10 | 
11 |
12 | }
13 |
14 |
24 |
25 |
11 |
26 |
27 |
28 |
45 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | ## AWS Terraform Blueprint: Windows Workloads
2 |
3 | The AWS Terraform Blueprint: Windows Workloads is a project born due to the lack of Terraform blueprints for Windows on AWS. A group of AWS Specialist Solution Architects on Windows Workloads at AWS developed these blueprints. You can use them as samples to build your own Terraform templates or deploy test environments.
4 |
5 | We were inclined to simplicity, and our code is easy to read, whether you are new to Terraform or an expert.
6 |
7 | ## How to use
8 | Navigate into the **modules** folder, where you can find each individual module that we have created.
9 |
10 |
11 | First of all, you can use a VPC module to deploy a fully functional VPC with private/public subnets, internet gateway, nat gateway, and proper routing setup. Once you deploy this module, all other modules can be deployed on top of that. This is only required if you are starting with Terraform; otherwise, you can customize it as needed.
12 |
13 | You can choose between two options for using these modules:
14 | - Downloading the modules and including them in your project
15 | - Using them directly from the [Terraform registry](https://registry.terraform.io/modules/aws-samples/windows-workloads-on-aws/aws). From here, click the **submodules** banner and select the one you're interested in learning about. This will load all the information and instructions for using the module.
16 |
17 | ## Security
18 |
19 | See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.
20 |
21 | ## License
22 |
23 | This library is licensed under the MIT-0 License. See the [LICENSE](LICENSE.md) file.
--------------------------------------------------------------------------------
/modules/ecs-ec2-windows/locals.tf:
--------------------------------------------------------------------------------
1 | locals {
2 | internet = "0.0.0.0/0"
3 |
4 | managedpolicies_AmazonEC2ContainerServiceforEC2Role = [
5 | "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role",
6 | "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
7 | ]
8 |
9 | managedpolicies_AmazonECSTaskExecutionRolePolicy = [
10 | "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
11 | ]
12 |
13 | vpce = [
14 | "com.amazonaws.us-east-1.ecs",
15 | "com.amazonaws.us-east-1.ecs-agent",
16 | "com.amazonaws.us-east-1.ecs-telemetry",
17 | "com.amazonaws.us-east-1.ecr.api",
18 | "com.amazonaws.us-east-1.ecr.dkr"
19 | ]
20 |
21 | asg_metrics = [
22 | "GroupMinSize",
23 | "GroupMaxSize",
24 | "GroupDesiredCapacity",
25 | "GroupInServiceInstances",
26 | "GroupPendingInstances",
27 | "GroupStandbyInstances",
28 | "GroupTerminatingInstances",
29 | "GroupTotalInstances",
30 | "GroupInServiceCapacity",
31 | "GroupInServiceCapacity",
32 | "GroupPendingCapacity",
33 | "GroupStandbyCapacity",
34 | "GroupTerminatingCapacity",
35 | "GroupTotalCapacity",
36 | "WarmPoolDesiredCapacity",
37 | "WarmPoolWarmedCapacity",
38 | "WarmPoolPendingCapacity",
39 | "WarmPoolTerminatingCapacity",
40 | "WarmPoolTotalCapacity",
41 | "GroupAndWarmPoolDesiredCapacity",
42 | "GroupAndWarmPoolTotalCapacity",
43 | ]
44 | }
45 |
46 | locals {
47 | http_port = 80
48 | any_port = 0
49 | any_protocol = "-1"
50 | tcp_protocol = "tcp"
51 | all_ips_ipv4 = ["0.0.0.0/0"]
52 | all_ips_ipv6 = ["::/0"]
53 | }
54 |
55 |
--------------------------------------------------------------------------------
/workshops/ENT303/existing_webserverfiles/Views/Shared/_Layout.cshtml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 | | Name | 30 |Signal | 31 |Timestamp | 32 |
|---|---|---|
| @signal.Username | 39 |Sent | 40 |@signal.Timestamp.ToShortDateString() @signal.Timestamp.ToLongTimeString() | 41 |
12 |
26 |
13 |
25 |
14 |
15 | 
16 |
17 |
22 | @Html.ActionLink("Communication Rig", "Index", "Home", new { area = "" }, new { @class = "navbar-brand" })
23 |
24 |
16 |
17 |
22 | @Html.ActionLink("Communication Rig", "Index", "Home", new { area = "" }, new { @class = "navbar-brand" })
23 |
27 | @RenderBody()
28 |
29 | 32 |
33 |
34 | @Scripts.Render("~/bundles/jquery")
35 | @Scripts.Render("~/bundles/bootstrap")
36 | @RenderSection("scripts", required: false)
37 |
38 |
39 |
--------------------------------------------------------------------------------
/workshops/ENT303/existing_webserverfiles/bin/roslyn/csc.rsp:
--------------------------------------------------------------------------------
1 | # Copyright (c) Microsoft. All Rights Reserved. Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
2 |
3 | # This file contains command-line options that the C#
4 | # command line compiler (CSC) will process as part
5 | # of every compilation, unless the "/noconfig" option
6 | # is specified.
7 |
8 | # Reference the common Framework libraries
9 | /r:Accessibility.dll
10 | /r:Microsoft.CSharp.dll
11 | /r:System.Configuration.dll
12 | /r:System.Configuration.Install.dll
13 | /r:System.Core.dll
14 | /r:System.Data.dll
15 | /r:System.Data.DataSetExtensions.dll
16 | /r:System.Data.Linq.dll
17 | /r:System.Data.OracleClient.dll
18 | /r:System.Deployment.dll
19 | /r:System.Design.dll
20 | /r:System.DirectoryServices.dll
21 | /r:System.dll
22 | /r:System.Drawing.Design.dll
23 | /r:System.Drawing.dll
24 | /r:System.EnterpriseServices.dll
25 | /r:System.Management.dll
26 | /r:System.Messaging.dll
27 | /r:System.Runtime.Remoting.dll
28 | /r:System.Runtime.Serialization.dll
29 | /r:System.Runtime.Serialization.Formatters.Soap.dll
30 | /r:System.Security.dll
31 | /r:System.ServiceModel.dll
32 | /r:System.ServiceModel.Web.dll
33 | /r:System.ServiceProcess.dll
34 | /r:System.Transactions.dll
35 | /r:System.Web.dll
36 | /r:System.Web.Extensions.Design.dll
37 | /r:System.Web.Extensions.dll
38 | /r:System.Web.Mobile.dll
39 | /r:System.Web.RegularExpressions.dll
40 | /r:System.Web.Services.dll
41 | /r:System.Windows.Forms.dll
42 | /r:System.Workflow.Activities.dll
43 | /r:System.Workflow.ComponentModel.dll
44 | /r:System.Workflow.Runtime.dll
45 | /r:System.Xml.dll
46 | /r:System.Xml.Linq.dll
47 |
--------------------------------------------------------------------------------
/workshops/ENT303/codeblock05.tf:
--------------------------------------------------------------------------------
1 | #Load Balancer
2 | resource "aws_lb" "websrv" {
3 | name_prefix = format("%s%s", var.CustomerCode, "alb") #cannot be longer than 6 characters
4 | internal = false
5 | load_balancer_type = "application"
6 | security_groups = [aws_security_group.web01.id]
7 | subnets = [aws_subnet.pub_subnet_01.id,aws_subnet.pub_subnet_02.id]
8 |
9 | enable_deletion_protection = false
10 |
11 | access_logs {
12 | bucket = aws_s3_bucket.websrv.id
13 | prefix = "albaccesslogs"
14 | enabled = true
15 | }
16 |
17 | tags = {
18 | Name = format("%s%s%s%s", var.CustomerCode, "alb", var.EnvironmentCode, "websrv01")
19 | resourcetype = "network"
20 | codeblock = "codeblock05"
21 | }
22 | }
23 |
24 | resource "aws_lb_target_group" "websrv" {
25 | name = format("%s%s%s%s", var.CustomerCode, "ltg", var.EnvironmentCode, "websrv01")
26 | target_type = "instance"
27 | port = 80
28 | protocol = "TCP"
29 | vpc_id = aws_vpc.vpc_01.id
30 | load_balancing_algorithm_type = "round_robin"
31 |
32 | stickiness {
33 | enabled = true
34 | type = "lb_cookie"
35 | cookie_duration = 86400
36 | }
37 |
38 | tags = {
39 | Name = format("%s%s%s%s", var.CustomerCode, "ltg", var.EnvironmentCode, "websrv01")
40 | resourcetype = "task05"
41 | codeblock = "codeblock05"
42 | }
43 | }
44 |
45 | ##CORRUPTED## "websrv" {
46 | ##CORRUPTED##
47 | ##CORRUPTED##
48 | ##CORRUPTED##
49 |
50 | default_action {
51 | type = "forward"
52 | ##CORRUPTED##
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/modules/ecs-fargate-windows/README.md:
--------------------------------------------------------------------------------
1 | # Amazon ECS for Windows containers
2 |
3 | Terraform module, which deploys an ECS cluster for Windows containers using Fargate Windows-based tasks. It is required to wait until Fargate tasks reach Running status before accessing the ALB DNS Name output.
4 |
5 | ## Providers
6 |
7 | - hashicorp/aws | version = "~> 5.0"
8 |
9 | ## Variables description
10 | - **ecs_windows_cluster_name (string)**: ECS Cluster name
11 | - **ecsTaskExecutionRole_name (string)**: Name for the ECS task execution role
12 | - **alb_ingress_name (string)**: Name for the ALB ingress security group
13 | - **alb_ingress_ports (list(number))**: List of ports opened from Internet to ALB
14 | - **ecs_fargate_task_name (string)**: Fargate task name
15 | - **fargate_task_definition_name (string)**: Fargate task definition name
16 | - **fargate_task_definition_cpu (number)**: Fargate task CPU count
17 | - **fargate_task_definition_memory (number)**: Fargate task Memory count
18 | - **fargate_task_definition_image (string)**: Windows container image
19 | - **ecs_service_name (string)**: Name for the ECS service
20 | - **desired_task_count (number)**: Desired tasks for the ECS service
21 | - **alb_name (string)**: Name for the Application Load Balancer
22 | - **alb_target_group_name (string)**: Name for the ALB target group - Only alphanumeric characters and hyphens allowed in name
23 |
24 | ## Usage
25 |
26 | ```hcl
27 | module "ecs-windows" {
28 | source = "aws-samples/windows-workloads-on-aws/aws//modules/ecs-fargate-windows"
29 |
30 | alb_name = "fargate-windows-2022-iis-alb"
31 | ecs_service_name = "fargate-windows-2022-iis"
32 | desired_task_count = 2
33 | }
34 | ```
35 | ## Outputs
36 |
37 | - **aws_lb.ecs_alb.dns_name**: ALB DNS Name
38 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report
3 | about: Create a report to help us improve
4 | title: "[BUG]"
5 | labels: bug
6 | assignees: marciogmorales
7 |
8 | ---
9 |
10 | ## Description
11 |
12 | Please provide a clear and concise description of the issue you are encountering, and a reproduction of your configuration.
13 |
14 | If your request is for a new feature, please use the `Feature request` template.
15 |
16 | - [ ] ✋ I have searched the open/closed issues and my issue is not listed.
17 |
18 | ## ⚠️ Note
19 |
20 | Before you submit an issue, please perform the following first:
21 |
22 | 1. Remove the local `.terraform` directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): `rm -rf .terraform/`
23 | 2. Re-initialize the project root to pull down modules: `terraform init`
24 | 3. Re-attempt your terraform plan or apply and check if the issue still persists
25 |
26 | ## Versions
27 |
28 | - Module version [Required]:
29 |
30 | - Terraform version:
31 |
32 | - Provider version(s):
33 |
34 |
35 | ## Reproduction Code [Required]
36 |
37 |
38 |
39 | Steps to reproduce the behavior:
40 |
41 |
42 |
43 |
44 | ## Expected behavior
45 |
46 |
47 |
48 | ## Actual behavior
49 |
50 |
51 |
52 | ### Terminal Output Screenshot(s)
53 |
54 |
55 |
56 | ## Additional context
57 |
58 |
59 |
--------------------------------------------------------------------------------
/modules/ecs-fargate-windows/variables.tf:
--------------------------------------------------------------------------------
1 | ## ECS Cluster
2 |
3 | variable "ecs_windows_cluster_name" {
4 | type = string
5 | default = "ECS-Windows"
6 | }
7 |
8 | ## ECS IAM Roles and Instance Roles
9 |
10 | variable "ecsTaskExecutionRole_name" {
11 | type = string
12 | default = "ecs_windows_ecsTaskExecutionRole"
13 | }
14 |
15 | ## Security Group
16 |
17 | variable "alb_ingress_name" {
18 | type = string
19 | default = "ECS - Application Load Balancer - Ingress"
20 | }
21 |
22 | variable "alb_ingress_ports" {
23 | type = list(number)
24 | description = "List of ports opened from Internet to ALB"
25 | default = [80, 443]
26 | }
27 |
28 | ## ECS Task Definitions
29 |
30 | ### Fargate Task_Definition
31 |
32 | variable "fargate_task_definition_name" {
33 | type = string
34 | default = "iis_fargate"
35 | }
36 |
37 | variable "fargate_task_definition_cpu" {
38 | type = number
39 | default = "1024"
40 | }
41 |
42 | variable "fargate_task_definition_memory" {
43 | type = number
44 | default = "2048"
45 | }
46 |
47 | variable "fargate_task_definition_image" {
48 | type = string
49 | default = "mcr.microsoft.com/windows/servercore/iis:windowsservercore-ltsc2022"
50 | }
51 |
52 | ## ECS Service
53 |
54 | variable "ecs_service_name" {
55 | type = string
56 | default = "fargate-windows-2022-iis"
57 | }
58 |
59 | variable "desired_task_count" {
60 | type = number
61 | default = "2"
62 | }
63 |
64 | ## ALB
65 |
66 | variable "alb_name" {
67 | type = string
68 | default = "fargate-windows-2022-iis-alb"
69 | }
70 |
71 | ## ALB Target Group
72 |
73 | variable "alb_target_group_name" {
74 | type = string
75 | default = "fargate-iis-target-group"
76 | description = "Only alphanumeric characters and hyphens allowed in name"
77 | }
--------------------------------------------------------------------------------
/workshops/ENT303/existing_webserverfiles/bin/roslyn/vbc.rsp:
--------------------------------------------------------------------------------
1 | # Copyright (c) Microsoft. All Rights Reserved. Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
2 |
3 | # This file contains command-line options that the VB
4 | # command line compiler (VBC) will process as part
5 | # of every compilation, unless the "/noconfig" option
6 | # is specified.
7 |
8 | # Reference the common Framework libraries
9 | /r:Accessibility.dll
10 | /r:System.Configuration.dll
11 | /r:System.Configuration.Install.dll
12 | /r:System.Data.dll
13 | /r:System.Data.OracleClient.dll
14 | /r:System.Deployment.dll
15 | /r:System.Design.dll
16 | /r:System.DirectoryServices.dll
17 | /r:System.dll
18 | /r:System.Drawing.Design.dll
19 | /r:System.Drawing.dll
20 | /r:System.EnterpriseServices.dll
21 | /r:System.Management.dll
22 | /r:System.Messaging.dll
23 | /r:System.Runtime.Remoting.dll
24 | /r:System.Runtime.Serialization.Formatters.Soap.dll
25 | /r:System.Security.dll
26 | /r:System.ServiceProcess.dll
27 | /r:System.Transactions.dll
28 | /r:System.Web.dll
29 | /r:System.Web.Mobile.dll
30 | /r:System.Web.RegularExpressions.dll
31 | /r:System.Web.Services.dll
32 | /r:System.Windows.Forms.dll
33 | /r:System.XML.dll
34 |
35 | /r:System.Workflow.Activities.dll
36 | /r:System.Workflow.ComponentModel.dll
37 | /r:System.Workflow.Runtime.dll
38 | /r:System.Runtime.Serialization.dll
39 | /r:System.ServiceModel.dll
40 |
41 | /r:System.Core.dll
42 | /r:System.Xml.Linq.dll
43 | /r:System.Data.Linq.dll
44 | /r:System.Data.DataSetExtensions.dll
45 | /r:System.Web.Extensions.dll
46 | /r:System.Web.Extensions.Design.dll
47 | /r:System.ServiceModel.Web.dll
48 |
49 | # Import System and Microsoft.VisualBasic
50 | /imports:System
51 | /imports:Microsoft.VisualBasic
52 | /imports:System.Linq
53 | /imports:System.Xml.Linq
54 |
55 | /optioninfer+
56 |
--------------------------------------------------------------------------------
/modules/fsx-windows/README.md:
--------------------------------------------------------------------------------
1 | # AWS Microsoft Managed AD Terraform module
2 |
3 | Terraform module which deploys Amazon FSx for Windows Filesystem integrated with AWS Managed Microsoft AD
4 |
5 | ## Providers
6 |
7 | - hashicorp/aws | version = "~> 5.0"
8 |
9 | ## Variables description
10 |
11 | - **automatic_backup_retention_days (number)**: The number of days to retain automatic backups. Minimum of 0 and maximum of 90
12 |
13 | - **deployment_type (string)**: Specifies the file system deployment type, valid values are MULTI_AZ_1, SINGLE_AZ_1 and SINGLE_AZ_2
14 |
15 | - **mad_domain_fqdn (string)**: FQDN of the AWS Managed Microsoft AD"
16 |
17 | - **managedad_id (string)**: Directory ID of the AWS Managed Microsoft AD"
18 |
19 | - **storage_capacity (number)**: Storage capacity (GiB) of the file system. Minimum of 32 and maximum of 65536
20 |
21 | - **storage_type (string)**: Specifies the storage type, valid values are SSD and HDD
22 |
23 | - **subnet_ids (list(string))**: Private subnet ID(s) for the Amazon FSx for Windows
24 |
25 | - **throughput_capacity (number)**: Throughput (megabytes per second) of the file system in power of 2 increments. Minimum of 8 and maximum of 2048
26 |
27 | - **vpc_id (map)**: VPC ID for the Amazon FSx for Windows
28 |
29 | ## Usage
30 |
31 | ```hcl
32 | module "fsx-windows" {
33 | source = "aws-samples/windows-workloads-on-aws/aws//modules/fsx-windows"
34 |
35 | automatic_backup_retention_days = 7
36 | deployment_type = "SINGLE_AZ_2"
37 | mad_domain_fqdn = "corp.example.com"
38 | managedad_id = "d-123456789"
39 | storage_capacity = 32
40 | storage_type = "SSD"
41 | subnet_ids = ["subnet-12345678"]
42 | throughput_capacity = 16
43 | vpc_id = "vpc-12345678"
44 | }
45 | ```
46 | ## Outputs
--------------------------------------------------------------------------------
/.github/workflows/terraform-lint-workflow.yml:
--------------------------------------------------------------------------------
1 | name: Terraform Lint Check
2 |
3 | on:
4 | pull_request:
5 | branches:
6 | - main
7 | push:
8 | branches:
9 | - main
10 |
11 | jobs:
12 | terraform-lint:
13 | defaults:
14 | run:
15 | working-directory: ./modules
16 | name: Terraform Lint Check
17 | runs-on: ubuntu-latest
18 |
19 | steps:
20 | # Checkout the repository
21 | - name: Checkout code
22 | uses: actions/checkout@v4
23 |
24 | # Set up Terraform
25 | - name: Set up Terraform
26 | uses: hashicorp/setup-terraform@v3
27 | with:
28 | terraform_version: 1.8.0
29 |
30 | # Install tflint (Terraform Linter)
31 | - name: Install tflint
32 | run: |
33 | curl -s https://raw.githubusercontent.com/terraform-linters/tflint/master/install_linux.sh | bash
34 |
35 | # Run tflint to lint the Terraform files
36 | - name: Run tflint
37 | run: tflint
38 |
39 | # Fail the workflow if tflint finds issues
40 | - name: Check for lint issues
41 | if: failure()
42 | run: |
43 | echo "Terraform linting failed. Please fix the issues before proceeding."
44 | exit 1
45 |
46 |
47 |
48 | # How it works:
49 |
50 | # 1. Triggering Events: The workflow triggers on pull requests and pushes to the main branch.
51 | # 2. Checkout Code: The repository’s code is checked out.
52 | # 3. Set up Terraform: Terraform is installed and set up using the specified version.
53 | # 4. Install tflint: The tflint tool, which lints Terraform files, is installed.
54 | # 5. Run tflint: The workflow runs tflint to check the Terraform files for linting issues.
55 | # 6. Fail the Workflow: If any linting issues are found, the workflow will fail the pull request or merge to the main branch by running the exit 1 command.
56 |
--------------------------------------------------------------------------------
/.github/workflows/terraform-fmt-workflow.yml:
--------------------------------------------------------------------------------
1 | name: Terraform FMT Check
2 |
3 | on:
4 | pull_request:
5 | branches:
6 | - main
7 | push:
8 | branches:
9 | - main
10 |
11 | jobs:
12 | terraform-fmt:
13 | defaults:
14 | run:
15 | working-directory: ./modules
16 | name: Terraform FMT Check
17 | runs-on: ubuntu-latest
18 |
19 | steps:
20 | # Checkout the repository
21 | - name: Checkout code
22 | uses: actions/checkout@v4
23 |
24 | # Set up Terraform
25 | - name: Set up Terraform
26 | uses: hashicorp/setup-terraform@v3
27 | with:
28 | terraform_version: 1.8.0
29 |
30 | # Run Terraform FMT and capture unformatted files
31 | - name: Check Terraform Formatting
32 | id: terraform_fmt
33 | run: |
34 | terraform fmt -check -recursive > fmt_output.txt || true
35 | if [ -s fmt_output.txt ]; then
36 | echo "The following files need to be formatted:"
37 | cat fmt_output.txt
38 | exit 1
39 | else
40 | echo "All Terraform files are properly formatted."
41 | fi
42 |
43 |
44 | # How This Script Works:
45 |
46 | # 1. Check Formatting and Capture Output:
47 | # • The command terraform fmt -check -recursive checks the formatting and writes any unformatted files to fmt_output.txt.
48 | # • The || true at the end ensures the script continues even if the command fails (which it will if there are unformatted files).
49 | # 2. Check for Unformatted Files:
50 | # • If fmt_output.txt is not empty (meaning there are unformatted files), the script outputs the list of unformatted files and exits with a status of 1 to fail the job.
51 | # • If fmt_output.txt is empty, the script confirms that all files are properly formatted.
52 | # 3. Failing the Workflow:
53 | # • The exit 1 command ensures that the workflow fails if there are any unformatted files.
54 |
--------------------------------------------------------------------------------
/modules/managed-ad/main.tf:
--------------------------------------------------------------------------------
1 | ## Sets providers settings
2 |
3 | terraform {
4 | required_providers {
5 | aws = {
6 | source = "hashicorp/aws"
7 | version = "~> 5.0"
8 | }
9 | random = {
10 | source = "hashicorp/random"
11 | version = "~> 3.6.0"
12 | }
13 | }
14 | }
15 |
16 | provider "aws" {
17 | region = var.aws_region
18 | }
19 |
20 | ## Sets Admin secret
21 |
22 | resource "random_password" "mad_admin_password" {
23 | length = 16
24 | special = true
25 | override_special = "!#$%&*()-_=+[]{}<>:?"
26 | }
27 |
28 | resource "aws_secretsmanager_secret" "mad_admin_secret" {
29 | name = "${var.ds_managed_ad_directory_name}_${local.ds_managed_ad_admin_secret_sufix}"
30 | kms_key_id = var.ds_managed_ad_secret_key
31 | recovery_window_in_days = 30
32 | }
33 |
34 | resource "aws_secretsmanager_secret_version" "mad_admin_secret_version" {
35 | secret_id = aws_secretsmanager_secret.mad_admin_secret.id
36 | secret_string = random_password.mad_admin_password.result
37 | }
38 |
39 | ## MAD deployment
40 |
41 | resource "aws_directory_service_directory" "ds_managed_ad" {
42 | name = var.ds_managed_ad_directory_name
43 | short_name = var.ds_managed_ad_short_name
44 | password = aws_secretsmanager_secret_version.mad_admin_secret_version.secret_string
45 | edition = var.ds_managed_ad_edition
46 | type = local.ds_managed_ad_type
47 |
48 | vpc_settings {
49 | vpc_id = var.vpc_id
50 | subnet_ids = [var.private_subnet_id_1, var.private_subnet_id_2]
51 | }
52 | }
53 |
54 | ## Sets MAD security group egress
55 |
56 | resource "aws_security_group_rule" "ds_managed_ad_secgroup" {
57 | type = "egress"
58 | description = "Allowing outbound traffic"
59 | to_port = 0
60 | protocol = "-1"
61 | cidr_blocks = ["0.0.0.0/0"]
62 | from_port = 0
63 | security_group_id = aws_directory_service_directory.ds_managed_ad.security_group_id
64 | }
65 |
--------------------------------------------------------------------------------
/modules/beanstalk/variables.tf:
--------------------------------------------------------------------------------
1 | variable "region" {
2 | type = string
3 | description = "AWS Region where the resources will be deployed"
4 | default = "us-east-1"
5 | }
6 |
7 | variable "vpc_id" {
8 | type = string
9 | description = "VPC ID where the environment will be deployed"
10 | default = null
11 | }
12 |
13 | variable "private_subnets" {
14 | type = list(string)
15 | description = "Private subnets where the application will be deployed"
16 | default = null
17 | }
18 |
19 | variable "public_subnets" {
20 | type = list(string)
21 | description = "Public subnets where the ALB will be deployed"
22 | default = null
23 | }
24 |
25 | variable "beanstalk_net_windows_application_name" {
26 | type = string
27 | description = "Beanstalk application name"
28 | }
29 |
30 | variable "beanstalk_net_windows_application_description" {
31 | type = string
32 | description = "Beanstalk application description"
33 | }
34 |
35 | variable "beanstalk_net_windows_environment_name" {
36 | type = string
37 | description = "Beanstalk environment name"
38 | }
39 |
40 | variable "ec2_instance_type" {
41 | type = string
42 | default = "t3.medium"
43 | description = "Sets EC2 instance type (default = t3.medium)"
44 | }
45 |
46 | variable "acm_arn" {
47 | type = string
48 | default = null
49 | description = "ACM certificate ARN to enable HTTPS"
50 | }
51 |
52 | variable "asg_min_instances" {
53 | type = number
54 | default = 1
55 | description = "Minimum number of instances to be addressed via ASG (default = 1)"
56 | }
57 |
58 | variable "asg_max_instances" {
59 | type = number
60 | default = 2
61 | description = "Maximum number of instances to be addressed via ASG (default = 2)"
62 | }
63 |
64 | variable "tags" {
65 | type = map(any)
66 | default = {}
67 | }
68 |
69 | variable "key_name" {
70 | type = string
71 | description = "Key pair to securely log into the EC2 instances"
72 | }
--------------------------------------------------------------------------------
/workshops/ENT303/existing_webserverfiles/Views/Web.config:
--------------------------------------------------------------------------------
1 |
2 |
3 | 29 | 32 |