├── IAMRoles ├── dev.tfvars ├── prod.tfvars ├── uat.tfvars ├── variables.tf ├── Main.tf └── IAM.tf ├── S3Bucket ├── dev.tfvars ├── prod.tfvars ├── uat.tfvars ├── variables.tf ├── S3Bucket.tf └── Main.tf ├── ElasticBeanStalk ├── dev.tfvars ├── flask_app.zip ├── variables.tf ├── Main.tf └── ElasticBeanStalk.tf ├── AWS-Multi-Region-Deployment ├── dev.tfvars ├── main.tf ├── terraform.tf ├── SNS │ ├── main.tf │ └── variables.tf └── variables.tf ├── EKS_Fargate ├── eks │ ├── output.tf │ ├── variable.tf │ └── main.tf ├── vpc │ ├── output.tf │ ├── variable.tf │ └── main.tf ├── kubernetes │ ├── variable.tf │ ├── app.tf │ └── main.tf ├── variable.tf ├── dev.tfvars ├── production.tfvars ├── database │ ├── variable.tf │ └── main.tf └── main.tf ├── Github_Runners ├── Main.tf ├── dev.tfvars ├── uat.tfvars ├── bootstrap.tmpl ├── Runners.tf ├── GitHubRunner.ppk └── variables.tf └── .github └── workflows ├── 05-ElasticBeanStalk.yml ├── 06-AWSTFMultiRegionDeployment.yml ├── 01-IAMRoles.yml ├── 02-S3Bucket.yml ├── 03-EKS_Fargate.yml ├── 04-GitHubRunners.yml ├── aws_tf_plan.yml └── aws_tf_appy.yml /IAMRoles/dev.tfvars: -------------------------------------------------------------------------------- 1 | role_name = "dev_testing_role" -------------------------------------------------------------------------------- /IAMRoles/prod.tfvars: -------------------------------------------------------------------------------- 1 | role_name = "prod_testing_role" -------------------------------------------------------------------------------- /IAMRoles/uat.tfvars: -------------------------------------------------------------------------------- 1 | role_name = "uat_testing_role" -------------------------------------------------------------------------------- /S3Bucket/dev.tfvars: -------------------------------------------------------------------------------- 1 | bucket_name = "devcloudqucikpocstestingbucket" -------------------------------------------------------------------------------- /S3Bucket/prod.tfvars: -------------------------------------------------------------------------------- 1 | bucket_name = "prodcloudqucikpocstestingbucket" -------------------------------------------------------------------------------- /S3Bucket/uat.tfvars: -------------------------------------------------------------------------------- 1 | bucket_name = "uatcloudqucikpocstestingbucket" -------------------------------------------------------------------------------- /ElasticBeanStalk/dev.tfvars: -------------------------------------------------------------------------------- 1 | environment = "prod" 2 | project = "enes" -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/dev.tfvars: -------------------------------------------------------------------------------- 1 | aws_sns_topic_name = "cloud_quick_labs_sns" -------------------------------------------------------------------------------- /S3Bucket/variables.tf: -------------------------------------------------------------------------------- 1 | variable "bucket_name" { 2 | type = string 3 | description = "bucket name" 4 | } -------------------------------------------------------------------------------- /ElasticBeanStalk/flask_app.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/RekhuGopal/gitreusableflows/HEAD/ElasticBeanStalk/flask_app.zip -------------------------------------------------------------------------------- /ElasticBeanStalk/variables.tf: -------------------------------------------------------------------------------- 1 | variable "environment" { 2 | type = string 3 | } 4 | variable "project" { 5 | type = string 6 | } -------------------------------------------------------------------------------- /IAMRoles/variables.tf: -------------------------------------------------------------------------------- 1 | variable "role_name" { 2 | type = string 3 | description = "Specifies the name of the resource group that will be created." 4 | } -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.aws_region 3 | } 4 | 5 | module "sns_topics" { 6 | source = "AWS-Multi-Region-Deployment/SNS" 7 | } 8 | -------------------------------------------------------------------------------- /EKS_Fargate/eks/output.tf: -------------------------------------------------------------------------------- 1 | output "cluster_id" { 2 | value = aws_eks_cluster.eks_cluster.id 3 | } 4 | 5 | output "cluster_name" { 6 | value = aws_eks_cluster.eks_cluster.name 7 | } -------------------------------------------------------------------------------- /S3Bucket/S3Bucket.tf: -------------------------------------------------------------------------------- 1 | resource "aws_s3_bucket" "b" { 2 | bucket = var.bucket_name 3 | 4 | tags = { 5 | Name = "CloudQuickLabs" 6 | Environment = "Testing" 7 | } 8 | } -------------------------------------------------------------------------------- /EKS_Fargate/vpc/output.tf: -------------------------------------------------------------------------------- 1 | output "aws_subnets_public" { 2 | value = aws_subnet.public.*.id 3 | } 4 | 5 | output "aws_subnets_private" { 6 | value = aws_subnet.private.*.id 7 | } 8 | 9 | output "vpc_id" { 10 | value = aws_vpc.main.id 11 | } 12 | 13 | -------------------------------------------------------------------------------- /EKS_Fargate/kubernetes/variable.tf: -------------------------------------------------------------------------------- 1 | variable "cluster_id" { 2 | description = "Put your cluster id here" 3 | } 4 | 5 | variable "vpc_id" { 6 | description = "put your vpc id" 7 | } 8 | 9 | variable "cluster_name" { 10 | description = "put your cluster name here" 11 | } -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/terraform.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | } 6 | } 7 | 8 | backend "remote" { 9 | hostname = "app.terraform.io" 10 | organization = "CloudQuickLabs" 11 | 12 | workspaces { 13 | name = "ElasticBeans" 14 | } 15 | } 16 | } -------------------------------------------------------------------------------- /IAMRoles/Main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | } 6 | } 7 | 8 | backend "remote" { 9 | hostname = "app.terraform.io" 10 | organization = "CloudQuickLabs" 11 | 12 | workspaces { 13 | name = "AWSBackup" 14 | } 15 | } 16 | } 17 | 18 | provider "aws" { 19 | region = "us-east-1" 20 | } -------------------------------------------------------------------------------- /ElasticBeanStalk/Main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | } 6 | } 7 | 8 | backend "remote" { 9 | hostname = "app.terraform.io" 10 | organization = "CloudQuickLabs" 11 | 12 | workspaces { 13 | name = "ElasticBeans" 14 | } 15 | } 16 | } 17 | 18 | provider "aws" { 19 | region = "ap-south-1" 20 | } -------------------------------------------------------------------------------- /Github_Runners/Main.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | aws = { 4 | source = "hashicorp/aws" 5 | } 6 | } 7 | 8 | backend "remote" { 9 | hostname = "app.terraform.io" 10 | organization = "CloudQuickLabs" 11 | 12 | workspaces { 13 | name = "EKS-Terraform" 14 | } 15 | } 16 | } 17 | 18 | provider "aws" { 19 | region = "us-east-1" 20 | } -------------------------------------------------------------------------------- /Github_Runners/dev.tfvars: -------------------------------------------------------------------------------- 1 | ami = "ami-04706e771f950937f" 2 | instance_type = "t2.micro" 3 | key_name = "GitHubRunner" 4 | github_repo_url = "https://github.com/RekhuGopal/GitHub-Action-OIDCConnect.git" 5 | github_repo_pat_token = "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" 6 | runner_name = "cloudquicklabs" 7 | labels = "awsec2" -------------------------------------------------------------------------------- /Github_Runners/uat.tfvars: -------------------------------------------------------------------------------- 1 | ami = "ami-04706e771f950937f" 2 | instance_type = "t2.micro" 3 | key_name = "GitHubRunner" 4 | github_repo_url = "https://github.com/RekhuGopal/GitHub-Action-OIDCConnect.git" 5 | github_repo_pat_token = "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" 6 | runner_name = "cloudquicklabs" 7 | labels = "awsec2" -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/SNS/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_sns_topic" "example" { 2 | count = length(var.aws_regions) 3 | name = "${var.aws_sns_topic_name}-${var.aws_regions[count.index]}" 4 | display_name = "Multi Region SNS Topic" 5 | provider = aws.regions[var.aws_regions[count.index]] 6 | } 7 | 8 | output "sns_topic_arns" { 9 | value = aws_sns_topic.example.*.arn 10 | } -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/SNS/variables.tf: -------------------------------------------------------------------------------- 1 | variable "aws_regions" { 2 | type = list(string) 3 | default = ["us-east-1", "us-east-2", "us-west-1", "us-west-2", "ca-central-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "ap-northeast-1", "ap-northeast-2", "ap-southeast-1", "ap-southeast-2", "ap-south-1"] 4 | } 5 | 6 | variable "aws_sns_topic_name" { 7 | type = string 8 | default = "cloud_quick_labs_sns" 9 | } -------------------------------------------------------------------------------- /AWS-Multi-Region-Deployment/variables.tf: -------------------------------------------------------------------------------- 1 | variable "aws_regions" { 2 | type = list(string) 3 | default = ["us-east-1", "us-east-2", "us-west-1", "us-west-2", "ca-central-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "ap-northeast-1", "ap-northeast-2", "ap-southeast-1", "ap-southeast-2", "ap-south-1"] 4 | } 5 | 6 | variable "aws_sns_topic_name" { 7 | type = string 8 | default = "cloud_quick_labs_sns" 9 | } -------------------------------------------------------------------------------- /S3Bucket/Main.tf: -------------------------------------------------------------------------------- 1 | ## backend data for terraform 2 | terraform { 3 | required_providers { 4 | aws = { 5 | source = "hashicorp/aws" 6 | } 7 | } 8 | 9 | backend "remote" { 10 | hostname = "app.terraform.io" 11 | organization = "CloudQuickLabs" 12 | 13 | workspaces { 14 | name = "AWSBackup" 15 | } 16 | } 17 | } 18 | 19 | provider "aws" { 20 | region = "us-east-1" 21 | } 22 | 23 | -------------------------------------------------------------------------------- /EKS_Fargate/eks/variable.tf: -------------------------------------------------------------------------------- 1 | variable "cluster_name" { 2 | description = "the name of your stack, e.g. \"demo\"" 3 | } 4 | 5 | variable "environment" { 6 | description = "the name of your environment, e.g. \"prod\"" 7 | } 8 | 9 | variable "eks_node_group_instance_types" { 10 | description = "Instance type of node group" 11 | } 12 | 13 | 14 | variable "private_subnets" { 15 | description = "List of private subnet IDs" 16 | } 17 | 18 | variable "public_subnets" { 19 | description = "List of private subnet IDs" 20 | } 21 | 22 | variable "fargate_namespace" { 23 | description = "Name of fargate selector namespace" 24 | } -------------------------------------------------------------------------------- /EKS_Fargate/variable.tf: -------------------------------------------------------------------------------- 1 | variable "environment" {} 2 | variable "cluster_name" {} 3 | variable "vpc_cidr" {} 4 | variable "vpc_name" {} 5 | variable "public_subnets_cidr" {} 6 | variable "availability_zones_public" {} 7 | variable "private_subnets_cidr" {} 8 | variable "availability_zones_private" {} 9 | variable "cidr_block-internet_gw" {} 10 | variable "cidr_block-nat_gw" {} 11 | variable "eks_node_group_instance_types" {} 12 | variable "fargate_namespace" {} 13 | variable "secret_id" {} 14 | variable "identifier" {} 15 | variable "allocated_storage" {} 16 | variable "storage_type" {} 17 | variable "engine" {} 18 | variable "engine_version" {} 19 | variable "instance_class" {} 20 | variable "database_name" {} 21 | 22 | -------------------------------------------------------------------------------- /.github/workflows/05-ElasticBeanStalk.yml: -------------------------------------------------------------------------------- 1 | name: "05_ElasticBeanStalk_WebApp" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: ElasticBeanStalk 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: ElasticBeanStalk 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /.github/workflows/06-AWSTFMultiRegionDeployment.yml: -------------------------------------------------------------------------------- 1 | name: "06_AWSMultiRegionDeployment" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: AWS-Multi-Region-Deployment 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: AWS-Multi-Region-Deployment 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /IAMRoles/IAM.tf: -------------------------------------------------------------------------------- 1 | resource "aws_iam_role_policy" "test_policy" { 2 | name = "test_policy" 3 | role = aws_iam_role.test_role.id 4 | 5 | # Terraform's "jsonencode" function converts a 6 | # Terraform expression result to valid JSON syntax. 7 | policy = jsonencode({ 8 | Version = "2012-10-17" 9 | Statement = [ 10 | { 11 | Action = [ 12 | "ec2:Describe*", 13 | ] 14 | Effect = "Allow" 15 | Resource = "*" 16 | }, 17 | ] 18 | }) 19 | } 20 | 21 | resource "aws_iam_role" "test_role" { 22 | name = var.role_name 23 | 24 | assume_role_policy = jsonencode({ 25 | Version = "2012-10-17" 26 | Statement = [ 27 | { 28 | Action = "sts:AssumeRole" 29 | Effect = "Allow" 30 | Sid = "" 31 | Principal = { 32 | Service = "ec2.amazonaws.com" 33 | } 34 | }, 35 | ] 36 | }) 37 | } -------------------------------------------------------------------------------- /EKS_Fargate/vpc/variable.tf: -------------------------------------------------------------------------------- 1 | variable "environment" { 2 | description = "Environment name" 3 | } 4 | 5 | variable "vpc_cidr" { 6 | description = "Cidr value of vpc" 7 | } 8 | 9 | variable "vpc_name" { 10 | description = "Name of vpc" 11 | } 12 | 13 | variable "cluster_name" { 14 | description = "Name of cluster" 15 | } 16 | 17 | variable "public_subnets_cidr" { 18 | description = "List of public subnet cidr" 19 | } 20 | 21 | variable "availability_zones_public" { 22 | description = "List of availability zones of public subnets" 23 | } 24 | 25 | variable "private_subnets_cidr" { 26 | description = "List of private subnets cidr" 27 | } 28 | 29 | variable "availability_zones_private" { 30 | description = "List of availability zones of private subnets" 31 | } 32 | 33 | variable "cidr_block-nat_gw" { 34 | description = "Destination cidr of nat gateway" 35 | } 36 | 37 | variable "cidr_block-internet_gw" { 38 | description = "Destination cidr of internet gateway" 39 | } -------------------------------------------------------------------------------- /EKS_Fargate/dev.tfvars: -------------------------------------------------------------------------------- 1 | environment = "testing" 2 | cluster_name = "main" 3 | vpc_cidr = "192.168.0.0/16" 4 | vpc_name = "main" 5 | public_subnets_cidr = ["192.168.0.0/24", "192.168.1.0/24", "192.168.2.0/24"] 6 | private_subnets_cidr = ["192.168.4.0/24", "192.168.5.0/24", "192.168.6.0/24"] 7 | availability_zones_public = ["us-east-1a", "us-east-1b", "us-east-1c"] 8 | availability_zones_private = ["us-east-1d", "us-east-1b", "us-east-1f"] 9 | cidr_block-internet_gw = "0.0.0.0/0" 10 | cidr_block-nat_gw = "0.0.0.0/0" 11 | eks_node_group_instance_types= "t2.micro" 12 | fargate_namespace = "fargate-node" 13 | secret_id = "database" 14 | identifier = "database" 15 | allocated_storage = 20 16 | storage_type = "gp2" 17 | engine = "mysql" 18 | engine_version = 5.7 19 | instance_class = "db.t2.micro" 20 | database_name = "db" 21 | -------------------------------------------------------------------------------- /EKS_Fargate/production.tfvars: -------------------------------------------------------------------------------- 1 | environment = "Production" 2 | cluster_name = "main" 3 | vpc_cidr = "192.168.0.0/16" 4 | vpc_name = "main" 5 | public_subnets_cidr = ["192.168.0.0/24", "192.168.1.0/24", "192.168.2.0/24"] 6 | private_subnets_cidr = ["192.168.4.0/24", "192.168.5.0/24", "192.168.6.0/24"] 7 | availability_zones_public = ["us-east-1a", "us-east-1b", "us-east-1c"] 8 | availability_zones_private = ["us-east-1d", "us-east-1b", "us-east-1f"] 9 | cidr_block-internet_gw = "0.0.0.0/0" 10 | cidr_block-nat_gw = "0.0.0.0/0" 11 | eks_node_group_instance_types= "t3.xlarge" 12 | fargate_namespace = "fargate-node" 13 | secret_id = "database" 14 | identifier = "database" 15 | allocated_storage = 100 16 | storage_type = "io1" 17 | engine = "mysql" 18 | engine_version = 5.7 19 | instance_class = "db.m5.xlarge" 20 | database_name = "db" 21 | -------------------------------------------------------------------------------- /EKS_Fargate/database/variable.tf: -------------------------------------------------------------------------------- 1 | variable "secret_id" { 2 | description = "Put your secret name here" 3 | } 4 | 5 | variable "identifier" { 6 | description = "Enter the name of our database which is unique in that region" 7 | } 8 | 9 | variable "allocated_storage" { 10 | description = "Enter the storage of database" 11 | } 12 | 13 | variable "storage_type" { 14 | description = "Put the type of storage you want" 15 | } 16 | 17 | variable "engine" { 18 | description = "Put your database engine you want eg. mysql" 19 | } 20 | 21 | variable "engine_version" { 22 | description = "Which version you want of your db engine" 23 | } 24 | 25 | variable "instance_class" { 26 | description = "Which type of instance you need like ram and cpu eg. db.t2.micro" 27 | } 28 | 29 | variable "database_name" { 30 | description = "Enter your initial database name" 31 | } 32 | 33 | variable "environment" { 34 | description = "your environment name" 35 | } 36 | 37 | variable "private_subnets" { 38 | description = "List of private subnet IDs" 39 | } 40 | 41 | variable "vpc_id" { 42 | description = "put your vpc id" 43 | } -------------------------------------------------------------------------------- /Github_Runners/bootstrap.tmpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | yum update -y 3 | 4 | # install docker 5 | amazon-linux-extras install -y docker 6 | service docker start 7 | chkconfig docker on 8 | usermod -a -G docker ec2-user 9 | 10 | # install git 11 | yum install git make -y 12 | 13 | # install github runner application 14 | sudo -u ec2-user mkdir /home/ec2-user/actions-runner 15 | sudo -u ec2-user curl -o /home/ec2-user/actions-runner/actions-runner-linux-x64-2.278.0.tar.gz -L https://github.com/actions/runner/releases/download/v2.278.0/actions-runner-linux-x64-2.278.0.tar.gz 16 | sudo -u ec2-user tar xzf /home/ec2-user/actions-runner/actions-runner-linux-x64-2.278.0.tar.gz -C /home/ec2-user/actions-runner 17 | sudo -u ec2-user EC2_INSTANCE_ID=`wget -q -O - http://169.254.169.254/latest/meta-data/instance-id` bash -c 'cd /home/ec2-user/actions-runner/;./config.sh --url ${github_repo_url} --pat ${github_repo_pat_token} --name "${runner_name}-$${EC2_INSTANCE_ID}" --work _work --labels ${labels} --runasservice' 18 | 19 | # start the github runner as a service on startup 20 | cd /home/ec2-user/actions-runner/;./svc.sh install 21 | cd /home/ec2-user/actions-runner/;./svc.sh start -------------------------------------------------------------------------------- /Github_Runners/Runners.tf: -------------------------------------------------------------------------------- 1 | data "aws_availability_zones" "all_azs" { 2 | state = "available" 3 | } 4 | 5 | 6 | resource "aws_launch_template" "ec2_launch_template" { 7 | name = "github_runner_launch_template" 8 | description = "Launch Template for GitHub Runners EC2 AutoScaling Group" 9 | 10 | image_id = var.ami 11 | instance_type = var.instance_type 12 | key_name = var.key_name 13 | 14 | user_data = base64encode(templatefile("${path.cwd}/bootstrap.tmpl", { github_repo_url = var.github_repo_url, github_repo_pat_token = var.github_repo_pat_token, runner_name = var.runner_name, labels = join(",", var.labels) })) 15 | 16 | tags = { 17 | Name = "github_runner" 18 | } 19 | } 20 | 21 | resource "aws_autoscaling_group" "github_runners_autoscaling_group" { 22 | name = "github_runners_autoscaling_group" 23 | availability_zones = data.aws_availability_zones.all_azs.names 24 | health_check_type = "EC2" 25 | health_check_grace_period = var.health_check_grace_period 26 | desired_capacity = var.desired_capacity 27 | min_size = var.min_size 28 | max_size = var.max_size 29 | launch_template { 30 | id = aws_launch_template.ec2_launch_template.id 31 | version = "$Latest" 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /.github/workflows/01-IAMRoles.yml: -------------------------------------------------------------------------------- 1 | name: "01_IAMRoles" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: IAMRoles 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: IAMRoles 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 25 | 26 | Plan_Uat: 27 | if: github.ref == 'refs/heads/main' 28 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@main 29 | with: 30 | path: IAMRoles 31 | tf_vars_file: uat.tfvars 32 | gh_environment: uat 33 | secrets: 34 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 35 | 36 | Deploy_Uat: 37 | needs: Plan_Uat 38 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@main 39 | with: 40 | path: IAMRoles 41 | tf_vars_file: uat.tfvars 42 | gh_environment: uat 43 | secrets: 44 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /.github/workflows/02-S3Bucket.yml: -------------------------------------------------------------------------------- 1 | name: "01_S3Bucket" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: S3Bucket 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: S3Bucket 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 25 | 26 | Plan_Uat: 27 | if: github.ref == 'refs/heads/main' 28 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@main 29 | with: 30 | path: S3Bucket 31 | tf_vars_file: uat.tfvars 32 | gh_environment: uat 33 | secrets: 34 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 35 | 36 | Deploy_Uat: 37 | needs: Plan_Uat 38 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@main 39 | with: 40 | path: S3Bucket 41 | tf_vars_file: uat.tfvars 42 | gh_environment: uat 43 | secrets: 44 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /.github/workflows/03-EKS_Fargate.yml: -------------------------------------------------------------------------------- 1 | name: "03-EKS_Fargate" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: EKS_Fargate 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: EKS_Fargate 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 25 | 26 | Plan_Uat: 27 | if: github.ref == 'refs/heads/main' 28 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@main 29 | with: 30 | path: EKS_Fargate 31 | tf_vars_file: uat.tfvars 32 | gh_environment: uat 33 | secrets: 34 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 35 | 36 | Deploy_Uat: 37 | needs: Plan_Uat 38 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@main 39 | with: 40 | path: EKS_Fargate 41 | tf_vars_file: uat.tfvars 42 | gh_environment: uat 43 | secrets: 44 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /EKS_Fargate/database/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_db_subnet_group" "Groups" { 2 | name = "db groups" 3 | subnet_ids = var.private_subnets 4 | 5 | tags = { 6 | Name = "DB subnet group" 7 | } 8 | } 9 | 10 | resource "aws_security_group" "data" { 11 | name = "data-SG" 12 | description = "Allow mysql inbound traffic" 13 | vpc_id = var.vpc_id 14 | 15 | ingress { 16 | description = "Traffic" 17 | from_port = 3306 18 | to_port = 3306 19 | protocol = "tcp" 20 | } 21 | 22 | tags = { 23 | Name = "data_server-SG" 24 | } 25 | 26 | } 27 | 28 | 29 | resource "aws_db_instance" "db" { 30 | identifier = "${var.identifier}-${var.environment}" 31 | allocated_storage = "${var.allocated_storage}" 32 | storage_type = "${var.storage_type}" 33 | engine = "${var.engine}" 34 | engine_version = "${var.engine_version}" 35 | instance_class = "${var.instance_class}" 36 | db_name = "${var.database_name}" 37 | publicly_accessible = false 38 | db_subnet_group_name = aws_db_subnet_group.Groups.name 39 | vpc_security_group_ids = [aws_security_group.data.id] 40 | username = "duser" 41 | password = "MySuPerfdsfdf" 42 | skip_final_snapshot = true 43 | 44 | 45 | depends_on = [ aws_db_subnet_group.Groups, aws_security_group.data ] 46 | 47 | } 48 | 49 | -------------------------------------------------------------------------------- /.github/workflows/04-GitHubRunners.yml: -------------------------------------------------------------------------------- 1 | name: "04-GitHubRunners" 2 | on: 3 | workflow_dispatch: 4 | 5 | jobs: 6 | Plan_Dev: 7 | if: github.ref == 'refs/heads/develop' 8 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@develop 9 | with: 10 | path: Github_Runners 11 | tf_vars_file: dev.tfvars 12 | gh_environment: dev 13 | secrets: 14 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 15 | 16 | Deploy_Dev: 17 | needs: Plan_Dev 18 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@develop 19 | with: 20 | path: Github_Runners 21 | tf_vars_file: dev.tfvars 22 | gh_environment: dev 23 | secrets: 24 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 25 | 26 | Plan_Uat: 27 | if: github.ref == 'refs/heads/main' 28 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_plan.yml@main 29 | with: 30 | path: Github_Runners 31 | tf_vars_file: uat.tfvars 32 | gh_environment: uat 33 | secrets: 34 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} 35 | 36 | Deploy_Uat: 37 | needs: Plan_Uat 38 | uses: RekhuGopal/gitreusableflows/.github/workflows/aws_tf_appy.yml@main 39 | with: 40 | path: Github_Runners 41 | tf_vars_file: uat.tfvars 42 | gh_environment: uat 43 | secrets: 44 | cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} -------------------------------------------------------------------------------- /Github_Runners/GitHubRunner.ppk: -------------------------------------------------------------------------------- 1 | PuTTY-User-Key-File-2: ssh-rsa 2 | Encryption: none 3 | Comment: GitHubRunner 4 | Public-Lines: 6 5 | AAAAB3NzaC1yc2EAAAADAQABAAABAQCATl8bh44VBSf6U8701kN0Qp72C9tr18OK 6 | /tz54g8wky1pEJMqXQzkVvR3mBaWDRkN0l6TKXbX6ep9ddgZKsVkJpmn6tIfN0bS 7 | n2XYQp+9XBP+1YjNRCDqJnJX9fAEtkFKduVJb1/r5wShDk3ZqzQEC0HIu/CwQV9p 8 | Ho+Nf2d+ALvDZuVDnskbTzoWWSfG6yi7DHGkKzeCrKl8+QTFrwmQnSoMaFB79GjB 9 | ZdUsxBu8IkKtzmKPukseXnEI8CQ4vt3RIXJP9SMx7pfj0NH/xvN/32iCLFsnyOYZ 10 | fNqxCjK3HSn6NmRXEvcxNkFnewGwbk932/bYXYtuZQs8vgR+LJwX 11 | Private-Lines: 14 12 | AAABAFX9MDxxAsYPqJVaKa9pEdgO9h4MIEgMWJ8E4/AMkwWI/bwWQar4pbU6mai1 13 | Ix35NTtQK9YQyfc2a9MdcXCce6H9RKmG9L+6+hoafdUMAaaU2UnGrmJzMGP81FEj 14 | IHLn+qX/PPeUTwL41t9hiMdCuB+ls7bmTg6yIVGAC9FW+3Mz8KFVNncb6qG6J94b 15 | SCravDeHoC/WZPxOj9u12Tv530t3neNi2VLL45c+XlJ2FBol0vh5WKePnr3YwnpK 16 | cq7fI5HykbH5jj5w+pod8D/5uBIVpL1lxKga0T6mpEZUDwvLjJP/vyBpi3QeHERV 17 | XSvfzpFwb3FRvhth9RsGF+Gv/wEAAACBANR5iZebWBLsUNZq6+l0MDeEfBf4uXNo 18 | 5mYn+MrGHcFfySpQWUzA5VOVF18hu/DxmEjJmgGiSmse9VwQTqM9M5V8iChw4p8b 19 | G91FssUGmMBk/shNta5aSRZKAKIxtKqvuu+QBKXeeZ2IH6h0yVNB5hVoRzq3aYAw 20 | tGlz8K3uCyVBAAAAgQCalusYRCnWtXD3+ASznYovsXn7agKWkHIWLsp1djrHiTTW 21 | cIdJo9S/qYPOYwpGFzIuN9SNICqzTsk9JZkp07OOFG0QWji2+9d3oUX2UwJ8Sfk3 22 | oqSRg62powand3azAlgqfnPMP6982uO/TAwelqZhhjhq8F8d956DnDr0nzczVwAA 23 | AIBPCsxGCe/rpIPzvy4icYa5LwXmFDQKJuC4vxV3xMoZTL27wrfz7zJ3Vovoruc2 24 | sqP5JJ+R/Bz/eHjrI4lLw48yzF7QgkQqoxT8jgSipkMK6he2xylrJrKvimIjBbS8 25 | blU479Pt28pB8qSBuh6X+nJQWotXRXYM5Zxtfn9CECYVjQ== 26 | Private-MAC: 8297ab29d806dc759374d5ca5f0533d7b9c0b7f4 27 | -------------------------------------------------------------------------------- /Github_Runners/variables.tf: -------------------------------------------------------------------------------- 1 | variable "ami" { 2 | description = "The AMI for the GitHub Runner backing EC2 Instance" 3 | type = string 4 | } 5 | 6 | variable "instance_type" { 7 | description = "The type of the EC2 instance backing the GitHub Runner" 8 | type = string 9 | } 10 | 11 | variable "key_name" { 12 | description = "The KeyPair name for accessing (SSH) into the EC2 instance backing the GitHub Runner" 13 | type = string 14 | } 15 | 16 | variable "github_repo_url" { 17 | description = "The GitHub Repo URL for which the GitHub Runner to be registered with" 18 | type = string 19 | } 20 | 21 | variable "github_repo_pat_token" { 22 | description = "The GitHub Repo Pat Token that would be used by the GitHub Runner to authenticate with the GitHub Repo" 23 | type = string 24 | } 25 | 26 | variable "runner_name" { 27 | description = "The name to give to the GitHub Runner so you can easily identify it" 28 | type = string 29 | } 30 | 31 | 32 | variable "health_check_grace_period" { 33 | description = "The health check grace period" 34 | type = number 35 | default = 600 36 | } 37 | 38 | variable "desired_capacity" { 39 | description = "The desired number of EC2 instances in the AutoScaling Group" 40 | type = number 41 | default = 1 42 | } 43 | 44 | variable "min_size" { 45 | description = "The Minimum number of EC2 instances in the AutoScaling Group" 46 | type = number 47 | default = 1 48 | } 49 | 50 | variable "max_size" { 51 | description = "The Maximum number of EC2 instances in the AutoScaling Group" 52 | type = number 53 | default = 1 54 | } 55 | 56 | variable "labels" { 57 | description = "labels to attach to the runner instance" 58 | type = string 59 | } -------------------------------------------------------------------------------- /ElasticBeanStalk/ElasticBeanStalk.tf: -------------------------------------------------------------------------------- 1 | /* 2 | # Create S3 bucket for Python Flask app 3 | resource "aws_s3_bucket" "eb_bucket" { 4 | bucket = "enes-eb-python-flask-0123" # Name of S3 bucket to create for Flask app deployment needs to be unique 5 | } 6 | 7 | # Define App files to be uploaded to S3 8 | resource "aws_s3_bucket_object" "eb_bucket_obj" { 9 | bucket = aws_s3_bucket.eb_bucket.id 10 | key = "ElasticBeanStalk/flask_app.zip" # S3 Bucket path to upload app files 11 | source = "flask_app.zip" # Name of the file on GitHub repo to upload to S3 12 | } 13 | 14 | # Define Elastic Beanstalk application 15 | resource "aws_elastic_beanstalk_application" "eb_app" { 16 | name = "enes-eb-tf-app" # Name of the Elastic Beanstalk application 17 | description = "simple flask app" # Description of the Elastic Beanstalk application 18 | } 19 | 20 | # Create Elastic Beanstalk environment for application with defining environment settings 21 | resource "aws_elastic_beanstalk_application_version" "eb_app_ver" { 22 | bucket = aws_s3_bucket.eb_bucket.id # S3 bucket name 23 | key = aws_s3_bucket_object.eb_bucket_obj.id # S3 key path 24 | application = aws_elastic_beanstalk_application.eb_app.name # Elastic Beanstalk application name 25 | name = "enes-eb-tf-app-version-lable" # Version label for Elastic Beanstalk application 26 | } 27 | 28 | resource "aws_elastic_beanstalk_environment" "tfenv" { 29 | name = "enes-eb-tf-env" 30 | application = aws_elastic_beanstalk_application.eb_app.name # Elastic Beanstalk application name 31 | solution_stack_name = "64bit Amazon Linux 2 v3.4.4 running Python 3.8" # Define current version of the platform 32 | description = "environment for flask app" # Define environment description 33 | version_label = aws_elastic_beanstalk_application_version.eb_app_ver.name # Define version label 34 | 35 | setting { 36 | namespace = "aws:autoscaling:launchconfiguration" # Define namespace 37 | name = "IamInstanceProfile" # Define name 38 | value = "aws-elasticbeanstalk-ec2-role" # Define value 39 | } 40 | } 41 | */ -------------------------------------------------------------------------------- /.github/workflows/aws_tf_plan.yml: -------------------------------------------------------------------------------- 1 | ### Reusable workflow to plan terraform deployment, create artifact and upload to workflow artifacts for consumption ### 2 | name: "Build_TF_Plan" 3 | on: 4 | workflow_call: 5 | inputs: 6 | path: 7 | description: 'Specifies the path of the root terraform module.' 8 | required: true 9 | type: string 10 | tf_version: 11 | description: 'Specifies version of Terraform to use. e.g: 1.1.0 Default=latest.' 12 | required: false 13 | type: string 14 | default: latest 15 | gh_environment: 16 | description: 'Specifies the GitHub deployment environment.' 17 | required: false 18 | type: string 19 | default: null 20 | tf_vars_file: 21 | description: 'Specifies the Terraform TFVARS file.' 22 | required: true 23 | type: string 24 | secrets: 25 | cli_config_credentials_token: 26 | description: 'cli config credentials token' 27 | required: true 28 | 29 | jobs: 30 | build-plan: 31 | runs-on: ubuntu-latest 32 | environment: ${{ inputs.gh_environment }} 33 | defaults: 34 | run: 35 | shell: bash 36 | working-directory: ${{ inputs.path }} 37 | 38 | steps: 39 | - name: Checkout 40 | uses: actions/checkout@v3.1.0 41 | 42 | - name: Change file name 43 | run: | 44 | mv ${{ github.workspace }}/${{ inputs.path }}/${{ inputs.gh_environment }}.tfvars ${{ github.workspace }}/${{ inputs.path }}/${{ inputs.gh_environment }}.auto.tfvars 45 | 46 | - name: Setup Terraform 47 | uses: hashicorp/setup-terraform@v2.0.2 48 | with: 49 | terraform_version: ${{ inputs.tf_version }} 50 | cli_config_credentials_token: ${{ secrets.cli_config_credentials_token }} 51 | 52 | - name: Terraform Init 53 | id: init 54 | run: terraform init 55 | 56 | - name: Terraform Validate 57 | id: validate 58 | run: terraform validate 59 | 60 | - name: Terraform Plan 61 | id: plan 62 | run: terraform plan 63 | continue-on-error: true 64 | 65 | - name: Terraform Plan Status 66 | if: steps.plan.outcome == 'failure' 67 | run: exit 1 68 | -------------------------------------------------------------------------------- /.github/workflows/aws_tf_appy.yml: -------------------------------------------------------------------------------- 1 | ### Reusable workflow to download terraform artifact built by `az_tf_plan` and apply the artifact/plan ### 2 | name: "Apply_TF_Plan" 3 | on: 4 | workflow_call: 5 | inputs: 6 | path: 7 | description: 'Specifies the path of the root terraform module.' 8 | required: true 9 | type: string 10 | tf_version: 11 | description: 'Specifies version of Terraform to use. e.g: 1.1.0 Default=latest.' 12 | required: false 13 | type: string 14 | default: latest 15 | gh_environment: 16 | description: 'Specifies the GitHub deployment environment.' 17 | required: false 18 | type: string 19 | default: null 20 | tf_vars_file: 21 | description: 'Specifies the Terraform TFVARS file.' 22 | required: true 23 | type: string 24 | secrets: 25 | cli_config_credentials_token: 26 | description: 'cli config credentials token' 27 | required: true 28 | 29 | jobs: 30 | apply-plan: 31 | runs-on: ubuntu-latest 32 | environment: ${{ inputs.gh_environment }} 33 | defaults: 34 | run: 35 | shell: bash 36 | working-directory: ${{ inputs.path }} 37 | steps: 38 | - name: Checkout 39 | uses: actions/checkout@v3.1.0 40 | 41 | - name: Change file name 42 | run: | 43 | mv ${{ github.workspace }}/${{ inputs.path }}/${{ inputs.gh_environment }}.tfvars ${{ github.workspace }}/${{ inputs.path }}/${{ inputs.gh_environment }}.auto.tfvars 44 | 45 | - name: Setup Terraform 46 | uses: hashicorp/setup-terraform@v2.0.2 47 | with: 48 | terraform_version: ${{ inputs.tf_version }} 49 | cli_config_credentials_token: ${{ secrets.cli_config_credentials_token }} 50 | 51 | - name: Terraform Init 52 | id: init 53 | run: terraform init 54 | 55 | - name: Terraform Validate 56 | id: validate 57 | run: terraform validate 58 | 59 | - name: Terraform Plan 60 | id: plan 61 | run: terraform plan 62 | continue-on-error: true 63 | 64 | - name: Terraform Plan Status 65 | if: steps.plan.outcome == 'failure' 66 | run: exit 1 67 | 68 | - name: Terraform Apply 69 | run: terraform apply -auto-approve -------------------------------------------------------------------------------- /EKS_Fargate/kubernetes/app.tf: -------------------------------------------------------------------------------- 1 | /* 2 | resource "kubernetes_namespace" "fargate" { 3 | metadata { 4 | labels = { 5 | app = "owncloud" 6 | } 7 | name = "fargate-node" 8 | } 9 | } 10 | 11 | resource "kubernetes_deployment" "app" { 12 | metadata { 13 | name = "owncloud-server" 14 | namespace = "fargate-node" 15 | labels = { 16 | app = "owncloud" 17 | } 18 | } 19 | 20 | spec { 21 | replicas = 2 22 | 23 | selector { 24 | match_labels = { 25 | app = "owncloud" 26 | } 27 | } 28 | 29 | template { 30 | metadata { 31 | labels = { 32 | app = "owncloud" 33 | } 34 | } 35 | 36 | spec { 37 | container { 38 | image = "owncloud" 39 | name = "owncloud-server" 40 | 41 | port { 42 | container_port = 80 43 | } 44 | } 45 | } 46 | } 47 | } 48 | depends_on = [kubernetes_namespace.fargate] 49 | 50 | } 51 | 52 | resource "kubernetes_service" "app" { 53 | metadata { 54 | name = "owncloud-service" 55 | namespace = "fargate-node" 56 | } 57 | spec { 58 | selector = { 59 | app = "owncloud" 60 | } 61 | 62 | port { 63 | port = 80 64 | target_port = 80 65 | protocol = "TCP" 66 | } 67 | 68 | type = "NodePort" 69 | } 70 | 71 | depends_on = [kubernetes_deployment.app] 72 | } 73 | 74 | resource "kubernetes_ingress_v1" "app" { 75 | metadata { 76 | name = "owncloud-lb" 77 | namespace = "fargate-node" 78 | annotations = { 79 | "kubernetes.io/ingress.class" = "alb" 80 | "alb.ingress.kubernetes.io/scheme" = "internet-facing" 81 | "alb.ingress.kubernetes.io/target-type" = "ip" 82 | } 83 | labels = { 84 | "app" = "owncloud" 85 | } 86 | } 87 | 88 | spec { 89 | default_backend { 90 | service { 91 | name = "owncloud-service" 92 | port { 93 | number = 80 94 | } 95 | } 96 | } 97 | rule { 98 | http { 99 | path { 100 | path = "/" 101 | backend { 102 | service { 103 | name = "owncloud-service" 104 | port { 105 | number = 80 106 | } 107 | } 108 | } 109 | } 110 | } 111 | } 112 | } 113 | 114 | depends_on = [kubernetes_service.app] 115 | } 116 | */ -------------------------------------------------------------------------------- /EKS_Fargate/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | 5 | terraform { 6 | required_providers { 7 | aws = { 8 | source = "hashicorp/aws" 9 | } 10 | } 11 | 12 | backend "remote" { 13 | hostname = "app.terraform.io" 14 | organization = "CloudQuickLabs" 15 | 16 | workspaces { 17 | name = "EKS-Terraform" 18 | } 19 | } 20 | } 21 | 22 | /* 23 | module "vpc" { 24 | source = "./vpc" 25 | environment = var.environment 26 | vpc_cidr = var.vpc_cidr 27 | vpc_name = var.vpc_name 28 | cluster_name = var.cluster_name 29 | public_subnets_cidr = var.public_subnets_cidr 30 | availability_zones_public = var.availability_zones_public 31 | private_subnets_cidr = var.private_subnets_cidr 32 | availability_zones_private = var.availability_zones_private 33 | cidr_block-nat_gw = var.cidr_block-nat_gw 34 | cidr_block-internet_gw = var.cidr_block-internet_gw 35 | } 36 | */ 37 | 38 | /* 39 | module "eks" { 40 | source = "./eks" 41 | cluster_name = var.cluster_name 42 | environment = var.environment 43 | eks_node_group_instance_types = var.eks_node_group_instance_types 44 | private_subnets = module.vpc.aws_subnets_private 45 | public_subnets = module.vpc.aws_subnets_public 46 | fargate_namespace = var.fargate_namespace 47 | } 48 | */ 49 | /* 50 | module "kubernetes" { 51 | source = "./kubernetes" 52 | cluster_id = module.eks.cluster_id 53 | vpc_id = module.vpc.vpc_id 54 | cluster_name = module.eks.cluster_name 55 | } 56 | */ 57 | /* 58 | module "database" { 59 | source = "./database" 60 | secret_id = var.secret_id 61 | identifier = var.identifier 62 | allocated_storage = var.allocated_storage 63 | storage_type = var.storage_type 64 | engine = var.engine 65 | engine_version = var.engine_version 66 | instance_class = var.instance_class 67 | database_name = var.database_name 68 | environment = var.environment 69 | vpc_id = module.vpc.vpc_id 70 | private_subnets = module.vpc.aws_subnets_private 71 | } 72 | */ -------------------------------------------------------------------------------- /EKS_Fargate/vpc/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | resource "aws_vpc" "main" { 3 | cidr_block = var.vpc_cidr 4 | enable_dns_hostnames = true 5 | 6 | tags = { 7 | Name = "${var.vpc_name}-${var.environment}-vpc" 8 | "kubernetes.io/cluster/${var.cluster_name}-${var.environment}" = "shared" 9 | } 10 | } 11 | 12 | resource "aws_subnet" "public" { 13 | vpc_id = aws_vpc.main.id 14 | cidr_block = element(var.public_subnets_cidr, count.index) 15 | availability_zone = element(var.availability_zones_public, count.index) 16 | count = length(var.public_subnets_cidr) 17 | map_public_ip_on_launch = true 18 | depends_on = [ aws_vpc.main ] 19 | 20 | tags = { 21 | 22 | "kubernetes.io/cluster/${var.cluster_name}-${var.environment}" = "shared" 23 | "kubernetes.io/role/elb" = 1 24 | Name = "node-group-subnet-${count.index + 1}-${var.environment}" 25 | state = "public" 26 | } 27 | } 28 | 29 | 30 | 31 | resource "aws_subnet" "private" { 32 | vpc_id = aws_vpc.main.id 33 | cidr_block = element(var.private_subnets_cidr, count.index) 34 | availability_zone = element(var.availability_zones_private, count.index) 35 | count = length(var.private_subnets_cidr) 36 | depends_on = [ aws_vpc.main ] 37 | 38 | tags = { 39 | 40 | "kubernetes.io/cluster/${var.cluster_name}-${var.environment}" = "shared" 41 | "kubernetes.io/role/internal-elb" = 1 42 | "Name" = "fargate-subnet-${count.index + 1}-${var.environment}" 43 | "state" = "private" 44 | } 45 | } 46 | 47 | resource "aws_internet_gateway" "gw" { 48 | vpc_id = aws_vpc.main.id 49 | depends_on = [ aws_vpc.main ] 50 | 51 | tags = { 52 | Name = "eks-internet-gateway-${var.environment}" 53 | } 54 | } 55 | 56 | resource "aws_eip" "nat" { 57 | vpc = true 58 | count = length(var.private_subnets_cidr) 59 | public_ipv4_pool = "amazon" 60 | } 61 | 62 | resource "aws_nat_gateway" "gw" { 63 | count = length(var.private_subnets_cidr) 64 | allocation_id = element(aws_eip.nat.*.id, count.index) 65 | subnet_id = element(aws_subnet.public.*.id, count.index) 66 | depends_on = [aws_internet_gateway.gw] 67 | 68 | tags = { 69 | Name = "eks-nat_Gateway-${count.index + 1}-${var.environment}" 70 | } 71 | } 72 | 73 | resource "aws_route_table" "internet-route" { 74 | vpc_id = aws_vpc.main.id 75 | route { 76 | cidr_block = "${var.cidr_block-internet_gw}" 77 | gateway_id = aws_internet_gateway.gw.id 78 | } 79 | depends_on = [ aws_vpc.main ] 80 | tags = { 81 | Name = "eks-public_route_table-${var.environment}" 82 | state = "public" 83 | } 84 | } 85 | 86 | resource "aws_route_table" "nat-route" { 87 | vpc_id = aws_vpc.main.id 88 | count = length(var.private_subnets_cidr) 89 | route { 90 | cidr_block = "${var.cidr_block-nat_gw}" 91 | gateway_id = element(aws_nat_gateway.gw.*.id, count.index) 92 | } 93 | depends_on = [ aws_vpc.main ] 94 | tags = { 95 | Name = "eks-nat_route_table-${count.index + 1}-${var.environment}" 96 | state = "public" 97 | } 98 | } 99 | 100 | resource "aws_route_table_association" "public" { 101 | count = length(var.public_subnets_cidr) 102 | subnet_id = element(aws_subnet.public.*.id, count.index) 103 | route_table_id = aws_route_table.internet-route.id 104 | 105 | depends_on = [ aws_route_table.internet-route , 106 | aws_subnet.public 107 | ] 108 | } 109 | 110 | 111 | resource "aws_route_table_association" "private" { 112 | count = length(var.private_subnets_cidr) 113 | subnet_id = element(aws_subnet.private.*.id, count.index) 114 | route_table_id = element(aws_route_table.nat-route.*.id, count.index) 115 | depends_on = [ aws_route_table.nat-route , 116 | aws_subnet.private 117 | ] 118 | } 119 | */ -------------------------------------------------------------------------------- /EKS_Fargate/eks/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | resource "aws_eks_cluster" "eks_cluster" { 3 | name = "${var.cluster_name}-${var.environment}" 4 | 5 | role_arn = aws_iam_role.eks_cluster_role.arn 6 | enabled_cluster_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"] 7 | 8 | 9 | vpc_config { 10 | subnet_ids = concat(var.public_subnets, var.private_subnets) 11 | } 12 | 13 | timeouts { 14 | delete = "30m" 15 | } 16 | 17 | depends_on = [ 18 | aws_iam_role_policy_attachment.AmazonEKSClusterPolicy1, 19 | aws_iam_role_policy_attachment.AmazonEKSVPCResourceController1, 20 | aws_cloudwatch_log_group.cloudwatch_log_group 21 | ] 22 | } 23 | 24 | resource "aws_iam_policy" "AmazonEKSClusterCloudWatchMetricsPolicy" { 25 | name = "AmazonEKSClusterCloudWatchMetricsPolicy" 26 | policy = <