////////////////////////////
 79 | 
 80 | # VPC
 81 | resource "aws_vpc" "vpc1" {
 82 |   cidr_block = var.vpc_cidr
 83 |   enable_dns_hostnames = "true"
 84 | }
 85 | 
 86 | # SUBNET
 87 | resource "aws_subnet" "subnet1" {
 88 |   cidr_block = var.subnet1_cidr
 89 |   vpc_id = aws_vpc.vpc1.id
 90 |   map_public_ip_on_launch = "true"
 91 |   availability_zone = data.aws_availability_zones.available.names[1]
 92 | }
 93 | 
 94 | # INTERNET_GATEWAY
 95 | resource "aws_internet_gateway" "gateway1" {
 96 |   vpc_id = aws_vpc.vpc1.id
 97 | }
 98 | 
 99 | # ROUTE_TABLE
100 | resource "aws_route_table" "route_table1" {
101 |   vpc_id = aws_vpc.vpc1.id
102 | 
103 |   route {
104 |     cidr_block = "0.0.0.0/0"
105 |     gateway_id = aws_internet_gateway.gateway1.id
106 |   }
107 | }
108 | 
109 | resource "aws_route_table_association" "route-subnet1" {
110 |   subnet_id = aws_subnet.subnet1.id
111 |   route_table_id = aws_route_table.route_table1.id
112 | }
113 | 
114 | # SECURITY_GROUP
115 | resource "aws_security_group" "sg-nodejs-instance" {
116 |   name = "nodejs_sg"
117 |   vpc_id = aws_vpc.vpc1.id
118 | 
119 |   ingress {
120 |     from_port = 80
121 |     to_port = 80
122 |     protocol = "tcp"
123 |     cidr_blocks = ["0.0.0.0/0"]
124 |   }
125 | 
126 |   ingress {
127 |     from_port = 22
128 |     to_port = 22
129 |     protocol = "tcp"
130 |     cidr_blocks = ["0.0.0.0/0"]
131 |   }
132 |   
133 |   egress {
134 |     from_port = 0
135 |     to_port = 0
136 |     protocol = "-1"
137 |     cidr_blocks = ["0.0.0.0/0"]
138 |   }
139 | }
140 | 
141 | # INSTANCE
142 | resource "aws_instance" "nodejs1" {
143 |   ami = data.aws_ami.aws-linux.id
144 |   instance_type = var.environment_instance_type["DEV"]
145 |   //instance_type = var.environment_instance_settings["PROD"].instance_type
146 |   subnet_id = aws_subnet.subnet1.id
147 |   vpc_security_group_ids = [aws_security_group.sg-nodejs-instance.id]
148 | 
149 |   monitoring = var.environment_instance_settings["PROD"].monitoring
150 | 
151 |   tags = {Environment = var.environment_list[0]}
152 | 
153 | }
154 | 
155 | # //////////////////////////////
156 | # DATA
157 | # //////////////////////////////
158 | data "aws_availability_zones" "available" {}
159 | 
160 | data "aws_ami" "aws-linux" {
161 |   most_recent = true
162 |   owners      = ["amazon"]
163 | 
164 |   filter {
165 |     name   = "name"
166 |     values = ["amzn-ami-hvm*"]
167 |   }
168 | 
169 |   filter {
170 |     name   = "root-device-type"
171 |     values = ["ebs"]
172 |   }
173 | 
174 |   filter {
175 |     name   = "virtualization-type"
176 |     values = ["hvm"]
177 |   }
178 | }
179 | 
180 | # //////////////////////////////
181 | # OUTPUT
182 | # //////////////////////////////
183 | output "instance-dns" {
184 |   value = aws_instance.nodejs1.public_dns
185 | }
186 | 
187 | output "private-dns" {
188 |   value = aws_instance.nodejs1.private_dns
189 | }


--------------------------------------------------------------------------------
/04_02_jenkins/Jenkinsfile:
--------------------------------------------------------------------------------
 1 | node {
 2 |     stage('Clone') { // for display purposes
 3 |         // Clone the configurations repository
 4 |         cleanWs()
 5 |         git 'https://github.com/LinkedInLearning/advanced-terraform-2823489.git'   
 6 |     }
 7 |     stage('Download') {
 8 |         // Download Terraform
 9 |         sh label: '', script: 'curl https://releases.hashicorp.com/terraform/0.12.29/terraform_0.12.29_linux_amd64.zip \
10 |             --output terraform_0.12.29_darwin_amd64.zip \
11 |              && unzip terraform_0.12.29_darwin_amd64.zip'
12 |     }
13 |     stage('Backend-Init') {
14 |         // Initialize the Terraform configuration
15 |         dir('03_01_remotestate/remote_resources') {
16 |             sh script: '../../terraform init -input=false'
17 |         }
18 |         
19 |     }
20 |     stage('Backend-Plan') {
21 |         // Create Terraform plan for backend resources
22 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
23 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
24 |             dir('03_01_remotestate/remote_resources') {
25 |                 sh script: '../../terraform plan \
26 |                         -out backend.tfplan \
27 |                         -var="aws_access_key=$aws_access_key" \
28 |                         -var="aws_secret_key=$aws_secret_key"'
29 |             }
30 |         }
31 |     }
32 |     stage('Backend-Apply') {
33 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
34 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
35 |                             dir('03_01_remotestate/remote_resources') {
36 |                                 sh script: '../../terraform apply backend.tfplan'
37 |                             }
38 |         }
39 |     }
40 |     stage('Config-Init') {
41 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
42 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
43 |                             dir('03_01_remotestate') {
44 |                                 sh script: '../terraform init \
45 |                                             -backend-config="bucket=red30-tfstate" \
46 |                                             -backend-config="key=red30/ecommerceapp/app.state" \
47 |                                             -backend-config="region=us-east-2" \
48 |                                             -backend-config="dynamodb_table=red30-tfstatelock" \
49 |                                             -backend-config="access_key=$aws_access_key" \
50 |                                             -backend-config="secret_key=$aws_secret_key"'
51 |                             }
52 |                         }
53 |     }
54 |     stage('Config-Plan') {
55 |         // Generate Terraform plan
56 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
57 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
58 |                             dir('03_01_remotestate') {
59 |                                 sh script: '../terraform plan \
60 |                                             -out s1.tfplan \
61 |                                             -var="aws_access_key=$aws_access_key" \
62 |                                             -var="aws_secret_key=$aws_secret_key"'
63 |                             }
64 |         }
65 |     }
66 |     stage('Config-Apply') {
67 |         // Apply the configuration
68 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
69 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
70 |                             dir('03_01_remotestate') {
71 |                                 sh script: '../terraform apply s1.tfplan'
72 |                             }
73 |         }
74 |     }
75 |     stage('Destroy'){
76 |         input 'Destroy?'
77 |         withCredentials([string(credentialsId: 'AWS_ACCESS_KEY', variable: 'aws_access_key'), 
78 |                         string(credentialsId: 'AWS_SECRET_KEY', variable: 'aws_secret_key')]) {
79 |             dir('03_01_remotestate') {
80 |                 sh script: '../terraform destroy \
81 |                         -auto-approve \
82 |                         -var="aws_access_key=$aws_access_key" \
83 |                         -var="aws_secret_key=$aws_secret_key"'
84 |             }
85 |             dir('03_01_remotestate/remote_resources') {
86 |                 sh script: '../../terraform destroy \
87 |                         -auto-approve \
88 |                         -var="aws_access_key=$aws_access_key" \
89 |                         -var="aws_secret_key=$aws_secret_key"'
90 |             }
91 |         }
92 |     }
93 | }


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | LinkedIn Learning Exercise Files License Agreement
  2 | ==================================================
  3 | 
  4 | This License Agreement (the "Agreement") is a binding legal agreement
  5 | between you (as an individual or entity, as applicable) and LinkedIn
  6 | Corporation (“LinkedIn”). By downloading or using the LinkedIn Learning
  7 | exercise files in this repository (“Licensed Materials”), you agree to
  8 | be bound by the terms of this Agreement. If you do not agree to these
  9 | terms, do not download or use the Licensed Materials. 
 10 | 
 11 | 1. License.
 12 | - a. Subject to the terms of this Agreement, LinkedIn hereby grants LinkedIn
 13 | members during their LinkedIn Learning subscription a non-exclusive,
 14 | non-transferable copyright license, for internal use only, to 1) make a
 15 | reasonable number of copies of the Licensed Materials, and 2) make
 16 | derivative works of the Licensed Materials for the sole purpose of
 17 | practicing skills taught in LinkedIn Learning courses.
 18 | - b. Distribution. Unless otherwise noted in the Licensed Materials, subject
 19 | to the terms of this Agreement, LinkedIn hereby grants LinkedIn members
 20 | with a LinkedIn Learning subscription a non-exclusive, non-transferable
 21 | copyright license to distribute the Licensed Materials, except the
 22 | Licensed Materials may not be included in any product or service (or
 23 | otherwise used) to instruct or educate others.
 24 | 
 25 | 2. Restrictions and Intellectual Property. 
 26 | - a. You may not to use, modify, copy, make derivative works of, publish,
 27 | distribute, rent, lease, sell, sublicense, assign or otherwise transfer the
 28 | Licensed Materials, except as expressly set forth above in Section 1. 
 29 | - b. Linkedin (and its licensors) retains its intellectual property rights
 30 | in the Licensed Materials. Except as expressly set forth in Section 1,
 31 | LinkedIn grants no licenses.
 32 | - c. You indemnify LinkedIn and its licensors and affiliates for i) any
 33 | alleged infringement or misappropriation of any intellectual property rights
 34 | of any third party based on modifications you make to the Licensed Materials,
 35 | ii) any claims arising from your use or distribution of all or part of the
 36 | Licensed Materials and iii) a breach of this Agreement. You will defend, hold
 37 | harmless, and indemnify LinkedIn and its affiliates (and our and their
 38 | respective employees, shareholders, and directors) from any claim or action
 39 | brought by a third party, including all damages, liabilities, costs and
 40 | expenses, including reasonable attorneys’ fees, to the extent resulting from,
 41 | alleged to have resulted from, or in connection with: (a) your breach of your
 42 | obligations herein; or (b) your use or distribution of any Licensed Materials.
 43 | 
 44 | 3. Open source. This code may include open source software, which may be
 45 | subject to other license terms as provided in the files. 
 46 |  
 47 | 4. Warranty Disclaimer. LINKEDIN PROVIDES THE LICENSED MATERIALS ON AN “AS IS”
 48 | AND “AS AVAILABLE” BASIS. LINKEDIN MAKES NO REPRESENTATION OR WARRANTY,
 49 | WHETHER EXPRESS OR IMPLIED, ABOUT THE LICENSED MATERIALS, INCLUDING ANY
 50 | REPRESENTATION THAT THE LICENSED MATERIALS WILL BE FREE OF ERRORS, BUGS OR
 51 | INTERRUPTIONS, OR THAT THE LICENSED MATERIALS ARE ACCURATE, COMPLETE OR
 52 | OTHERWISE VALID. TO THE FULLEST EXTENT PERMITTED BY LAW, LINKEDIN AND ITS
 53 | AFFILIATES DISCLAIM ANY IMPLIED OR STATUTORY WARRANTY OR CONDITION, INCLUDING
 54 | ANY IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY OR FITNESS FOR A
 55 | PARTICULAR PURPOSE, AVAILABILITY, SECURITY, TITLE AND/OR NON-INFRINGEMENT.
 56 | YOUR USE OF THE LICENSED MATERIALS IS AT YOUR OWN DISCRETION AND RISK, AND
 57 | YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE THAT RESULTS FROM USE OF THE
 58 | LICENSED MATERIALS TO YOUR COMPUTER SYSTEM OR LOSS OF DATA.  NO ADVICE OR
 59 | INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM US OR THROUGH OR
 60 | FROM THE LICENSED MATERIALS WILL CREATE ANY WARRANTY OR CONDITION NOT
 61 | EXPRESSLY STATED IN THESE TERMS.
 62 | 
 63 | 5. Limitation of Liability. LINKEDIN SHALL NOT BE LIABLE FOR ANY INDIRECT,
 64 | INCIDENTAL, SPECIAL, PUNITIVE, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING
 65 | BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER
 66 | INTANGIBLE LOSSES . IN NO EVENT WILL LINKEDIN'S AGGREGATE LIABILITY TO YOU
 67 | EXCEED $100. THIS LIMITATION OF LIABILITY SHALL:
 68 | - i. APPLY REGARDLESS OF WHETHER (A) YOU BASE YOUR CLAIM ON CONTRACT, TORT,
 69 | STATUTE, OR ANY OTHER LEGAL THEORY, (B) WE KNEW OR SHOULD HAVE KNOWN ABOUT
 70 | THE POSSIBILITY OF SUCH DAMAGES, OR (C) THE LIMITED REMEDIES PROVIDED IN THIS
 71 | SECTION FAIL OF THEIR ESSENTIAL PURPOSE; AND
 72 | - ii. NOT APPLY TO ANY DAMAGE THAT LINKEDIN MAY CAUSE YOU INTENTIONALLY OR
 73 | KNOWINGLY IN VIOLATION OF THESE TERMS OR APPLICABLE LAW, OR AS OTHERWISE
 74 | MANDATED BY APPLICABLE LAW THAT CANNOT BE DISCLAIMED IN THESE TERMS.
 75 | 
 76 | 6. Termination. This Agreement automatically terminates upon your breach of
 77 | this Agreement or termination of your LinkedIn Learning subscription. On
 78 | termination, all licenses granted under this Agreement will terminate
 79 | immediately and you will delete the Licensed Materials. Sections 2-7 of this
 80 | Agreement survive any termination of this Agreement. LinkedIn may discontinue
 81 | the availability of some or all of the Licensed Materials at any time for any
 82 | reason.
 83 | 
 84 | 7. Miscellaneous. This Agreement will be governed by and construed in
 85 | accordance with the laws of the State of California without regard to conflict
 86 | of laws principles. The exclusive forum for any disputes arising out of or
 87 | relating to this Agreement shall be an appropriate federal or state court
 88 | sitting in the County of Santa Clara, State of California. If LinkedIn does
 89 | not act to enforce a breach of this Agreement, that does not mean that
 90 | LinkedIn has waived its right to enforce this Agreement. The Agreement does
 91 | not create a partnership, agency relationship, or joint venture between the
 92 | parties.  Neither party has the power or authority to bind the other or to
 93 | create any obligation or responsibility on behalf of the other. You may not,
 94 | without LinkedIn’s prior written consent, assign or delegate any rights or
 95 | obligations under these terms, including in connection with a change of
 96 | control. Any purported assignment and delegation shall be ineffective. The
 97 | Agreement shall bind and inure to the benefit of the parties, their respective
 98 | successors and permitted assigns. If any provision of the Agreement is
 99 | unenforceable, that provision will be modified to render it enforceable to the
100 | extent possible to give effect to the parties’ intentions and the remaining
101 | provisions will not be affected. This Agreement is the only agreement between
102 | you and LinkedIn regarding the Licensed Materials, and supersedes all prior
103 | agreements relating to the Licensed Materials.  
104 | 
105 | Last Updated: March 2019
106 | 


--------------------------------------------------------------------------------