├── .gitignore
├── terraform.tfvars
├── files
    ├── terraform-aws-profile.png
    ├── userdata.sh
    ├── conf.wp-config.php
    └── cust.sql
├── providers.tf
├── output.tf
├── vars.tf
├── security.tf
├── README.md
├── ec2-database.tf
└── vpc.tf


/.gitignore:
--------------------------------------------------------------------------------
1 | *state*
2 | .terraform/
3 | *.state*
4 | .*


--------------------------------------------------------------------------------
/terraform.tfvars:
--------------------------------------------------------------------------------
1 | username = "pavan"
2 | password = "pavan12345"
3 | dbname = "mydb"
4 | 


--------------------------------------------------------------------------------
/files/terraform-aws-profile.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/aleti-pavan/terraform-aws-wordpress/HEAD/files/terraform-aws-profile.png


--------------------------------------------------------------------------------
/providers.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = var.aws_reg
 3 |   # version = "2.12.0"
 4 |   profile = "terraform"
 5 | }
 6 | 
 7 | provider "template" {
 8 |     version = "~> 2.1.2"
 9 | }
10 | 
11 | 
12 | 


--------------------------------------------------------------------------------
/output.tf:
--------------------------------------------------------------------------------
 1 | output "ami_id" {
 2 |   value = data.aws_ami.ubuntu.id
 3 | }
 4 | 
 5 | output "Login" {
 6 |   value = "ssh -i ${aws_key_pair.keypair1.key_name} ubuntu@${aws_instance.ec2.public_ip}"
 7 | }
 8 | 
 9 | output "azs" {
10 |   value = data.aws_availability_zones.azs.*.names
11 | }
12 | 
13 | output "db_access_from_ec2" {
14 |   value = "mysql -h ${aws_db_instance.mysql.address} -P ${aws_db_instance.mysql.port} -u ${var.username} -p${var.password}"
15 | }
16 | 
17 | output "access" {
18 |   value = "http://${aws_instance.ec2.public_ip}/index.php"
19 | }
20 | 


--------------------------------------------------------------------------------
/vars.tf:
--------------------------------------------------------------------------------
 1 | variable aws_reg {
 2 |   description = "This is aws region"
 3 |   default     = "eu-west-2"
 4 |   type        = string
 5 | }
 6 | 
 7 | variable stack {
 8 |   description = "this is name for tags"
 9 |   default     = "terraform"
10 | }
11 | 
12 | variable username {
13 |   description = "DB username"
14 | }
15 | 
16 | variable password {
17 |   description = "DB password"
18 | }
19 | 
20 | variable dbname {
21 |   description = "db name"
22 | }
23 | 
24 | variable ssh_key {
25 |   default     = "~/.ssh/id_rsa.pub"
26 |   description = "Default pub key"
27 | }
28 | 
29 | variable ssh_priv_key {
30 |   default     = "~/.ssh/id_rsa"
31 |   description = "Default private key"
32 | }
33 | 


--------------------------------------------------------------------------------
/files/userdata.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | sudo echo "127.0.0.1 `hostname`" >> /etc/hosts
 3 | sudo apt-get update -y
 4 | sudo apt-get install mysql-client -y
 5 | sudo apt-get install apache2 apache2-utils -y
 6 | sudo apt-get install php5 -y
 7 | sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt php5-curl php5-gd php5-xmlrp -y
 8 | sudo apt-get install php5-mysqlnd-ms -y
 9 | sudo service apache2 restart
10 | sudo wget -c http://wordpress.org/wordpress-5.1.1.tar.gz
11 | sudo tar -xzvf wordpress-5.1.1.tar.gz
12 | sleep 20
13 | sudo mkdir -p /var/www/html/
14 | sudo rsync -av wordpress/* /var/www/html/
15 | sudo chown -R www-data:www-data /var/www/html/
16 | sudo chmod -R 755 /var/www/html/
17 | sudo cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
18 | sudo service apache2 restart
19 | sleep 20
20 | 


--------------------------------------------------------------------------------
/security.tf:
--------------------------------------------------------------------------------
 1 | resource aws_security_group "mysql" {
 2 |   name        = "${var.stack}-DBSG"
 3 |   description = "managed by terrafrom for db servers"
 4 |   vpc_id      = aws_vpc.vpc.id
 5 | 
 6 |   tags = {
 7 |     Name = "${var.stack}-DBSG"
 8 |   }
 9 | 
10 |   ingress {
11 |     protocol        = "tcp"
12 |     from_port       = 3306
13 |     to_port         = 3306
14 |     security_groups = ["${aws_security_group.web.id}"]
15 |   }
16 | 
17 |   egress {
18 |     protocol    = -1
19 |     from_port   = 0
20 |     to_port     = 0
21 |     cidr_blocks = ["0.0.0.0/0"]
22 |   }
23 | }
24 | 
25 | resource aws_security_group "web" {
26 |   name        = "${var.stack}-webSG"
27 |   description = "This is for ${var.stack}s web servers security group"
28 |   vpc_id      = "${aws_vpc.vpc.id}"
29 | 
30 |   tags = {
31 |     Name = "${var.stack}-webSG"
32 |   }
33 | 
34 |   ingress {
35 |     protocol    = "tcp"
36 |     from_port   = 22
37 |     to_port     = 22
38 |     cidr_blocks = ["0.0.0.0/0"]
39 |   }
40 | 
41 |   ingress {
42 |     protocol    = "icmp"
43 |     from_port   = -1
44 |     to_port     = -1
45 |     cidr_blocks = [aws_vpc.vpc.cidr_block]
46 |   }
47 | 
48 |   ingress {
49 |     protocol    = "tcp"
50 |     from_port   = 80
51 |     to_port     = 80
52 |     cidr_blocks = ["0.0.0.0/0"]
53 |   }
54 | 
55 |   egress {
56 |     protocol    = -1
57 |     from_port   = 0
58 |     to_port     = 0
59 |     cidr_blocks = ["0.0.0.0/0"]
60 |   }
61 | }
62 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | What's this:
 2 | =========
 3 | 
 4 | This is to set up wordpress using AWS infrastructure. We are using terraform to provision infrastructure. Code uses and creates following aws services.
 5 | 
 6 | 1. VPC and it's components
 7 | 2. Subnets, Route Tables, Internet Gateway, Nat Gateway.
 8 | 3. EC2 instance
 9 | 4. EIP for NAT Gateway
10 | 5. RDS mysql instance.
11 | 6. Security Groups to access both EC2 and MYSQL
12 | 
13 | Note:  
14 | -----
15 | You may get charged by aws for using services
16 | 
17 | 
18 | ### Pre-requisite:
19 | 
20 |    1. You need to have Ssh keys generated and should be put into `~/.ssh/` , if your machine is windows then feel free to use diff path and update the same in the `ssh_key` variable in the `vars.tf`
21 | 
22 |    2. create an IAM user and create security credentials(AccessKey, SecretKey) and update in the `~/.aws/credentials` file like below
23 |    ![terraform-aws-profile](files/terraform-aws-profile.png)
24 |    
25 |    __Note__ : if you have default profile, just erase the `profile` attribute in `provider.tf`
26 | 
27 | 
28 | Usage:
29 | =======
30 | 
31 | provisioning:
32 | -------------
33 | 
34 | 1. git clone https://github.com/aleti-pavan/terraform-aws-wordpress.git
35 | 2. cd terraform-aws-wordpress
36 | 2. terraform init
37 | 3. terraform plan
38 | 4. terraform apply -auto-approve
39 | 
40 | Destroying the Infra:
41 | ---------------------
42 | 1. cd terraform-aws-wordpress (Be in the repo directory)
43 | 2. terraform destroy -auto-approve
44 | 
45 | 
46 | 
47 | Change: (latest detail from top)
48 | ------ 
49 | 
50 | Code has been changed on 11th April, 2020. Code is now compatible with below versions.
51 | 
52 | Versions:
53 | --------
54 | Terraform v0.12.24
55 | + provider.aws v2.12.0
56 | + provider.template v2.1.2
57 | 
58 | 
59 | 
60 | __(Old)__ Code slightly changed on 31st May, 2019. 
61 | I have added providers.tf with versions required for each provider


--------------------------------------------------------------------------------
/files/conf.wp-config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | /**
 3 |  * The base configuration for WordPress
 4 |  *
 5 |  * The wp-config.php creation script uses this file during the
 6 |  * installation. You don't have to use the web site, you can
 7 |  * copy this file to "wp-config.php" and fill in the values.
 8 |  *
 9 |  * This file contains the following configurations:
10 |  *
11 |  * * MySQL settings
12 |  * * Secret keys
13 |  * * Database table prefix
14 |  * * ABSPATH
15 |  *
16 |  * @link https://codex.wordpress.org/Editing_wp-config.php
17 |  *
18 |  * @package WordPress
19 |  */
20 | 
21 | // ** MySQL settings - You can get this info from your web host ** //
22 | /** The name of the database for WordPress */
23 | define( 'DB_NAME', '${db_name}' );
24 | 
25 | /** MySQL database username */
26 | define( 'DB_USER', '${db_user}' );
27 | 
28 | /** MySQL database password */
29 | define( 'DB_PASSWORD', '${db_pass}' );
30 | 
31 | /** MySQL hostname */
32 | define( 'DB_HOST', '${db_host}:${db_port}' );
33 | 
34 | /** Database Charset to use in creating database tables. */
35 | define( 'DB_CHARSET', 'utf8' );
36 | 
37 | /** The Database Collate type. Don't change this if in doubt. */
38 | define( 'DB_COLLATE', '' );
39 | 
40 | /**#@+
41 |  * Authentication Unique Keys and Salts.
42 |  *
43 |  * Change these to different unique phrases!
44 |  * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
45 |  * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
46 |  *
47 |  * @since 2.6.0
48 |  */
49 | define( 'AUTH_KEY',         'put your unique phrase here' );
50 | define( 'SECURE_AUTH_KEY',  'put your unique phrase here' );
51 | define( 'LOGGED_IN_KEY',    'put your unique phrase here' );
52 | define( 'NONCE_KEY',        'put your unique phrase here' );
53 | define( 'AUTH_SALT',        'put your unique phrase here' );
54 | define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
55 | define( 'LOGGED_IN_SALT',   'put your unique phrase here' );
56 | define( 'NONCE_SALT',       'put your unique phrase here' );
57 | 
58 | /**#@-*/
59 | 
60 | /**
61 |  * WordPress Database Table prefix.
62 |  *
63 |  * You can have multiple installations in one database if you give each
64 |  * a unique prefix. Only numbers, letters, and underscores please!
65 |  */
66 | $table_prefix = 'wp_';
67 | 
68 | /**
69 |  * For developers: WordPress debugging mode.
70 |  *
71 |  * Change this to true to enable the display of notices during development.
72 |  * It is strongly recommended that plugin and theme developers use WP_DEBUG
73 |  * in their development environments.
74 |  *
75 |  * For information on other constants that can be used for debugging,
76 |  * visit the Codex.
77 |  *
78 |  * @link https://codex.wordpress.org/Debugging_in_WordPress
79 |  */
80 | define( 'WP_DEBUG', false );
81 | 
82 | /* That's all, stop editing! Happy publishing. */
83 | 
84 | /** Absolute path to the WordPress directory. */
85 | if ( ! defined( 'ABSPATH' ) ) {
86 | 	define( 'ABSPATH', dirname( __FILE__ ) . '/' );
87 | }
88 | 
89 | /** Sets up WordPress vars and included files. */
90 | require_once( ABSPATH . 'wp-settings.php' );


--------------------------------------------------------------------------------
/files/cust.sql:
--------------------------------------------------------------------------------
 1 | -- MySQL dump 10.13  Distrib 5.6.10, for osx10.7 (x86_64)
 2 | --
 3 | -- Host: localhost    Database: customer
 4 | -- ------------------------------------------------------
 5 | -- Server version	5.6.10
 6 | 
 7 | /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
 8 | /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
 9 | /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
10 | /*!40101 SET NAMES utf8 */;
11 | /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
12 | /*!40103 SET TIME_ZONE='+00:00' */;
13 | /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
14 | /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
15 | /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
16 | /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
17 | 
18 | --
19 | -- Table structure for table `customer`
20 | --
21 | use mydb;
22 | DROP TABLE IF EXISTS `customer`;
23 | /*!40101 SET @saved_cs_client     = @@character_set_client */;
24 | /*!40101 SET character_set_client = utf8 */;
25 | CREATE TABLE `customer` (
26 |   `id` int(11) NOT NULL AUTO_INCREMENT,
27 |   `first_name` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
28 |   `last_name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
29 |   `phone_number` varchar(15) COLLATE utf8_unicode_ci NOT NULL,
30 |   `email_address` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
31 |   `city` varchar(80) COLLATE utf8_unicode_ci NOT NULL,
32 |   `state` varchar(2) COLLATE utf8_unicode_ci NOT NULL,
33 |   `date_registered` date NOT NULL,
34 |   PRIMARY KEY (`id`)
35 | ) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
36 | /*!40101 SET character_set_client = @saved_cs_client */;
37 | 
38 | --
39 | -- Dumping data for table `customer`
40 | --
41 | 
42 | LOCK TABLES `customer` WRITE;
43 | /*!40000 ALTER TABLE `customer` DISABLE KEYS */;
44 | INSERT INTO `customer` VALUES (1,'Casey','Scarborough','7706543210','caseyscarborough@gmail.com','Atlanta','GA','2013-05-01'),(2,'Kristine','Paker','6417827169','kristine@paker.com','Union','IA','2013-05-14'),(3,'George','Tukis','2299244251','asdf','asdf','TX','2012-02-20'),(4,'Marcie','Shulz','2105246711','marcie@shulz.com','Washoe','NV','2013-01-12'),(5,'Marshall','Hutch','7242257064','asdf','Washington','PA','2011-07-18'),(6,'Don','asdf','qw','asdf','Mercer','NJ','2013-04-09'),(7,'Beverly','Cambel','9072723953','beverly@cambel.com','Anchorage','AK','2012-12-17'),(8,'Don','Barker','asdf','asdf','asdf','NE','2013-05-02'),(9,'asdf','Seid','5033718219','roger@seid.com','','FL','2012-11-12'),(10,'asdf','asdf','7324428514','allyson@gillispie.com','Trenton','NJ','2012-09-29');
45 | /*!40000 ALTER TABLE `customer` ENABLE KEYS */;
46 | UNLOCK TABLES;
47 | /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
48 | 
49 | /*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
50 | /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
51 | /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
52 | /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
53 | /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
54 | /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
55 | /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
56 | 
57 | -- Dump completed on 2013-05-14 23:00:06
58 | 


--------------------------------------------------------------------------------
/ec2-database.tf:
--------------------------------------------------------------------------------
  1 | 
  2 | resource "aws_key_pair" "keypair1" {
  3 |   key_name   = "${var.stack}-keypairs"
  4 |   public_key = file(var.ssh_key)
  5 | }
  6 | 
  7 | data "template_file" "phpconfig" {
  8 |   template = file("files/conf.wp-config.php")
  9 | 
 10 |   vars = {
 11 |     db_port = aws_db_instance.mysql.port
 12 |     db_host = aws_db_instance.mysql.address
 13 |     db_user = var.username
 14 |     db_pass = var.password
 15 |     db_name = var.dbname
 16 |   }
 17 | }
 18 | 
 19 | resource "aws_db_instance" "mysql" {
 20 |   allocated_storage      = 20
 21 |   storage_type           = "gp2"
 22 |   engine                 = "mysql"
 23 |   engine_version         = "5.7"
 24 |   instance_class         = "db.t2.micro"
 25 |   name                   = var.dbname
 26 |   username               = var.username
 27 |   password               = var.password
 28 |   parameter_group_name   = "default.mysql5.7"
 29 |   vpc_security_group_ids = [aws_security_group.mysql.id]
 30 |   db_subnet_group_name   = aws_db_subnet_group.mysql.name
 31 |   skip_final_snapshot    = true
 32 | }
 33 | 
 34 | resource "aws_instance" "ec2" {
 35 |   ami           = data.aws_ami.ubuntu.id
 36 |   instance_type = "t2.micro"
 37 | 
 38 |   depends_on = [
 39 |     aws_db_instance.mysql,
 40 |   ]
 41 | 
 42 |   key_name                    = aws_key_pair.keypair1.key_name
 43 |   vpc_security_group_ids      = [aws_security_group.web.id]
 44 |   subnet_id                   = aws_subnet.public1.id
 45 |   associate_public_ip_address = true
 46 | 
 47 |   user_data = file("files/userdata.sh")
 48 | 
 49 |   tags = {
 50 |     Name = "EC2 Instance"
 51 |   }
 52 | 
 53 |   provisioner "file" {
 54 |     source      = "files/userdata.sh"
 55 |     destination = "/tmp/userdata.sh"
 56 | 
 57 |     connection {
 58 |       type        = "ssh"
 59 |       user        = "ubuntu"
 60 |       host = self.public_ip
 61 |       private_key = file(var.ssh_priv_key)
 62 |     }
 63 |   }
 64 | 
 65 |   provisioner "remote-exec" {
 66 |     inline = [
 67 |       "chmod +x /tmp/userdata.sh",
 68 |       "/tmp/userdata.sh",
 69 |     ]
 70 | 
 71 |     connection {
 72 |       type        = "ssh"
 73 |       user        = "ubuntu"
 74 |       host = self.public_ip
 75 |       private_key = file(var.ssh_priv_key)
 76 |     }
 77 |   }
 78 | 
 79 |   provisioner "file" {
 80 |     content     = data.template_file.phpconfig.rendered
 81 |     destination = "/tmp/wp-config.php"
 82 | 
 83 |     connection {
 84 |       type        = "ssh"
 85 |       user        = "ubuntu"
 86 |       host = self.public_ip
 87 |       private_key = file(var.ssh_priv_key)
 88 |     }
 89 |   }
 90 | 
 91 |   provisioner "remote-exec" {
 92 |     inline = [
 93 |       "sudo cp /tmp/wp-config.php /var/www/html/wp-config.php",
 94 |     ]
 95 | 
 96 |     connection {
 97 |       type        = "ssh"
 98 |       user        = "ubuntu"
 99 |       host = self.public_ip
100 |       private_key = file(var.ssh_priv_key)
101 |     }
102 |   }
103 | 
104 |   timeouts {
105 |     create = "20m"
106 |   }
107 | }
108 | 
109 | data "aws_ami" "ubuntu" {
110 |   most_recent = true
111 | 
112 |   filter {
113 |     name   = "name"
114 |     values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
115 |   }
116 | 
117 |   filter {
118 |     name   = "virtualization-type"
119 |     values = ["hvm"]
120 |   }
121 | 
122 |   owners = ["099720109477"] # Canonical
123 | }
124 | 


--------------------------------------------------------------------------------
/vpc.tf:
--------------------------------------------------------------------------------
  1 | data "aws_availability_zones" "azs" {
  2 | 
  3 | }
  4 | 
  5 | resource "aws_vpc" "vpc" {
  6 |   cidr_block = "10.0.0.0/16"
  7 | 
  8 |   tags = {
  9 |     Name = "${var.stack}-vpc"
 10 |   }
 11 | }
 12 | 
 13 | resource "aws_internet_gateway" "igw" {
 14 |   vpc_id = aws_vpc.vpc.id
 15 | 
 16 |   tags = {
 17 |     Name = "${var.stack}-igw"
 18 |   }
 19 | }
 20 | 
 21 | resource "aws_nat_gateway" "nat" {
 22 |   subnet_id     = aws_subnet.public1.id
 23 |   allocation_id = aws_eip.eip.id
 24 | 
 25 |   tags = {
 26 |     Name = "${var.stack}-nat"
 27 |   }
 28 | }
 29 | 
 30 | resource "aws_eip" "eip" {
 31 | 
 32 |   vpc = true
 33 | 
 34 |   tags = {
 35 |     Name = "${var.stack}-nat-ip"
 36 |   }
 37 | }
 38 | 
 39 | resource "aws_route_table" "private" {
 40 |   vpc_id = aws_vpc.vpc.id
 41 | 
 42 |   route {
 43 |     cidr_block = "0.0.0.0/0"
 44 |     gateway_id = aws_nat_gateway.nat.id
 45 |   }
 46 | 
 47 |   tags = {
 48 |     Name = "${var.stack}-private"
 49 |   }
 50 | }
 51 | 
 52 | resource "aws_route_table" "public" {
 53 |   vpc_id = aws_vpc.vpc.id
 54 | 
 55 |   route {
 56 |     cidr_block = "0.0.0.0/0"
 57 |     gateway_id = aws_internet_gateway.igw.id
 58 |   }
 59 | 
 60 |   tags = {
 61 |     Name = "${var.stack}-public"
 62 |   }
 63 | }
 64 | 
 65 | resource "aws_route_table_association" "private1" {
 66 |   route_table_id = aws_route_table.private.id
 67 | 
 68 |   subnet_id = aws_subnet.private1.id
 69 | }
 70 | 
 71 | resource "aws_route_table_association" "private2" {
 72 |   route_table_id = aws_route_table.private.id
 73 |   subnet_id      = aws_subnet.private2.id
 74 | }
 75 | 
 76 | resource "aws_route_table_association" "private3" {
 77 |   route_table_id = aws_route_table.private.id
 78 |   subnet_id      = aws_subnet.private3.id
 79 | }
 80 | 
 81 | resource "aws_route_table_association" "public1" {
 82 |   route_table_id = aws_route_table.public.id
 83 | 
 84 |   subnet_id = aws_subnet.public1.id
 85 | }
 86 | 
 87 | resource "aws_route_table_association" "public2" {
 88 |   route_table_id = aws_route_table.public.id
 89 |   subnet_id      = aws_subnet.public2.id
 90 | }
 91 | 
 92 | resource "aws_subnet" "public1" {
 93 |   vpc_id            = aws_vpc.vpc.id
 94 |   cidr_block        = "10.0.1.0/24"
 95 |   availability_zone = data.aws_availability_zones.azs.names[0]
 96 | 
 97 |   tags = {
 98 |     Name = "${var.stack}-public-1"
 99 |   }
100 | }
101 | 
102 | resource "aws_subnet" "public2" {
103 |   vpc_id     = aws_vpc.vpc.id
104 |   cidr_block = "10.0.2.0/24"
105 | 
106 |   availability_zone = data.aws_availability_zones.azs.names[1]
107 | 
108 |   tags = {
109 |     Name = "${var.stack}-public-2"
110 |   }
111 | }
112 | 
113 | resource "aws_subnet" "private1" {
114 |   vpc_id     = aws_vpc.vpc.id
115 |   cidr_block = "10.0.3.0/24"
116 | 
117 |   availability_zone = data.aws_availability_zones.azs.names[0]
118 | 
119 |   tags = {
120 |     Name = "${var.stack}-private-1"
121 |   }
122 | }
123 | 
124 | resource "aws_subnet" "private2" {
125 |   vpc_id     = aws_vpc.vpc.id
126 |   cidr_block = "10.0.4.0/24"
127 | 
128 |   availability_zone = data.aws_availability_zones.azs.names[1]
129 | 
130 |   tags = {
131 |     Name = "${var.stack}-private-2"
132 |   }
133 | }
134 | 
135 | resource "aws_subnet" "private3" {
136 |   vpc_id            = aws_vpc.vpc.id
137 |   cidr_block        = "10.0.5.0/24"
138 |   availability_zone = data.aws_availability_zones.azs.names[2]
139 | 
140 |   tags = {
141 |     Name = "${var.stack}-private-3"
142 |   }
143 | }
144 | 
145 | resource "aws_db_subnet_group" "mysql" {
146 |   name       = "${var.stack}-subngroup"
147 |   subnet_ids = [aws_subnet.private1.id, aws_subnet.private2.id, aws_subnet.private3.id]
148 | 
149 |   tags = {
150 |     Name = "${var.stack}-subnetGroup"
151 |   }
152 | }
153 | 


--------------------------------------------------------------------------------