7 |
8 | This is the code repository for [HashiCorp Infrastructure Automation Certification Guide](https://www.packtpub.com/in/cloud-networking/hashicorp-infrastructure-automation-terraform-associate-exam-guide?utm_source=github&utm_medium=repository&utm_campaign=9781786461629), published by Packt.
9 |
10 | **HashiCorp Infrastructure Automation Certification Guide, published by Packt**
11 |
12 | ## What is this book about?
13 |
14 | This book covers the following exciting features:
15 |
16 | * Effectively maintain the life cycle of your infrastructure using Terraform 1.0
17 | * Reuse Terraform code to provision any cloud infrastructure
18 | * Write Terraform modules on multiple cloud providers
19 | * Use Terraform workflows with the Azure DevOps pipeline
20 | * Write Terraform configuration files for AWS, Azure, and Google Cloud
21 | * Discover ways to securely store Terraform state files
22 | * Understand Policy as Code using Terraform Sentinel
23 | * Gain an overview of Terraform Cloud and Terraform Enterprise
24 |
25 | If you feel this book is for you, get your [copy](https://www.amazon.com/dp/1800565976) today!
26 |
27 | 
29 |
30 | ## Instructions and Navigations
31 | All of the code is organized into folders. For example, Chapter02.
32 |
33 | The code will look like the following:
34 | ```
35 | "azurerm" { version = "=2.20.0"
36 | features {}
37 | subscription_id = "...."
38 | client_id = "...."
39 | client_secret = "...."
40 | tenant_id = "...." }
41 | ```
42 |
43 | **Following is what you need for this book:**
44 | This book is for experienced cloud engineers, DevOps engineers, system administrators, and solution architects interested in developing industry-grade skills with Terraform. You will also find this book useful if you want to pass the HashiCorp Certified: Terraform Associate exam. Basic command-line skills and prior knowledge of cloud environments and their services are required before getting started with this book.
45 |
46 | With the following software and hardware list you can run all code files present in the book (Chapter 1-11).
47 | ### Software and Hardware List
48 | | Chapter | Software required | OS required |
49 | | -------- | ------------------------------------ | ----------------------------------- |
50 | | 1-10 | The Azure, GCP and AWS Clouds | Windows, Mac OS X, and Linux (Any) |
51 | | 1-10 | Azure DevOps | Windows, Mac OS X, and Linux (Any) |
52 | | 1-10 | GitHub | Windows, Mac OS X, and Linux (Any) |
53 | | 1-10 | Terraform v1.0 | Windows, Mac OS X, and Linux (Any) |
54 | | 1-10 | VSCode (editor) | Windows, Mac OS X, and Linux (Any) |
55 | | 1-10 | The Git Bash CLI | Windows, Mac OS X, and Linux (Any) |
56 |
57 |
58 | We also provide a PDF file that has color images of the screenshots/diagrams used in this book. [Click here to download it](https://www.packtpub.com/sites/default/files/downloads/9781800565975_ColorImages.pdf).
59 |
60 | ### Code in Action
61 | Click on following link to see the Code in Action:
62 |
63 | [Youtube link](https://bit.ly/3wrqAoP)
64 |
65 |
66 | ### Related products
67 | * Repeatability, Reliability, and Scalability through GitOps [[Packt]](https://www.packtpub.com/product/repeatability-reliability-and-scalability-through-gitops/9781801077798?utm_source=github&utm_medium=repository&utm_campaign=9781801077798) [[Amazon]](https://www.amazon.com/dp/1801077797)
68 |
69 | * Google Cloud for DevOps Engineers [[Packt]](https://www.packtpub.com/product/google-cloud-for-devops-engineers/9781839218019?utm_source=github&utm_medium=repository&utm_campaign=9781839218019) [[Amazon]](https://www.amazon.com/dp/1839218010)
70 |
71 | ## Get to Know the Author
72 | **Ravi Mishra**
73 | (born in 1988) is a multi-cloud architect with a decade of experience in the IT industry. He started his career as a network engineer, then later, with time, he got the opportunity to work in the cloud domain, where he worked his hardest to become an expert in cloud platforms such as AWS, Azure, GCP, and Oracle. Along with the cloud, he has also developed a skillset in DevOps, containerization, Kubernetes, and Terraform. This was what inspired him to write this book.
74 | Ravi has an electronics engineering degree, with a postgraduate diploma in IT project management.
75 | Throughout his career, he has worked with multiple global MNCs.
76 | He has more than 35 cloud certifications, including as a Microsoft Certified Trainer and a public speaker. You can find him on LinkedIn as inmishrar.
77 |
78 |
79 |
80 | ### Download a free PDF
81 |
82 | If you have already purchased a print or Kindle version of this book, you can get a DRM-free PDF version at no cost.https://packt.link/free-ebook/9781800565975
-------------------------------------------------------------------------------- /chapter10/terraform-cloud/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "terraform-rg" { 2 | name = var.rgname 3 | location = var.rglocation 4 | } -------------------------------------------------------------------------------- /chapter10/terraform-cloud/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter10/terraform-cloud/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "provide name of the resource group" 4 | } 5 | variable "rglocation" { 6 | type = string 7 | description = "provide name of the resource group location" 8 | } -------------------------------------------------------------------------------- /chapter10/terraform-sentinel/azure_tags.sentinel: -------------------------------------------------------------------------------- 1 | import "tfplan/v2" as tfplan 2 | 3 | rg_tags = filter tfplan.resource_changes as _, rc { 4 | rc.type is "azurerm_resource_group" and 5 | (rc.change.actions contains "create" or rc.change.actions is ["update"]) 6 | } 7 | 8 | azure_tags = rule { 9 | all rg_tags as _, instances { 10 | instances.change.after.tags is not null 11 | } 12 | } 13 | 14 | main = rule { 15 | azure_tags 16 | } -------------------------------------------------------------------------------- /chapter10/terraform-sentinel/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "terraform-rg" { 2 | name = var.rgname 3 | location = var.rglocation 4 | tags = { 5 | "environment" = "test" 6 | "costcenter" = "terraform-sentinel" 7 | } 8 | } -------------------------------------------------------------------------------- /chapter10/terraform-sentinel/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter10/terraform-sentinel/sentinel.hcl: -------------------------------------------------------------------------------- 1 | policy "azure_tags" { 2 | source = "./azure_tags.sentinel" 3 | enforcement_level = "hard-mandatory" 4 | } -------------------------------------------------------------------------------- /chapter10/terraform-sentinel/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "provide name of the resource group" 4 | } 5 | variable "rglocation" { 6 | type = string 7 | description = "provide name of the resource group location" 8 | } -------------------------------------------------------------------------------- /chapter4/Terraform loops/count/main.tf: -------------------------------------------------------------------------------- 1 | # To Create Resource Group 2 | resource "azurerm_resource_group" "example" { 3 | count = 3 4 | name = "Terraform-rg${count.index}" 5 | location = "westeurope" 6 | } 7 | 8 | # You can define above code by defining variable rg_names, you can refer to variable.tf file where we had defined variable. 9 | 10 | resource "azurerm_resource_group" "example" { 11 | count = length(var.rg_names) 12 | name = var.rg_names[count.index] 13 | location = "westeurope" 14 | } 15 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/count/outputs.tf: -------------------------------------------------------------------------------- 1 | # To see output of the specific resource group resource id you can define 2 | 3 | output "rg_id" { 4 | value = azurerm_resource_group.example[0].id 5 | description = "The Id of the resource group" 6 | } 7 | 8 | # To see all the output of the resource group resource id you can use following code block 9 | 10 | output "All_rg_id" { 11 | value = azurerm_resource_group.example[*].id 12 | description = "The Id of all the resource group" 13 | } 14 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/count/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "=2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter4/Terraform loops/count/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rg_names" { 2 | description = "list of the resource group names" 3 | type = list(string) 4 | default = ["Azure-rg", "AWS-rg", "Google-rg"] 5 | } 6 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for/outputs.tf: -------------------------------------------------------------------------------- 1 | # output of list: 2 | output "cloud_names" { 3 | value = [for cloud_name in var.cloud : upper(cloud_name)] 4 | } 5 | 6 | #output of map: 7 | output "cloud_mapping" { 8 | value = [for cloud_name, company in var.cloud_map : "${cloud_name} cloud is founded by ${company}"] 9 | } 10 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for/variables.tf: -------------------------------------------------------------------------------- 1 | # Defined variable for the list: 2 | variable "cloud" { 3 | description = "A list of cloud" 4 | type = list(string) 5 | default = ["azure", "aws", "gcp"] 6 | } 7 | 8 | # Defined variable for the map: 9 | variable "cloud_map" { 10 | description = "map" 11 | type = map(string) 12 | default = { 13 | Azure = "Microsoft" 14 | AWS = "Amazon" 15 | GCP = "Google" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/Dynamic-for_each/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "example" { 2 | name = "Terraform-rg" 3 | location = "westeurope" 4 | } 5 | resource "azurerm_virtual_network" "vnet" { 6 | name = var.vnet_name 7 | location = azurerm_resource_group.example.location 8 | resource_group_name = azurerm_resource_group.example.name 9 | address_space = var.address_space 10 | dynamic "subnet" { 11 | for_each = var.subnet_names 12 | content { 13 | name = subnet.value.name 14 | address_prefix = subnet.value.address_prefix 15 | } 16 | } 17 | } 18 | 19 | # If you want you can keep these variables in a separate file: 20 | 21 | variable "subnet_names" { 22 | default = { 23 | subnet1 = { 24 | name = "subnet1" 25 | address_prefix = "10.0.1.0/24" 26 | } 27 | subnet2 = { 28 | name = "subnet2" 29 | address_prefix = "10.0.2.0/24" 30 | } 31 | } 32 | } 33 | variable "vnet_name" { 34 | default = "terraform-vnet" 35 | } 36 | variable "address_space" { 37 | default = ["10.0.0.0/16"] 38 | } 39 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/Dynamic-for_each/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "=2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "example" { 2 | for_each = toset(var.rg_names) 3 | name = each.value 4 | location = "westeurope" 5 | } 6 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/outputs.tf: -------------------------------------------------------------------------------- 1 | # map of resource output rather than single resource 2 | output "all_rg" { 3 | value = azurerm_resource_group.example 4 | } 5 | 6 | # All the resource group resource ID 7 | output "all_id" { 8 | value = values(azurerm_resource_group.example)[*].id 9 | } 10 | 11 | 12 | -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "=2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter4/Terraform loops/for_each/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rg_names" { 2 | description = "list of the resource group names" 3 | type = list(string) 4 | default = ["Azure-rg", "AWS-rg", "Google-rg"] 5 | } 6 | -------------------------------------------------------------------------------- /chapter5/AWS/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "Terraform_aws_vpc" { 2 | cidr_block = var.cidr_block 3 | instance_tenancy = "default" 4 | tags = { 5 | Name = "Terraform_aws_vpc" 6 | } 7 | } -------------------------------------------------------------------------------- /chapter5/AWS/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 3.0" 7 | } 8 | } 9 | } 10 | provider "aws" { 11 | region = "ap-southeast-1" 12 | } 13 | -------------------------------------------------------------------------------- /chapter5/AWS/terraform.tfvars: -------------------------------------------------------------------------------- 1 | cidr_block = "10.0.0.0/16" 2 | aws_region = "ap-southeast-1" -------------------------------------------------------------------------------- /chapter5/AWS/variables.tf: -------------------------------------------------------------------------------- 1 | variable "cidr_block" { 2 | description = "provide VPC range" 3 | } 4 | variable "aws_region" { 5 | description = "provide AWS region" 6 | } -------------------------------------------------------------------------------- /chapter5/AzureRM/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "rgname" { 2 | name = var.rgname 3 | location = var.location 4 | tags = var.tags 5 | } 6 | resource "azurerm_virtual_network" "vnet" { 7 | name = var.vnet_name 8 | address_space = var.address_space 9 | location = azurerm_resource_group.rgname.location 10 | resource_group_name = azurerm_resource_group.rgname.name 11 | tags = var.tags 12 | } 13 | resource "azurerm_subnet" "subnet" { 14 | name = var.subnet_name 15 | resource_group_name = azurerm_resource_group.rgname.name 16 | virtual_network_name = azurerm_virtual_network.vnet.name 17 | address_prefixes = [cidrsubnet(var.address_space[0], 8, 1)] 18 | } 19 | resource "azurerm_network_interface" "nic" { 20 | name = var.nic_name 21 | location = azurerm_resource_group.rgname.location 22 | resource_group_name = azurerm_resource_group.rgname.name 23 | tags = var.tags 24 | ip_configuration { 25 | name = "internal" 26 | subnet_id = azurerm_subnet.subnet.id 27 | private_ip_address_allocation = "Dynamic" 28 | } 29 | } 30 | resource "azurerm_windows_virtual_machine" "virtual-machine" { 31 | name = var.vm_name 32 | resource_group_name = azurerm_resource_group.rgname.name 33 | location = azurerm_resource_group.rgname.location 34 | size = var.vm_size 35 | admin_username = var.admin_username 36 | admin_password = random_string.password.result 37 | tags = var.tags 38 | network_interface_ids = [ 39 | azurerm_network_interface.nic.id, 40 | ] 41 | os_disk { 42 | caching = "ReadWrite" 43 | storage_account_type = "Standard_LRS" 44 | } 45 | 46 | source_image_reference { 47 | publisher = var.vm_publisher 48 | offer = var.vm_offer 49 | sku = var.vm_sku 50 | version = var.vm_version 51 | } 52 | depends_on = [azurerm_key_vault.key_vault, azurerm_key_vault_secret.key_vault_secret] 53 | } 54 | data "azurerm_client_config" "current_config" {} 55 | resource "random_string" "password" { 56 | length = 16 57 | special = true 58 | min_upper = 2 59 | min_lower = 2 60 | min_numeric = 2 61 | min_special = 2 62 | } 63 | resource "azurerm_key_vault" "key_vault" { 64 | name = var.keyvault_name 65 | location = azurerm_resource_group.rgname.location 66 | resource_group_name = azurerm_resource_group.rgname.name 67 | tenant_id = data.azurerm_client_config.current_config.tenant_id 68 | sku_name = var.sku_name 69 | tags = var.tags 70 | access_policy { 71 | tenant_id = data.azurerm_client_config.current_config.tenant_id 72 | object_id = data.azurerm_client_config.current_config.object_id 73 | key_permissions = [ 74 | "create", 75 | "get", 76 | ] 77 | secret_permissions = [ 78 | "set", 79 | "get", 80 | "delete", 81 | ] 82 | } 83 | } 84 | resource "azurerm_key_vault_secret" "key_vault_secret" { 85 | name = var.keyvault_secret_name 86 | value = random_string.password.result 87 | key_vault_id = azurerm_key_vault.key_vault.id 88 | tags = var.tags 89 | } 90 | -------------------------------------------------------------------------------- /chapter5/AzureRM/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "=2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter5/AzureRM/terraform.tfvars: -------------------------------------------------------------------------------- 1 | rgname = "Terraform-rg" 2 | location = "westeurope" 3 | tags = { 4 | Environment = "prod" 5 | Owner = "Azure-Terraform" 6 | } 7 | vm_size = "Standard_F2" 8 | vm_name = "Terraform-vm" 9 | admin_username = "azureterraform" 10 | vm_publisher = "MicrosoftWindowsServer" 11 | vm_offer = "WindowsServer" 12 | vm_sku = "2016-Datacenter" 13 | vm_version = "latest" 14 | sku_name = "premium" 15 | vnet_name = "Terraform-vnet" 16 | address_space = ["10.1.0.0/16"] 17 | subnet_name = "Terraform-subnet" 18 | nic_name = "Terraform-nic" 19 | keyvault_name = "Terraform-keyvault2342" 20 | keyvault_secret_name = "Terraform-vm-password" -------------------------------------------------------------------------------- /chapter5/AzureRM/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "name of resource group" 4 | } 5 | variable "location" { 6 | type = string 7 | description = "location name" 8 | } 9 | variable "vnet_name" { 10 | type = string 11 | description = "vnet name" 12 | } 13 | variable "address_space" { 14 | type = list(string) 15 | description = "address space of the vnet" 16 | default = ["10.1.0.0/16"] 17 | } 18 | variable "subnet_name" { 19 | type = string 20 | description = "subnet name" 21 | } 22 | variable "nic_name" { 23 | type = string 24 | description = "nic card name" 25 | } 26 | variable "vm_name" { 27 | type = string 28 | description = "virtual machine name" 29 | } 30 | variable "vm_size" { 31 | type = string 32 | description = "virtual machine size" 33 | } 34 | variable "admin_username" { 35 | type = string 36 | description = "username" 37 | default = "azureuser" 38 | } 39 | variable "vm_publisher" { 40 | type = string 41 | description = "Virtual machine publisher" 42 | } 43 | variable "vm_offer" { 44 | type = string 45 | description = "Virtual machine offer" 46 | } 47 | variable "vm_sku" { 48 | type = string 49 | description = "Virtual machine sku" 50 | } 51 | variable "vm_version" { 52 | type = string 53 | description = "Virtual machine os version" 54 | default = "latest" 55 | } 56 | variable "keyvault_name" { 57 | type = string 58 | description = "keyvault name" 59 | } 60 | variable "sku_name" { 61 | type = string 62 | description = "keyvault sku" 63 | } 64 | variable "keyvault_secret_name" { 65 | type = string 66 | description = "virtual machine secret name" 67 | default = "vmpassword" 68 | } 69 | variable "tags" { 70 | description = "provide tags" 71 | } 72 | -------------------------------------------------------------------------------- /chapter5/GCP/main.tf: -------------------------------------------------------------------------------- 1 | data "google_project" "Terraform_project" { 2 | project_id = var.project_id 3 | } 4 | resource "google_app_engine_application" "Terraform_app" { 5 | project = data.google_project.Terraform_project.project_id 6 | location_id = var.location_id 7 | } 8 | -------------------------------------------------------------------------------- /chapter5/GCP/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | google = { 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | provider "google" { 10 | credentials = file("terraform-project-xxxx.json") 11 | project = "Terraform-project" 12 | region = "asia-south1" 13 | } -------------------------------------------------------------------------------- /chapter5/GCP/terraform.tfvars: -------------------------------------------------------------------------------- 1 | project_id = "terraform-project-56745" 2 | location_id = "asia-south1" 3 | -------------------------------------------------------------------------------- /chapter5/GCP/variables.tf: -------------------------------------------------------------------------------- 1 | variable "location_id" { 2 | description = "provide location name" 3 | } 4 | variable "project_id" { 5 | description = "provide Google Project ID" 6 | } 7 | -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/Azure-pipeline.yaml: -------------------------------------------------------------------------------- 1 | pool: 2 | vmImage: 'vs2017-win2016' 3 | 4 | trigger: 5 | branches: 6 | include: 7 | - master 8 | 9 | steps: 10 | - task: CopyFiles@2 11 | displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)\terraform-code' 12 | inputs: 13 | SourceFolder: terraform-code 14 | Contents: '*.*' 15 | TargetFolder: $(Build.ArtifactStagingDirectory)\terraform-code 16 | CleanTargetFolder: true 17 | OverWrite: true 18 | - task: PublishBuildArtifacts@1 19 | displayName: 'Publish Artifact: drop' 20 | inputs: 21 | pathtoPublish: $(Build.ArtifactStagingDirectory) 22 | artifactName: drop 23 | -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/terraform-code/backend.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "2.55.0" 7 | } 8 | } 9 | backend "azurerm" { 10 | storage_account_name = "__terraformstorageaccount__" 11 | container_name = "terraform" 12 | key = "terraform.tfstate" 13 | } 14 | } -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/terraform-code/providers.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/terraform-code/terraform.tfvars: -------------------------------------------------------------------------------- 1 | appserviceplan_name = "terraformlabasp" 2 | appservice_name = "terraformlabwebapp" -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/terraform-code/variables.tf: -------------------------------------------------------------------------------- 1 | variable "appserviceplan_name" { 2 | type = string 3 | description = "Provide name of the app service plan" 4 | } 5 | variable "appservice_name" { 6 | type = string 7 | description = "provide name of the webapp" 8 | } -------------------------------------------------------------------------------- /chapter6/Terraform-lab-Project/terraform-code/webapp.tf: -------------------------------------------------------------------------------- 1 | data "azurerm_resource_group" "dev" { 2 | name = "Terraform-lab-rg" 3 | } 4 | resource "azurerm_app_service_plan" "dev" { 5 | name = var.appserviceplan_name 6 | location = data.azurerm_resource_group.dev.location 7 | resource_group_name = data.azurerm_resource_group.dev.name 8 | sku { 9 | tier = "Standard" 10 | size = "S1" 11 | } 12 | } 13 | resource "azurerm_app_service" "dev" { 14 | name = var.appservice_name 15 | location = data.azurerm_resource_group.dev.location 16 | resource_group_name = data.azurerm_resource_group.dev.name 17 | app_service_plan_id = azurerm_app_service_plan.dev.id 18 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module-use-case/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-aws-vpc" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/aws/aws-vpc-subnet-module?ref=v1.0.0" 3 | vpc_name = var.vpc_name 4 | cidr_block = var.cidr_block 5 | subnet_name = var.subnet_name 6 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module-use-case/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vpc_id" { 2 | value = module.terraform-aws-vpc.vpc_id 3 | } 4 | output "vpc_cidr_block" { 5 | value = module.terraform-aws-vpc.vpc_cidr_block 6 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module-use-case/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | version = "~> 3.0" 7 | } 8 | } 9 | } 10 | provider "aws" { 11 | region = var.region 12 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module-use-case/terraform.tfvars: -------------------------------------------------------------------------------- 1 | subnet_name = "Terraform-aws-subnet" 2 | vpc_name = "Terraform-aws-vpc" 3 | cidr_block = "10.0.0.0/16" 4 | region = "us-east-1" -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module-use-case/variables.tf: -------------------------------------------------------------------------------- 1 | variable "vpc_name" { 2 | type = string 3 | description = "vpc name" 4 | } 5 | variable "cidr_block" { 6 | type = string 7 | description = "address space of the vpc" 8 | default = "10.0.0.0/16" 9 | } 10 | variable "subnet_name" { 11 | type = string 12 | description = "subnet name" 13 | } 14 | variable "region" { 15 | type = string 16 | description = "provide region where you want to deploy resources" 17 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module/VERSION: -------------------------------------------------------------------------------- 1 | 1.0.0 -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "terraform-vpc" { 2 | cidr_block = var.cidr_block 3 | instance_tenancy = "default" 4 | tags = { 5 | Name = var.vpc_name 6 | } 7 | } 8 | 9 | resource "aws_subnet" "terraform-subnet" { 10 | vpc_id = aws_vpc.terraform-vpc.id 11 | cidr_block = cidrsubnet(var.cidr_block, 8, 1) 12 | tags = { 13 | Name = var.subnet_name 14 | } 15 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vpc_id" { 2 | value = aws_vpc.terraform-vpc.id 3 | } 4 | 5 | output "vpc_cidr_block" { 6 | value = aws_vpc.terraform-vpc.cidr_block 7 | } -------------------------------------------------------------------------------- /chapter7/aws/aws-vpc-subnet-module/variables.tf: -------------------------------------------------------------------------------- 1 | variable "vpc_name" { 2 | type = string 3 | description = "vpc name" 4 | } 5 | variable "cidr_block" { 6 | type = string 7 | description = "address space of the vpc" 8 | default = "10.0.0.0/16" 9 | } 10 | variable "subnet_name" { 11 | type = string 12 | description = "subnet name" 13 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module-use-case/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-vm" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/azurerm/azurerm-virtual-machine-module?ref=v0.0.1" 3 | rgname = var.rgname 4 | location = var.location 5 | custom_tags = var.custom_tags 6 | vm_size = var.vm_size 7 | vm_name = var.vm_name 8 | admin_username = var.admin_username 9 | vm_publisher = var.vm_publisher 10 | vm_offer = var.vm_offer 11 | vm_sku = var.vm_sku 12 | vm_version = var.vm_version 13 | sku_name = var.sku_name 14 | vnet_name = var.vnet_name 15 | address_space = var.address_space 16 | subnet_name = var.subnet_name 17 | nic_name = var.nic_name 18 | keyvault_name = var.keyvault_name 19 | keyvault_secret_name = var.keyvault_secret_name 20 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module-use-case/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vm_private_ip" { 2 | value = module.terraform-vm.nic 3 | } 4 | output "vm_name" { 5 | value = module.terraform-vm.vm_name 6 | } 7 | output "vm_id" { 8 | value = module.terraform-vm.vm_id 9 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module-use-case/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "2.55.0" 7 | } 8 | } 9 | backend "azurerm" { 10 | storage_account_name = "terraformstg2345" 11 | container_name = "terraform" 12 | key = "terraform.tfstate" 13 | access_key = "KRqtJIA0Gp4oKBsElDU7RGN..." 14 | } 15 | } 16 | provider "azurerm" { 17 | features {} 18 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module-use-case/terraform.tfvars: -------------------------------------------------------------------------------- 1 | rgname = "Terraform-rg" 2 | location = "eastus" 3 | custom_tags = { 4 | Environment = "prod" 5 | Owner = "Azure-Terraform" 6 | } 7 | vm_size = "Standard_F2" 8 | vm_name = "Terraform-vm" 9 | admin_username = "azureterraform" 10 | vm_publisher = "MicrosoftWindowsServer" 11 | vm_offer = "WindowsServer" 12 | vm_sku = "2016-Datacenter" 13 | vm_version = "latest" 14 | sku_name = "premium" 15 | vnet_name = "Terraform-vnet" 16 | address_space = ["10.1.0.0/16"] 17 | subnet_name = "Terraform-subnet" 18 | nic_name = "Terraform-nic" 19 | keyvault_name = "terraform-vm-keyvault" 20 | keyvault_secret_name = "Terraform-vm-password" -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module-use-case/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "name of resource group" 4 | } 5 | variable "location" { 6 | type = string 7 | description = "location name" 8 | } 9 | variable "vnet_name" { 10 | type = string 11 | description = "vnet name" 12 | } 13 | variable "address_space" { 14 | type = list(string) 15 | description = "address space of the vnet" 16 | default = ["10.1.0.0/16"] 17 | } 18 | variable "subnet_name" { 19 | type = string 20 | description = "subnet name" 21 | } 22 | variable "nic_name" { 23 | type = string 24 | description = "nic card name" 25 | } 26 | variable "vm_name" { 27 | type = string 28 | description = "virtual machine name" 29 | } 30 | variable "vm_size" { 31 | type = string 32 | description = "virtual machine size" 33 | } 34 | variable "admin_username" { 35 | type = string 36 | description = "username" 37 | default = "azureuser" 38 | } 39 | variable "vm_publisher" { 40 | type = string 41 | description = "Virtual machine publisher" 42 | } 43 | variable "vm_offer" { 44 | type = string 45 | description = "Virtual machine offer" 46 | } 47 | variable "vm_sku" { 48 | type = string 49 | description = "Virtual machine sku" 50 | } 51 | variable "vm_version" { 52 | type = string 53 | description = "Virtual machine os version" 54 | default = "latest" 55 | } 56 | variable "keyvault_name" { 57 | type = string 58 | description = "keyvault name" 59 | } 60 | variable "sku_name" { 61 | type = string 62 | description = "keyvault sku" 63 | } 64 | variable "keyvault_secret_name" { 65 | type = string 66 | description = "virtual machine secret name" 67 | default = "vmpassword" 68 | } 69 | variable "custom_tags" { 70 | description = "provide tags" 71 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module/VERSION: -------------------------------------------------------------------------------- 1 | 0.0.1 -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "rgname" { 2 | name = var.rgname 3 | location = var.location 4 | tags = var.custom_tags 5 | } 6 | 7 | resource "azurerm_virtual_network" "vnet" { 8 | name = var.vnet_name 9 | address_space = var.address_space 10 | location = azurerm_resource_group.rgname.location 11 | resource_group_name = azurerm_resource_group.rgname.name 12 | tags = var.custom_tags 13 | } 14 | 15 | resource "azurerm_subnet" "subnet" { 16 | name = var.subnet_name 17 | resource_group_name = azurerm_resource_group.rgname.name 18 | virtual_network_name = azurerm_virtual_network.vnet.name 19 | address_prefixes = [cidrsubnet(var.address_space[0], 8, 1)] 20 | } 21 | 22 | resource "azurerm_network_interface" "nic" { 23 | name = var.nic_name 24 | location = azurerm_resource_group.rgname.location 25 | resource_group_name = azurerm_resource_group.rgname.name 26 | tags = var.custom_tags 27 | ip_configuration { 28 | name = "internal" 29 | subnet_id = azurerm_subnet.subnet.id 30 | private_ip_address_allocation = "Dynamic" 31 | } 32 | } 33 | 34 | resource "azurerm_windows_virtual_machine" "virtual_machine" { 35 | name = var.vm_name 36 | resource_group_name = azurerm_resource_group.rgname.name 37 | location = azurerm_resource_group.rgname.location 38 | size = var.vm_size 39 | admin_username = var.admin_username 40 | admin_password = local.vmpassword 41 | tags = var.custom_tags 42 | network_interface_ids = [ 43 | azurerm_network_interface.nic.id, 44 | ] 45 | os_disk { 46 | caching = "ReadWrite" 47 | storage_account_type = "Standard_LRS" 48 | } 49 | 50 | source_image_reference { 51 | publisher = var.vm_publisher 52 | offer = var.vm_offer 53 | sku = var.vm_sku 54 | version = var.vm_version 55 | } 56 | depends_on = [ 57 | azurerm_key_vault.key_vault, 58 | azurerm_key_vault_secret.key_vault_secret, 59 | ] 60 | } 61 | 62 | data "azurerm_client_config" "current_config" {} 63 | 64 | resource "random_string" "password" { 65 | length = 16 66 | special = true 67 | min_upper = 2 68 | min_lower = 2 69 | min_numeric = 2 70 | min_special = 2 71 | } 72 | locals { 73 | vmpassword = random_string.password.result 74 | } 75 | resource "azurerm_key_vault" "key_vault" { 76 | name = var.keyvault_name 77 | location = azurerm_resource_group.rgname.location 78 | resource_group_name = azurerm_resource_group.rgname.name 79 | tenant_id = data.azurerm_client_config.current_config.tenant_id 80 | sku_name = var.sku_name 81 | tags = var.custom_tags 82 | access_policy { 83 | tenant_id = data.azurerm_client_config.current_config.tenant_id 84 | object_id = data.azurerm_client_config.current_config.object_id 85 | key_permissions = [ 86 | "create", 87 | "get", 88 | ] 89 | secret_permissions = [ 90 | "set", 91 | "get", 92 | "delete", 93 | ] 94 | } 95 | } 96 | resource "azurerm_key_vault_secret" "key_vault_secret" { 97 | name = var.keyvault_secret_name 98 | value = local.vmpassword 99 | key_vault_id = azurerm_key_vault.key_vault.id 100 | tags = var.custom_tags 101 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module/outputs.tf: -------------------------------------------------------------------------------- 1 | output "nic" { 2 | value = azurerm_network_interface.nic.private_ip_address 3 | } 4 | 5 | output "vm_id" { 6 | value = azurerm_windows_virtual_machine.virtual_machine.id 7 | } 8 | 9 | output "vm_name" { 10 | value = azurerm_windows_virtual_machine.virtual_machine.name 11 | } -------------------------------------------------------------------------------- /chapter7/azurerm/azurerm-virtual-machine-module/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "name of resource group" 4 | } 5 | variable "location" { 6 | type = string 7 | description = "location name" 8 | } 9 | variable "vnet_name" { 10 | type = string 11 | description = "vnet name" 12 | } 13 | variable "address_space" { 14 | type = list(string) 15 | description = "address space of the vnet" 16 | default = ["10.1.0.0/16"] 17 | } 18 | variable "subnet_name" { 19 | type = string 20 | description = "subnet name" 21 | } 22 | variable "nic_name" { 23 | type = string 24 | description = "nic card name" 25 | } 26 | variable "vm_name" { 27 | type = string 28 | description = "virtual machine name" 29 | } 30 | variable "vm_size" { 31 | type = string 32 | description = "virtual machine size" 33 | } 34 | variable "admin_username" { 35 | type = string 36 | description = "username" 37 | default = "azureuser" 38 | } 39 | variable "vm_publisher" { 40 | type = string 41 | description = "Virtual machine publisher" 42 | } 43 | variable "vm_offer" { 44 | type = string 45 | description = "Virtual machine offer" 46 | } 47 | variable "vm_sku" { 48 | type = string 49 | description = "Virtual machine sku" 50 | } 51 | variable "vm_version" { 52 | type = string 53 | description = "Virtual machine os version" 54 | default = "latest" 55 | } 56 | variable "keyvault_name" { 57 | type = string 58 | description = "keyvault name" 59 | } 60 | variable "sku_name" { 61 | type = string 62 | description = "keyvault sku" 63 | } 64 | variable "keyvault_secret_name" { 65 | type = string 66 | description = "virtual machine secret name" 67 | default = "vmpassword" 68 | } 69 | variable "custom_tags" { 70 | description = "provide tags" 71 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module-use-case/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-gcp-gcs" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/gcp/gcp-storage-module?ref=v2.0.0" 3 | gcp_stg_name = var.gcp_stg_name 4 | gcp_location = var.gcp_location 5 | force_destroy = var.force_destroy 6 | storage_class = var.storage_class 7 | project = var.project 8 | labels = var.labels 9 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module-use-case/outputs.tf: -------------------------------------------------------------------------------- 1 | output "gcs_self_link" { 2 | value = module.terraform-gcp-gcs.gcs_self_link 3 | } 4 | output "gcs_url" { 5 | value = module.terraform-gcp-gcs.gcs_url 6 | } 7 | output "gcs_name" { 8 | value = module.terraform-gcp-gcs.gcs_name 9 | } 10 | -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module-use-case/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | google = { 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | provider "google" { 10 | project = "terraform-lab-project" 11 | region = "us-west1" 12 | zone = "us-west1-c" 13 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module-use-case/terraform.tfvars: -------------------------------------------------------------------------------- 1 | gcp_stg_name = "gcpstg23423" 2 | gcp_location = "US" 3 | force_destroy = true 4 | storage_class = "STANDARD" 5 | project = "terraform-lab-project" 6 | labels = { environment = "development", owner = "gcp-terraform" } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module-use-case/variables.tf: -------------------------------------------------------------------------------- 1 | variable "gcp_stg_name" { 2 | type = string 3 | description = "name of the GCP storage" 4 | } 5 | variable "gcp_location" { 6 | type = string 7 | description = "name of the location" 8 | } 9 | variable "force_destroy" { 10 | type = bool 11 | description = "provide whether true or false" 12 | default = true 13 | } 14 | variable "storage_class" { 15 | type = string 16 | description = "Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE" 17 | } 18 | variable "project" { 19 | type = string 20 | description = "provide project ID" 21 | } 22 | variable "labels" { 23 | type = map(any) 24 | description = "provide name of the labels" 25 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module/main.tf: -------------------------------------------------------------------------------- 1 | resource "google_storage_bucket" "gcp-stg" { 2 | name = var.gcp_stg_name 3 | location = var.gcp_location 4 | force_destroy = var.force_destroy 5 | storage_class = var.storage_class 6 | project = var.project 7 | labels = var.labels 8 | versioning { 9 | enabled = true 10 | } 11 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module/outputs.tf: -------------------------------------------------------------------------------- 1 | output "gcs_self_link" { 2 | value = google_storage_bucket.gcp-stg.self_link 3 | } 4 | output "gcs_url" { 5 | value = google_storage_bucket.gcp-stg.url 6 | } 7 | output "gcs_name" { 8 | value = google_storage_bucket.gcp-stg.name 9 | } -------------------------------------------------------------------------------- /chapter7/gcp/gcp-storage-module/variables.tf: -------------------------------------------------------------------------------- 1 | variable "gcp_stg_name" { 2 | type = string 3 | description = "name of the GCP storage" 4 | } 5 | variable "gcp_location" { 6 | type = string 7 | description = "name of the location" 8 | } 9 | variable "force_destroy" { 10 | type = bool 11 | description = "provide whether true or false" 12 | default = true 13 | } 14 | variable "storage_class" { 15 | type = string 16 | description = "Provide Storage Class and Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE" 17 | } 18 | variable "project" { 19 | type = string 20 | description = "provide project ID" 21 | } 22 | variable "labels" { 23 | type = map(any) 24 | description = "provide name of the labels" 25 | } -------------------------------------------------------------------------------- /chapter8/GCP-Files/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-gcp-gcs" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/gcp/gcp-storage-module?ref=v2.0.0" 3 | gcp_stg_name = "${local.gcp_string}-gcpstg" 4 | gcp_location = var.gcp_location 5 | force_destroy = var.force_destroy 6 | storage_class = var.storage_class 7 | project = var.project_id 8 | labels = var.labels 9 | } 10 | resource "google_compute_network" "gcp-network" { 11 | name = "${local.gcp_string}-vpc" 12 | description = "This is gcp terraform vpc" 13 | routing_mode = var.routing_mode 14 | auto_create_subnetworks = false 15 | depends_on = [module.terraform-gcp-gcs.gcs_name] 16 | project = var.project_id 17 | } 18 | resource "random_string" "string_name" { 19 | length = 6 20 | special = false 21 | upper = false 22 | number = false 23 | } 24 | locals { 25 | gcp_string = random_string.string_name.result 26 | } 27 | resource "google_compute_subnetwork" "gcp-subnetwork" { 28 | name = "${local.gcp_string}subnet" 29 | description = "This is subnet address" 30 | ip_cidr_range = var.ip_cidr_range 31 | region = var.gcp_region 32 | project = var.project_id 33 | network = google_compute_network.gcp-network.id 34 | } 35 | resource "google_compute_address" "internal_with_subnet_and_address" { 36 | name = "${local.gcp_string}internal" 37 | subnetwork = google_compute_subnetwork.gcp-subnetwork.id 38 | address_type = var.address_type 39 | address = var.address 40 | region = var.gcp_region 41 | project = var.project_id 42 | } -------------------------------------------------------------------------------- /chapter8/GCP-Files/outputs.tf: -------------------------------------------------------------------------------- 1 | output "gcs_name" { 2 | description = "Google cloud storage bucket name" 3 | value = module.terraform-gcp-gcs.gcs_name 4 | } 5 | output "vpc_id" { 6 | description = "Network ID details" 7 | value = google_compute_network.gcp-network.id 8 | } 9 | output "compute_address_id" { 10 | description = "Compute Address ID" 11 | value = google_compute_address.internal_with_subnet_and_address.id 12 | } -------------------------------------------------------------------------------- /chapter8/GCP-Files/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | google = { 5 | version = "~> 3.0" 6 | } 7 | } 8 | } 9 | provider "google" { 10 | project = var.project_name 11 | region = var.gcp_region 12 | zone = var.zone 13 | } -------------------------------------------------------------------------------- /chapter8/GCP-Files/terraform.tfvars: -------------------------------------------------------------------------------- 1 | gcp_location = "US" 2 | force_destroy = true 3 | storage_class = "STANDARD" 4 | project_id = "terraform-project-2342" 5 | labels = { environment = "development", owner = "gcp-terraform" } 6 | routing_mode = "GLOBAL" 7 | ip_cidr_range = "10.0.0.0/16" 8 | gcp_region = "us-west1" 9 | zone = "us-west1-c" 10 | address_type = "INTERNAL" 11 | address = "10.0.10.10" 12 | project_name = "terraform-project" -------------------------------------------------------------------------------- /chapter8/GCP-Files/variables.tf: -------------------------------------------------------------------------------- 1 | variable "gcp_location" { 2 | type = string 3 | description = "name of the location" 4 | } 5 | variable "force_destroy" { 6 | type = bool 7 | description = "provide whether true or false" 8 | default = true 9 | } 10 | variable "storage_class" { 11 | type = string 12 | description = "Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE" 13 | } 14 | variable "project_id" { 15 | type = string 16 | description = "provide project ID" 17 | } 18 | variable "project_name" { 19 | type = string 20 | description = "provide google project name" 21 | } 22 | variable "labels" { 23 | type = map(any) 24 | description = "provide name of the labels" 25 | } 26 | variable "gcp_region" { 27 | type = string 28 | description = "provide gcp region" 29 | } 30 | variable "zone" { 31 | type = string 32 | description = "provide gcp zone" 33 | } 34 | variable "ip_cidr_range" { 35 | type = string 36 | description = "provide IP CIDR Range" 37 | } 38 | variable "address" { 39 | type = string 40 | description = "provide static address with in the CIDR range" 41 | } 42 | variable "address_type" { 43 | type = string 44 | description = "provide address type whether it is INTERNAL or EXTERNAL" 45 | } 46 | variable "routing_mode" { 47 | type = string 48 | description = "provide routing method GLOBAL or REGIONAL" 49 | } 50 | -------------------------------------------------------------------------------- /chapter8/Override-Files/main.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "rgname" { 2 | #Create resource group in Azure 3 | name = "Terraform-rg" 4 | location = var.location 5 | tags = { 6 | "environment" = "development" 7 | "costcenter" = "B3478" 8 | } 9 | } 10 | variable "location" { 11 | type = string 12 | default = "eastus" 13 | } 14 | output "id" { 15 | value = azurerm_resource_group.rgname.id 16 | } 17 | output "name" { 18 | value = azurerm_resource_group.rgname.name 19 | } 20 | -------------------------------------------------------------------------------- /chapter8/Override-Files/main.tf.json: -------------------------------------------------------------------------------- 1 | { 2 | "resource":{ 3 | "azurerm_resource_group":{ 4 | "rgname":{ 5 | "//":"Create resource group in Azure", 6 | "name":"Terraform-rg", 7 | "location":"${var.location}", 8 | "tags":{ 9 | "environment":"development", 10 | "costcenter":"B41892" 11 | } 12 | } 13 | } 14 | }, 15 | "variable": { 16 | "location": { 17 | "default": "eastus" 18 | } 19 | }, 20 | "output":{ 21 | "id":{ 22 | "value":"${azurerm_resource_group.rgname.id}" 23 | }, 24 | "name":{ 25 | "value":"${azurerm_resource_group.rgname.name}" 26 | } 27 | } 28 | } -------------------------------------------------------------------------------- /chapter8/Override-Files/override.tf: -------------------------------------------------------------------------------- 1 | resource "azurerm_resource_group" "rgname" { 2 | tags = { 3 | "environment" = "preprod" 4 | "costcenter" = "C3478" 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /chapter8/Override-Files/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "=2.55.0" 7 | } 8 | } 9 | } 10 | provider "azurerm" { 11 | features {} 12 | } -------------------------------------------------------------------------------- /chapter8/aws-files/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-aws-vpc" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/aws/aws-vpc-subnet-module?ref=v1.0.0" 3 | vpc_name = var.vpc_name 4 | cidr_block = var.cidr_block 5 | subnet_name = var.subnet_name 6 | } 7 | resource "aws_s3_bucket" "s3_bucket" { 8 | bucket = var.bucket_name 9 | acl = var.bucket_acl 10 | tags = var.custom_tags 11 | } -------------------------------------------------------------------------------- /chapter8/aws-files/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vpc_id" { 2 | value = module.terraform-aws-vpc.vpc_id 3 | } 4 | output "vpc_cidr_block" { 5 | value = module.terraform-aws-vpc.vpc_cidr_block 6 | } 7 | output "s3_id" { 8 | value = aws_s3_bucket.s3_bucket.id 9 | } 10 | output "bucket_domain_name" { 11 | value = aws_s3_bucket.s3_bucket.bucket_domain_name 12 | } -------------------------------------------------------------------------------- /chapter8/aws-files/providers.tf: -------------------------------------------------------------------------------- 1 | 2 | terraform { 3 | required_version = ">= 1.0" 4 | required_providers { 5 | aws = { 6 | source = "hashicorp/aws" 7 | version = "~> 3.0" 8 | } 9 | } 10 | } 11 | provider "aws" { 12 | region = var.region 13 | } -------------------------------------------------------------------------------- /chapter8/aws-files/terraform.tfvars: -------------------------------------------------------------------------------- 1 | subnet_name = "Terraform-aws-subnet" 2 | vpc_name = "Terraform-aws-vpc" 3 | cidr_block = "10.0.0.0/16" 4 | region = "us-east-1" 5 | custom_tags = { Name = "s3-bucket", Environment = "development", owner = "Anil" } 6 | bucket_name = "terraform-s3-bucket01" 7 | bucket_acl = "private" 8 | 9 | -------------------------------------------------------------------------------- /chapter8/aws-files/variables.tf: -------------------------------------------------------------------------------- 1 | variable "vpc_name" { 2 | type = string 3 | description = "vpc name" 4 | } 5 | variable "cidr_block" { 6 | type = string 7 | description = "address space of the vpc" 8 | default = "10.0.0.0/16" 9 | } 10 | variable "subnet_name" { 11 | type = string 12 | description = "subnet name" 13 | } 14 | variable "region" { 15 | type = string 16 | description = "provide region where you want to deploy resources" 17 | } 18 | variable "bucket_name" { 19 | type = string 20 | description = "provide name of the S3 bucket" 21 | } 22 | variable "bucket_acl" { 23 | type = string 24 | description = "provide ACL for the S3 bucket i.e. private, public-read etc." 25 | } 26 | variable "custom_tags" { 27 | type = map(any) 28 | description = "provide tags which needs to be applied." 29 | 30 | } -------------------------------------------------------------------------------- /chapter8/azure-files/main.tf: -------------------------------------------------------------------------------- 1 | module "terraform-vm" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter7/azurerm/azurerm-virtual-machine-module?ref=v0.0.1" 3 | rgname = var.rgname 4 | location = var.location 5 | custom_tags = var.custom_tags 6 | vm_size = var.vm_size 7 | vm_name = var.vm_name 8 | admin_username = var.admin_username 9 | vm_publisher = var.vm_publisher 10 | vm_offer = var.vm_offer 11 | vm_sku = var.vm_sku 12 | vm_version = var.vm_version 13 | sku_name = var.sku_name 14 | vnet_name = var.vnet_name 15 | address_space = var.address_space 16 | subnet_name = var.subnet_name 17 | nic_name = var.nic_name 18 | keyvault_name = var.keyvault_name 19 | keyvault_secret_name = var.keyvault_secret_name 20 | } 21 | resource "random_string" "string_name" { 22 | length = 7 23 | special = false 24 | upper = false 25 | number = false 26 | } 27 | locals { 28 | azure_string = random_string.string_name.result 29 | } 30 | resource "azurerm_storage_account" "stg_account" { 31 | name = "${local.azure_string}azurestg" 32 | resource_group_name = var.rgname 33 | location = var.location 34 | tags = var.custom_tags 35 | account_tier = var.account_tier 36 | account_replication_type = var.account_replication_type 37 | depends_on = [module.terraform-vm] 38 | } -------------------------------------------------------------------------------- /chapter8/azure-files/outputs.tf: -------------------------------------------------------------------------------- 1 | output "vm_private_ip" { 2 | value = module.terraform-vm.nic 3 | } 4 | output "vm_name" { 5 | value = module.terraform-vm.vm_name 6 | } 7 | output "vm_id" { 8 | value = module.terraform-vm.vm_id 9 | } 10 | output "stg_name" { 11 | value = azurerm_storage_account.stg_account.name 12 | } 13 | output "stg_id" { 14 | value = azurerm_storage_account.stg_account.id 15 | } -------------------------------------------------------------------------------- /chapter8/azure-files/providers.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0" 3 | required_providers { 4 | azurerm = { 5 | source = "hashicorp/azurerm" 6 | version = "2.55.0" 7 | } 8 | } 9 | backend "azurerm" { 10 | storage_account_name = "terraformstg2345" 11 | container_name = "terraform" 12 | key = "terraform.tfstate" 13 | access_key = "KRqtJIA0Gp4oKBsElDU7.." 14 | } 15 | } 16 | provider "azurerm" { 17 | features {} 18 | } -------------------------------------------------------------------------------- /chapter8/azure-files/terraform.tfvars: -------------------------------------------------------------------------------- 1 | rgname = "Terraform-rg" 2 | location = "eastus" 3 | custom_tags = { 4 | Environment = "prod" 5 | Owner = "Azure-Terraform" 6 | } 7 | vm_size = "Standard_F2" 8 | vm_name = "Terraform-vm" 9 | admin_username = "azureterraform" 10 | vm_publisher = "MicrosoftWindowsServer" 11 | vm_offer = "WindowsServer" 12 | vm_sku = "2016-Datacenter" 13 | vm_version = "latest" 14 | sku_name = "premium" 15 | vnet_name = "Terraform-vnet" 16 | address_space = ["10.1.0.0/16"] 17 | subnet_name = "Terraform-subnet" 18 | nic_name = "Terraform-nic" 19 | keyvault_name = "terraform-vm-keyvault" 20 | keyvault_secret_name = "Terraform-vm-password" 21 | account_tier = "Standard" 22 | account_replication_type = "LRS" 23 | -------------------------------------------------------------------------------- /chapter8/azure-files/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rgname" { 2 | type = string 3 | description = "name of resource group" 4 | } 5 | variable "location" { 6 | type = string 7 | description = "location name" 8 | } 9 | variable "vnet_name" { 10 | type = string 11 | description = "vnet name" 12 | } 13 | variable "address_space" { 14 | type = list(string) 15 | description = "address space of the vnet" 16 | default = ["10.1.0.0/16"] 17 | } 18 | variable "subnet_name" { 19 | type = string 20 | description = "subnet name" 21 | } 22 | variable "nic_name" { 23 | type = string 24 | description = "nic card name" 25 | } 26 | variable "vm_name" { 27 | type = string 28 | description = "virtual machine name" 29 | } 30 | variable "vm_size" { 31 | type = string 32 | description = "virtual machine size" 33 | } 34 | variable "admin_username" { 35 | type = string 36 | description = "username" 37 | default = "azureuser" 38 | } 39 | variable "vm_publisher" { 40 | type = string 41 | description = "Virtual machine publisher" 42 | } 43 | variable "vm_offer" { 44 | type = string 45 | description = "Virtual machine offer" 46 | } 47 | variable "vm_sku" { 48 | type = string 49 | description = "Virtual machine sku" 50 | } 51 | variable "vm_version" { 52 | type = string 53 | description = "Virtual machine os version" 54 | default = "latest" 55 | } 56 | variable "keyvault_name" { 57 | type = string 58 | description = "keyvault name" 59 | } 60 | variable "sku_name" { 61 | type = string 62 | description = "keyvault sku" 63 | } 64 | variable "keyvault_secret_name" { 65 | type = string 66 | description = "virtual machine secret name" 67 | default = "vmpassword" 68 | } 69 | variable "custom_tags" { 70 | type = map(any) 71 | description = "provide tags" 72 | } 73 | variable "account_tier" { 74 | type = string 75 | description = "provide access tier" 76 | } 77 | variable "account_replication_type" { 78 | type = string 79 | description = "provide replication type like LRS, GRS etc." 80 | } -------------------------------------------------------------------------------- /chapter9/aws/modules/s3/main.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | S3 Bucket Code 3 | *****************************************/ 4 | resource "aws_s3_bucket" "s3_bucket" { 5 | count = var.create_bucket ? 1 : 0 6 | bucket = var.bucket_name 7 | acl = var.bucket_acl 8 | force_destroy = var.force_destroy 9 | acceleration_status = var.acceleration_status 10 | tags = var.custom_tags 11 | } -------------------------------------------------------------------------------- /chapter9/aws/modules/s3/outputs.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | S3 Bucket Output 3 | *****************************************/ 4 | output "s3_id" { 5 | value = aws_s3_bucket.s3_bucket.*.id 6 | } 7 | output "bucket_domain_name" { 8 | value = aws_s3_bucket.s3_bucket.*.bucket_domain_name 9 | } -------------------------------------------------------------------------------- /chapter9/aws/modules/s3/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Storage Variables 3 | *****************************************/ 4 | variable "create_bucket" { 5 | description = "Controls if S3 bucket should be created" 6 | type = bool 7 | default = true 8 | } 9 | 10 | variable "bucket_name" { 11 | type = string 12 | description = "provide name of the S3 bucket" 13 | } 14 | variable "bucket_acl" { 15 | type = string 16 | description = "provide ACL for the S3 bucket i.e. private, public-read etc." 17 | default = "private" 18 | } 19 | 20 | variable "custom_tags" { 21 | type = map(string) 22 | description = "provide tags which needs to be applied." 23 | } 24 | variable "force_destroy" { 25 | description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable." 26 | type = bool 27 | default = false 28 | } 29 | 30 | variable "acceleration_status" { 31 | description = "(Optional) Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended." 32 | type = string 33 | default = null 34 | } 35 | -------------------------------------------------------------------------------- /chapter9/aws/modules/vpc-subnet/main.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | VPC Code 3 | *****************************************/ 4 | resource "aws_vpc" "vpc" { 5 | cidr_block = var.cidr_block 6 | instance_tenancy = var.instance_tenancy 7 | enable_dns_hostnames = var.enable_dns_hostnames 8 | enable_dns_support = var.enable_dns_support 9 | enable_classiclink = var.enable_classiclink 10 | enable_classiclink_dns_support = var.enable_classiclink_dns_support 11 | assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block 12 | tags = merge( 13 | { 14 | "Name" = format("%s", var.vpc_name) 15 | }, 16 | var.custom_tags, 17 | ) 18 | } 19 | /****************************************** 20 | Subnet Code 21 | *****************************************/ 22 | resource "aws_subnet" "subnet" { 23 | vpc_id = aws_vpc.vpc.id 24 | cidr_block = var.subnet_cidr 25 | tags = merge( 26 | { 27 | "Name" = format("%s", var.subnet_name) 28 | }, 29 | var.custom_tags, 30 | ) 31 | } -------------------------------------------------------------------------------- /chapter9/aws/modules/vpc-subnet/outputs.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | VPC Code 3 | *****************************************/ 4 | output "vpc_id" { 5 | value = aws_vpc.vpc.id 6 | } 7 | output "vpc_arn" { 8 | value = aws_vpc.vpc.arn 9 | } 10 | /****************************************** 11 | Subnet Output 12 | *****************************************/ 13 | output "subnet_id" { 14 | value = aws_subnet.subnet.id 15 | description = "id of the AWS subnet" 16 | } 17 | output "subnet_arn" { 18 | value = aws_subnet.subnet.arn 19 | description = "The arn of the subnet" 20 | } -------------------------------------------------------------------------------- /chapter9/aws/modules/vpc-subnet/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | VPC Variables 3 | *****************************************/ 4 | 5 | variable "vpc_name" { 6 | description = "Define name of the VPC" 7 | type = string 8 | default = "" 9 | } 10 | 11 | variable "cidr_block" { 12 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 13 | type = string 14 | default = "0.0.0.0/0" 15 | } 16 | 17 | variable "custom_tags" { 18 | description = "A map of tags to add to all resources" 19 | type = map(string) 20 | default = {} 21 | } 22 | variable "enable_dns_hostnames" { 23 | description = "Should be true to enable DNS hostnames in the VPC" 24 | type = bool 25 | default = false 26 | } 27 | 28 | variable "enable_dns_support" { 29 | description = "Should be true to enable DNS support in the VPC" 30 | type = bool 31 | default = true 32 | } 33 | 34 | variable "enable_classiclink" { 35 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 36 | type = bool 37 | default = null 38 | } 39 | 40 | variable "enable_classiclink_dns_support" { 41 | description = "Should be true to enable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic." 42 | type = bool 43 | default = null 44 | } 45 | 46 | variable "assign_generated_ipv6_cidr_block" { 47 | description = "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block." 48 | type = bool 49 | default = false 50 | } 51 | variable "instance_tenancy" { 52 | description = "provide tenancy details" 53 | type = string 54 | } 55 | /****************************************** 56 | Subnet Variables 57 | *****************************************/ 58 | variable "subnet_name" { 59 | type = string 60 | description = "Name of the subnet" 61 | } 62 | 63 | variable "subnet_cidr" { 64 | type = string 65 | description = "provide subnet range" 66 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks/main.tf: -------------------------------------------------------------------------------- 1 | module "vpc" { 2 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter9/aws/modules/vpc-subnet?ref=v1.14" 3 | cidr_block = var.cidr_block 4 | instance_tenancy = var.instance_tenancy 5 | enable_dns_hostnames = var.enable_dns_hostnames 6 | enable_dns_support = var.enable_dns_support 7 | enable_classiclink = var.enable_classiclink 8 | enable_classiclink_dns_support = var.enable_classiclink_dns_support 9 | assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block 10 | vpc_name = var.vpc_name 11 | custom_tags = var.custom_tags 12 | subnet_cidr = var.subnet_cidr 13 | subnet_name = var.subnet_name 14 | } 15 | module "s3" { 16 | source = "github.com/PacktPublishing/Hashicorp-Infrastructure-Automation-Certification-Guide.git//chapter9/aws/modules/s3?ref=v1.14" 17 | create_bucket = var.create_bucket 18 | bucket_name = var.bucket_name 19 | bucket_acl = var.bucket_acl 20 | force_destroy = var.force_destroy 21 | acceleration_status = var.acceleration_status 22 | custom_tags = var.custom_tags 23 | depends_on = [module.vpc.id] 24 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks/outputs.tf: -------------------------------------------------------------------------------- 1 | output "subnet_id" { 2 | description = "subnets ID" 3 | value = module.vpc.subnet_id 4 | } 5 | output "s3_id" { 6 | description = "S3 bucket id" 7 | value = module.s3.s3_id 8 | } 9 | output "vpc_id" { 10 | description = "VPC id" 11 | value = module.vpc.vpc_id 12 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | VPC Variables 3 | *****************************************/ 4 | variable "vpc_name" { 5 | description = "Define name of the VPC" 6 | type = string 7 | default = "" 8 | } 9 | 10 | variable "cidr_block" { 11 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 12 | type = string 13 | default = "0.0.0.0/0" 14 | } 15 | 16 | variable "custom_tags" { 17 | description = "A map of tags to add to all resources" 18 | type = map(string) 19 | default = {} 20 | } 21 | variable "enable_dns_hostnames" { 22 | description = "Should be true to enable DNS hostnames in the VPC" 23 | type = bool 24 | default = false 25 | } 26 | 27 | variable "enable_dns_support" { 28 | description = "Should be true to enable DNS support in the VPC" 29 | type = bool 30 | default = true 31 | } 32 | 33 | variable "enable_classiclink" { 34 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 35 | type = bool 36 | default = null 37 | } 38 | 39 | variable "enable_classiclink_dns_support" { 40 | description = "Should be true to enable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic." 41 | type = bool 42 | default = null 43 | } 44 | 45 | variable "assign_generated_ipv6_cidr_block" { 46 | description = "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block." 47 | type = bool 48 | default = false 49 | } 50 | variable "instance_tenancy" { 51 | description = "provide tenancy details" 52 | type = string 53 | } 54 | /****************************************** 55 | Subnet Variables 56 | *****************************************/ 57 | variable "subnet_name" { 58 | type = string 59 | description = "Name of the subnet" 60 | } 61 | 62 | variable "subnet_cidr" { 63 | type = string 64 | description = "provide subnet range" 65 | } 66 | /****************************************** 67 | Storage Variables 68 | *****************************************/ 69 | variable "create_bucket" { 70 | description = "Controls if S3 bucket should be created" 71 | type = bool 72 | default = true 73 | } 74 | variable "bucket_name" { 75 | type = string 76 | description = "provide name of the S3 bucket" 77 | } 78 | variable "bucket_acl" { 79 | type = string 80 | description = "provide ACL for the S3 bucket i.e. private, public-read etc." 81 | default = "private" 82 | } 83 | variable "force_destroy" { 84 | description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable." 85 | type = bool 86 | default = false 87 | } 88 | 89 | variable "acceleration_status" { 90 | description = "(Optional) Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended." 91 | type = string 92 | default = null 93 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks_of_stacks/main.tf: -------------------------------------------------------------------------------- 1 | module "aws_stacks" { 2 | source = "../stacks" 3 | cidr_block = var.cidr_block 4 | instance_tenancy = var.instance_tenancy 5 | enable_dns_hostnames = var.enable_dns_hostnames 6 | enable_dns_support = var.enable_dns_support 7 | enable_classiclink = var.enable_classiclink 8 | enable_classiclink_dns_support = var.enable_classiclink_dns_support 9 | assign_generated_ipv6_cidr_block = var.assign_generated_ipv6_cidr_block 10 | vpc_name = var.vpc_name 11 | custom_tags = var.custom_tags 12 | subnet_name = var.subnet_name 13 | subnet_cidr = var.subnet_cidr 14 | create_bucket = var.create_bucket 15 | bucket_name = var.bucket_name 16 | bucket_acl = var.bucket_acl 17 | force_destroy = var.force_destroy 18 | acceleration_status = var.acceleration_status 19 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks_of_stacks/providers.tf: -------------------------------------------------------------------------------- 1 | 2 | terraform { 3 | required_version = ">= 1.0" 4 | required_providers { 5 | aws = { 6 | source = "hashicorp/aws" 7 | version = "~> 3.0" 8 | } 9 | } 10 | } 11 | provider "aws" { 12 | region = var.region 13 | } -------------------------------------------------------------------------------- /chapter9/aws/stacks_of_stacks/terraform.tfvars: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Input variables values 3 | *****************************************/ 4 | region = "us-east-1" 5 | cidr_block = "10.10.0.0/16" 6 | instance_tenancy = "default" 7 | enable_classiclink = false 8 | enable_classiclink_dns_support = false 9 | vpc_name = "terraform-vpc" 10 | custom_tags = { environment = "test", owner = "terraform", costcenter = "tf0568" } 11 | subnet_name = "terraform-subnet" 12 | subnet_cidr = "10.10.0.0/24" 13 | create_bucket = true 14 | bucket_name = "tf-s3-bucket" 15 | force_destroy = true 16 | acceleration_status = "Enabled" -------------------------------------------------------------------------------- /chapter9/aws/stacks_of_stacks/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | VPC Variables 3 | *****************************************/ 4 | variable "instance_tenancy" { 5 | description = "provide tenancy details" 6 | type = string 7 | } 8 | 9 | variable "vpc_name" { 10 | description = "Define name of the VPC" 11 | type = string 12 | default = "" 13 | } 14 | 15 | variable "cidr_block" { 16 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 17 | type = string 18 | default = "0.0.0.0/0" 19 | } 20 | variable "enable_dns_hostnames" { 21 | description = "Should be true to enable DNS hostnames in the VPC" 22 | type = bool 23 | default = false 24 | } 25 | 26 | variable "enable_dns_support" { 27 | description = "Should be true to enable DNS support in the VPC" 28 | type = bool 29 | default = true 30 | } 31 | 32 | variable "enable_classiclink" { 33 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 34 | type = bool 35 | default = null 36 | } 37 | 38 | variable "enable_classiclink_dns_support" { 39 | description = "Should be true to enable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic." 40 | type = bool 41 | default = null 42 | } 43 | 44 | variable "assign_generated_ipv6_cidr_block" { 45 | description = "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block." 46 | type = bool 47 | default = false 48 | } 49 | /****************************************** 50 | Subnet Variables 51 | *****************************************/ 52 | variable "subnet_name" { 53 | type = string 54 | description = "Name of the subnet" 55 | } 56 | 57 | variable "subnet_cidr" { 58 | type = string 59 | description = "provide subnet range" 60 | } 61 | /****************************************** 62 | Storage Variables 63 | *****************************************/ 64 | variable "create_bucket" { 65 | description = "Controls if S3 bucket should be created" 66 | type = bool 67 | default = true 68 | } 69 | variable "bucket_name" { 70 | type = string 71 | description = "provide name of the S3 bucket" 72 | } 73 | variable "bucket_acl" { 74 | type = string 75 | description = "provide ACL for the S3 bucket i.e. private, public-read etc." 76 | default = "private" 77 | } 78 | 79 | variable "custom_tags" { 80 | type = map(string) 81 | description = "provide tags which needs to be applied." 82 | } 83 | variable "force_destroy" { 84 | description = "(Optional, Default:false ) A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable." 85 | type = bool 86 | default = false 87 | } 88 | 89 | variable "acceleration_status" { 90 | description = "(Optional) Sets the accelerate configuration of an existing bucket. Can be Enabled or Suspended." 91 | type = string 92 | default = null 93 | } 94 | 95 | variable "request_payer" { 96 | description = "(Optional) Specifies who should bear the cost of Amazon S3 data transfer. Can be either BucketOwner or Requester. By default, the owner of the S3 bucket would incur the costs of any data transfer. See Requester Pays Buckets developer guide for more information." 97 | type = string 98 | default = null 99 | } 100 | variable "region" { 101 | description = "provide region name where resource needs to get created" 102 | type = string 103 | } 104 | -------------------------------------------------------------------------------- /chapter9/azure/modules/storage/main.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Azure Storage Account Code 3 | *****************************************/ 4 | resource "random_string" "unique" { 5 | length = 6 6 | special = false 7 | upper = false 8 | } 9 | locals { 10 | account_tier = (var.account_kind == "FileStorage" ? "Premium" : split("_", var.skuname)[0]) 11 | account_replication_type = (local.account_tier == "Premium" ? "LRS" : split("_", var.skuname)[1]) 12 | resource_group_name = element(coalescelist(data.azurerm_resource_group.rgrp.*.name, azurerm_resource_group.rg.*.name, [""]), 0) 13 | location = element(coalescelist(data.azurerm_resource_group.rgrp.*.location, azurerm_resource_group.rg.*.location, [""]), 0) 14 | } 15 | data "azurerm_resource_group" "rgrp" { 16 | count = var.create_resource_group == false ? 1 : 0 17 | name = var.resource_group_name 18 | } 19 | 20 | resource "azurerm_resource_group" "rg" { 21 | count = var.create_resource_group ? 1 : 0 22 | name = lower(var.resource_group_name) 23 | location = var.location 24 | tags = merge({ "ResourceName" = format("%s", var.resource_group_name) }, var.tags, ) 25 | } 26 | 27 | resource "azurerm_storage_account" "storeacc" { 28 | name = format("sta%s%s", lower(replace(var.storage_account_name, "/[[:^alnum:]]/", "")), random_string.unique.result) 29 | resource_group_name = local.resource_group_name 30 | location = local.location 31 | account_kind = var.account_kind 32 | account_tier = local.account_tier 33 | account_replication_type = local.account_replication_type 34 | access_tier = var.access_tier 35 | enable_https_traffic_only = true 36 | allow_blob_public_access = var.allow_blob_public_access 37 | tags = merge({ "ResourceName" = format("sta%s%s", lower(replace(var.storage_account_name, "/[[:^alnum:]]/", "")), random_string.unique.result) }, var.tags, ) 38 | blob_properties { 39 | delete_retention_policy { 40 | days = var.soft_delete_retention 41 | } 42 | } 43 | } 44 | 45 | /****************************************** 46 | Azure Storage Container Code 47 | *****************************************/ 48 | resource "azurerm_storage_container" "container" { 49 | count = length(var.containers_list) 50 | name = var.containers_list[count.index].name 51 | storage_account_name = azurerm_storage_account.storeacc.name 52 | container_access_type = var.containers_list[count.index].access_type 53 | } -------------------------------------------------------------------------------- /chapter9/azure/modules/storage/outputs.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Storage Output 3 | *****************************************/ 4 | output "resource_group_name" { 5 | description = "The name of the resource group in which resources are created" 6 | value = element(coalescelist(data.azurerm_resource_group.rgrp.*.name, azurerm_resource_group.rg.*.name, [""]), 0) 7 | } 8 | 9 | output "resource_group_id" { 10 | description = "The id of the resource group in which resources are created" 11 | value = element(coalescelist(data.azurerm_resource_group.rgrp.*.id, azurerm_resource_group.rg.*.id, [""]), 0) 12 | } 13 | 14 | output "resource_group_location" { 15 | description = "The location of the resource group in which resources are created" 16 | value = element(coalescelist(data.azurerm_resource_group.rgrp.*.location, azurerm_resource_group.rg.*.location, [""]), 0) 17 | } 18 | 19 | output "storage_account_id" { 20 | description = "The ID of the storage account." 21 | value = azurerm_storage_account.storeacc.id 22 | } 23 | 24 | output "storage_account_name" { 25 | description = "The name of the storage account." 26 | value = azurerm_storage_account.storeacc.name 27 | } -------------------------------------------------------------------------------- /chapter9/azure/modules/storage/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Azure Storage variables 3 | *****************************************/ 4 | variable "create_resource_group" { 5 | description = "Whether to create resource group and use it for all networking resources" 6 | default = false 7 | } 8 | 9 | variable "resource_group_name" { 10 | description = "A container that holds related resources for an Azure solution" 11 | type = string 12 | default = "terraform-lab-rg" 13 | } 14 | 15 | variable "location" { 16 | description = "The location/region to keep all resources." 17 | type = string 18 | default = "eastus" 19 | } 20 | 21 | variable "storage_account_name" { 22 | description = "The name of the azure storage account" 23 | type = string 24 | default = "" 25 | } 26 | 27 | variable "account_kind" { 28 | description = "The type of storage account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2." 29 | type = string 30 | default = "StorageV2" 31 | } 32 | 33 | variable "skuname" { 34 | description = "The SKUs supported by Microsoft Azure Storage. Valid options are Premium_LRS, Premium_ZRS, Standard_GRS, Standard_GZRS, Standard_LRS, Standard_RAGRS, Standard_RAGZRS, Standard_ZRS" 35 | default = "Standard_RAGRS" 36 | } 37 | 38 | variable "access_tier" { 39 | description = "Defines the access tier for BlobStorage and StorageV2 accounts. Valid options are Hot and Cool." 40 | default = "Hot" 41 | } 42 | 43 | variable "soft_delete_retention" { 44 | description = "Number of retention days for soft delete. If set to null it will disable soft delete all together." 45 | default = 30 46 | } 47 | 48 | variable "allow_blob_public_access" { 49 | description = "Allow or disallow public access to all blobs or containers in the storage account." 50 | default = false 51 | } 52 | 53 | variable "containers_list" { 54 | description = "List of containers to create and their access levels." 55 | type = list(object({ name = string, access_type = string })) 56 | default = [] 57 | } 58 | 59 | variable "tags" { 60 | description = "A map of tags to add to all resources" 61 | type = map(string) 62 | default = {} 63 | } -------------------------------------------------------------------------------- /chapter9/azure/modules/webapp/main.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | App service plan Code 3 | *****************************************/ 4 | locals { 5 | resource_group_name = element(coalescelist(data.azurerm_resource_group.rgrp.*.name, azurerm_resource_group.rg.*.name, [""]), 0) 6 | location = element(coalescelist(data.azurerm_resource_group.rgrp.*.location, azurerm_resource_group.rg.*.location, [""]), 0) 7 | } 8 | data "azurerm_resource_group" "rgrp" { 9 | count = var.create_resource_group == false ? 1 : 0 10 | name = var.resource_group_name 11 | } 12 | 13 | resource "azurerm_resource_group" "rg" { 14 | count = var.create_resource_group ? 1 : 0 15 | name = lower(var.resource_group_name) 16 | location = var.location 17 | tags = merge({ "ResourceName" = format("%s", var.resource_group_name) }, var.tags, ) 18 | } 19 | 20 | resource "azurerm_app_service_plan" "aspplan" { 21 | name = lookup(var.asp_config, "app_service_plan_name") 22 | resource_group_name = local.resource_group_name 23 | location = local.location 24 | tags = merge({ "ResourceName" = format(lookup(var.asp_config, "app_service_plan_name")) }, var.tags, ) 25 | kind = lookup(var.asp_config, "kind") 26 | sku { 27 | tier = lookup(var.asp_config, "tier") 28 | size = lookup(var.asp_config, "size") 29 | capacity = lookup(var.asp_config, "capacity") 30 | } 31 | } 32 | 33 | /****************************************** 34 | App service Code 35 | *****************************************/ 36 | 37 | resource "azurerm_app_service" "webapp" { 38 | name = lookup(var.app_config, "app_name") 39 | resource_group_name = local.resource_group_name 40 | location = local.location 41 | app_service_plan_id = azurerm_app_service_plan.aspplan.id 42 | https_only = "true" 43 | site_config { 44 | always_on = lookup(var.app_config, "always_on") 45 | http2_enabled = true 46 | dotnet_framework_version = lookup(var.app_config, "dotnet_framework_version") 47 | use_32_bit_worker_process = var.use_32_bit_worker_process 48 | java_version = lookup(var.app_config, "java_version") 49 | java_container = lookup(var.app_config, "java_container") 50 | java_container_version = lookup(var.app_config, "java_container_version") 51 | ftps_state = "FtpsOnly" 52 | websockets_enabled = var.websockets_enabled 53 | default_documents = var.default_documents 54 | dynamic "ip_restriction" { 55 | for_each = var.ip_address 56 | content { 57 | ip_address = ip_restriction.value.ip_address 58 | } 59 | } 60 | } 61 | app_settings = var.app_settings 62 | dynamic "connection_string" { 63 | for_each = var.connection_string 64 | content { 65 | name = connection_string.value.name 66 | type = connection_string.value.type 67 | value = connection_string.value.value 68 | } 69 | } 70 | tags = merge({ "ResourceName" = format(lookup(var.app_config, "app_name")) }, var.tags, ) 71 | } -------------------------------------------------------------------------------- /chapter9/azure/modules/webapp/outputs.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | webapp output 3 | *****************************************/ 4 | output "webapp_name" { 5 | description = "Web App name" 6 | value = azurerm_app_service.webapp.name 7 | } 8 | output "webapp_id" { 9 | description = "Web App ID" 10 | value = azurerm_app_service.webapp.id 11 | } -------------------------------------------------------------------------------- /chapter9/azure/modules/webapp/variables.tf: -------------------------------------------------------------------------------- 1 | /****************************************** 2 | Webapp Variables 3 | *****************************************/ 4 | variable "create_resource_group" { 5 | description = "Whether to create resource group and use it for all networking resources" 6 | default = false 7 | } 8 | 9 | variable "resource_group_name" { 10 | description = "A container that holds related resources for an Azure solution" 11 | type = string 12 | default = "terraform-lab-rg" 13 | } 14 | 15 | variable "location" { 16 | description = "The location/region to keep all resources." 17 | type = string 18 | default = "eastus" 19 | } 20 | variable "asp_config" { 21 | type = map(any) 22 | description = "provide all the asp configuration details like kind, tier, size" 23 | default = {} 24 | } 25 | 26 | variable "default_documents" { 27 | description = "The ordering of default documents to load, if an address isn't specified." 28 | type = list(string) 29 | default = null 30 | } 31 | 32 | variable "app_config" { 33 | description = <