├── .gitignore ├── Section-08-local-exec ├── webserver_public_ip.txt ├── webserver_private_ip.txt ├── provider.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-08-remote-exec ├── provider.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-03-single-server-to-cluster-weberver-asg-alb ├── README.md ├── 01-deploy-single-server │ ├── provider.tf │ ├── output.tf │ ├── main.tf │ └── securitygroups.tf ├── 02-deploy-single-web-server │ ├── provider.tf │ ├── output.tf │ ├── securitygroups.tf │ └── webserver.tf ├── 04-deploy-cluster-of-webservers │ ├── provider.tf │ ├── output.tf │ ├── securitygroups.tf │ ├── variables.tf │ └── main.tf ├── 03-deploy-configurable-sever-use-variables │ ├── provider.tf │ ├── output.tf │ ├── securitygroups.tf │ ├── variables.tf │ └── main.tf ├── 05-deploy-cluster-of-webservers-in-autoscale-group │ ├── provider.tf │ ├── output.tf │ ├── auto_scaling_group.tf │ ├── auto_scaling_policy.tf │ ├── securitygroups.tf │ ├── main.tf │ ├── variables.tf │ └── asg_launch_conf.tf └── 06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer │ ├── provider.tf │ ├── output.tf │ ├── auto_scaling_group.tf │ ├── elb_security_group.tf │ ├── elastic_load_balancer.tf │ ├── variables.tf │ ├── server_security_group.tf │ └── asg_launch_conf.tf ├── Section-07-vpc-subnet-igw-natgw ├── provider.tf ├── remote_state.tf └── vpc-subnet-nat-gw-nat-gw.tf ├── Section-07-working-with-ebs ├── provider.tf ├── route53.tf ├── webser_ebs.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-09-workspace-commands ├── provider.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-09-workspace-demo ├── provider.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-09-workspace-tfvars ├── provider.tf ├── variables.tf ├── security_group.tf └── webserver.tf ├── Section-06-Remote-state ├── webserver │ ├── provider.tf │ ├── variables.tf │ ├── webserver.tf │ └── security_group.tf ├── global-security-group │ ├── provider.tf │ ├── output.tf │ ├── tf_remote_state.tf │ └── global_sg.tf └── sec-06-tf-state-storage │ ├── provider.tf │ ├── output.tf │ ├── variables.tf │ ├── security_group.tf │ └── webserver.tf ├── Section-05-modules ├── tf-module-lab-demo │ ├── prod │ │ └── apps │ │ │ ├── provider.tf │ │ │ ├── outputs.tf │ │ │ ├── variables.tf │ │ │ └── main.tf │ ├── stage │ │ └── apps │ │ │ ├── provider.tf │ │ │ ├── outputs.tf │ │ │ ├── variables.tf │ │ │ └── main.tf │ └── module │ │ └── webservers-elb-asg │ │ ├── output.tf │ │ ├── user_data.sh │ │ ├── autoscale_target_policy.tf │ │ ├── route53.tf │ │ ├── autoscale_group.tf │ │ ├── elastic-load-balancer.tf │ │ ├── variables.tf │ │ ├── launch_config.tf │ │ └── security_group.tf └── tf-module-versioning-stack │ ├── prod │ └── apps │ │ ├── provider.tf │ │ ├── outputs.tf │ │ ├── variables.tf │ │ └── main.tf │ ├── stage │ └── apps │ │ ├── provider.tf │ │ ├── outputs.tf │ │ ├── variables.tf │ │ └── main.tf │ └── module │ ├── output.tf │ ├── user_data.sh │ ├── autoscale_target_policy.tf │ ├── route53.tf │ ├── autoscale_group.tf │ ├── elastic-load-balancer.tf │ ├── variables.tf │ ├── launch_config.tf │ └── security_group.tf ├── Section-07-working-with-iam-role-policy ├── provider.tf ├── variables.tf ├── security_group.tf ├── policy.tf ├── iam-role.tf └── webserver.tf ├── Section-09-create-identical-infra-using-tfvars ├── provider.tf ├── remote_state.tf ├── golden_gate.tfvars ├── variables.tf ├── silicon_valley.tfvars ├── security_group.tf └── webserver.tf ├── Section-10-RealWorldProject └── tf-deploy-jenkins-ci │ ├── provider.tf │ ├── variable.tf │ ├── iam-role.tf │ ├── security_group.tf │ ├── policy.tf │ └── jenkins-ec2.tf └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | .terraform* 2 | terraform* 3 | -------------------------------------------------------------------------------- /Section-08-local-exec/webserver_public_ip.txt: -------------------------------------------------------------------------------- 1 | 18.207.211.77 2 | -------------------------------------------------------------------------------- /Section-08-local-exec/webserver_private_ip.txt: -------------------------------------------------------------------------------- 1 | 172.31.93.147 2 | -------------------------------------------------------------------------------- /Section-08-local-exec/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-08-remote-exec/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/README.md: -------------------------------------------------------------------------------- 1 | #the-complete-terraform-course 2 | -------------------------------------------------------------------------------- /Section-07-vpc-subnet-igw-natgw/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } -------------------------------------------------------------------------------- /Section-07-working-with-ebs/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-09-workspace-commands/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-09-workspace-demo/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-09-workspace-tfvars/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-06-Remote-state/webserver/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/prod/apps/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/stage/apps/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-06-Remote-state/global-security-group/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | -------------------------------------------------------------------------------- /Section-07-working-with-iam-role-policy/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-06-Remote-state/sec-06-tf-state-storage/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-10-RealWorldProject/tf-deploy-jenkins-ci/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/prod/apps/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/stage/apps/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/prod/apps/outputs.tf: -------------------------------------------------------------------------------- 1 | output "elb_dns_name" { 2 | value = "${module.webservers.DNS_name_elb}" 3 | } -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/stage/apps/outputs.tf: -------------------------------------------------------------------------------- 1 | output "elb_dns_name" { 2 | value = "${module.webservers.DNS_name_elb}" 3 | } -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/01-deploy-single-server/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/prod/apps/outputs.tf: -------------------------------------------------------------------------------- 1 | output "elb_dns_name" { 2 | value = "${module.webservers.DNS_name_elb}" 3 | } -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/stage/apps/outputs.tf: -------------------------------------------------------------------------------- 1 | output "elb_dns_name" { 2 | value = "${module.webservers.DNS_name_elb}" 3 | } -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/02-deploy-single-web-server/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | -------------------------------------------------------------------------------- /Section-06-Remote-state/sec-06-tf-state-storage/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = [ "${aws_instance.hellow-world.*.public_ip}"] 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/04-deploy-cluster-of-webservers/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/01-deploy-single-server/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = "${aws_instance.hello-world.public_ip}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/03-deploy-configurable-sever-use-variables/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/02-deploy-single-web-server/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = "${aws_instance.My-Webserver.public_ip}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/stage/apps/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | 5 | variable "vpc_id" { 6 | default = "vpc-cd8735b7" 7 | } 8 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/04-deploy-cluster-of-webservers/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = [ "${aws_instance.My-Webserver.*.public_ip}"] 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/prod/apps/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | variable "region" { 3 | default = "us-east-1" 4 | } 5 | 6 | variable "vpc_id" { 7 | default = "vpc-cd8735b7" 8 | } 9 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/03-deploy-configurable-sever-use-variables/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = "${aws_instance.My-Webserver.public_ip}" 3 | } 4 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/prod/apps/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | 4 | } 5 | variable "vpc_id" { 6 | default = "vpc-cd8735b7" 7 | } 8 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/stage/apps/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | 4 | } 5 | variable "vpc_id" { 6 | default = "vpc-cd8735b7" 7 | } 8 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/output.tf: -------------------------------------------------------------------------------- 1 | output "asg_arn" { 2 | value = [ "${aws_autoscaling_group.my_first_asg.arn}"] 3 | } 4 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/output.tf: -------------------------------------------------------------------------------- 1 | output "elb_endpoint" { 2 | value = [ "${aws_elb.my_first_elb.dns_name}"] 3 | } 4 | -------------------------------------------------------------------------------- /Section-06-Remote-state/global-security-group/output.tf: -------------------------------------------------------------------------------- 1 | output "global_sg_id" { 2 | description ="output global security group id" 3 | value="${aws_security_group.allow_db.id}" 4 | sensitive = true 5 | } 6 | -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/remote_state.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend s3 { 3 | encrypt=true 4 | bucket = "terraformiac-mystach-tfstate" 5 | region = "us-east-1" 6 | dynamodb_table = "terraform-state" 7 | } 8 | } -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/golden_gate.tfvars: -------------------------------------------------------------------------------- 1 | project= "golden_gate" 2 | region = "us-east-1" 3 | http_port = 80 4 | ssh_port= 22 5 | my_system = "98.207.180.245/32" 6 | ami ="ami-0a313d6098716f372" 7 | instance_type = "t2.micro" -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/variables.tf: -------------------------------------------------------------------------------- 1 | variable "project" { } 2 | variable "region" { } 3 | variable "http_port" { } 4 | variable "ssh_port" { } 5 | variable "my_system" { } 6 | variable "ami" { } 7 | variable "instance_type" { } -------------------------------------------------------------------------------- /Section-10-RealWorldProject/tf-deploy-jenkins-ci/variable.tf: -------------------------------------------------------------------------------- 1 | variable ami { default = "ami-0a313d6098716f372" } 2 | variable region { default = "us-east-1" } 3 | variable project { default = "jenkins" } 4 | variable mysystem { default = "98.207.180.245/32" } 5 | -------------------------------------------------------------------------------- /Section-07-vpc-subnet-igw-natgw/remote_state.tf: -------------------------------------------------------------------------------- 1 | #terraform { 2 | #backend s3 { 3 | #encrypt=true 4 | #bucket = "terraformiac-mystach-tfstate" 5 | #region = "us-east-1" 6 | #dynamodb_table = "terraform-state" 7 | #key="stage_vpc/terraform.tfstate" 8 | #} 9 | #} 10 | -------------------------------------------------------------------------------- /Section-06-Remote-state/global-security-group/tf_remote_state.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend s3 { 3 | encrypt=true 4 | bucket = "terraformiac-mystach-tfstate" 5 | key = "global_security_group/terraform.tfstate" 6 | region = "us-east-1" 7 | dynamodb_table = "terraform-state" 8 | } 9 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ultimate-terraform-course-for-devops 2 | these terraform codes arranged in order from basics to advanced. It starts with creating and deploying single ec2 instance all the way up to deploying multiple cluster of web servers in Auto Scaling Group and Application Load Balancers. 3 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/01-deploy-single-server/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hello-world" { 2 | 3 | ami = "ami-0a313d6098716f372" 4 | instance_type = "t2.micro" 5 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 6 | key_name = "terraform" 7 | tags = { 8 | Name = "Hello world" 9 | } 10 | 11 | } 12 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/output.tf: -------------------------------------------------------------------------------- 1 | output "DNS_name_elb" { 2 | description = "outputs dns endpoint of the ELB" 3 | value ="${aws_elb.my_first_elb.dns_name}" 4 | } 5 | 6 | output "my_module_sg_id" { 7 | description = "outputs webserver security group id" 8 | value ="${aws_security_group.webserver_sg.id}" 9 | } 10 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/output.tf: -------------------------------------------------------------------------------- 1 | output "DNS_name_elb" { 2 | description = "outputs dns endpoint of the ELB" 3 | value ="${aws_elb.my_first_elb.dns_name}" 4 | } 5 | 6 | output "my_module_sg_id" { 7 | description = "outputs webserver security group id" 8 | value ="${aws_security_group.webserver_sg.id}" 9 | } 10 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/user_data.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 3 | /usr/bin/apt-get update 4 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 5 | /usr/bin/apt-get install apache2 -y 6 | /usr/sbin/ufw allow in "Apache Full" 7 | /bin/echo "Hello world " >/var/www/html/index.html 8 | -------------------------------------------------------------------------------- /Section-07-working-with-ebs/route53.tf: -------------------------------------------------------------------------------- 1 | resource "aws_route53_zone" "my_private_zone" { 2 | name = "myr53zone.com" 3 | } 4 | 5 | resource "aws_route53_record" "webserver" { 6 | zone_id = "${aws_route53_zone.my_private_zone.zone_id}" 7 | name = "web.myr53zone.com" 8 | type = "A" 9 | ttl = "300" 10 | records = ["${aws_instance.hellow-world.private_ip}"] 11 | } -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/user_data.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 3 | /usr/bin/apt-get update 4 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 5 | /usr/bin/apt-get install apache2 -y 6 | /usr/sbin/ufw allow in "Apache Full" 7 | /bin/echo "Hello world " >/var/www/html/index.html 8 | -------------------------------------------------------------------------------- /Section-07-working-with-ebs/webser_ebs.tf: -------------------------------------------------------------------------------- 1 | resource "aws_ebs_volume" "web-ebs" { 2 | availability_zone = "${var.az}" 3 | size = 10 4 | type = "gp2" 5 | tags = { 6 | Name = "webserver_data" 7 | } 8 | } 9 | resource "aws_volume_attachment" "web-ebs-attach" { 10 | device_name = "/dev/sdd" 11 | volume_id = "${aws_ebs_volume.web-ebs.id}" 12 | instance_id="${aws_instance.hellow-world.id}" 13 | } -------------------------------------------------------------------------------- /Section-08-local-exec/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | default = "t2.micro" 20 | } 21 | 22 | -------------------------------------------------------------------------------- /Section-06-Remote-state/webserver/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | default = "t2.micro" 20 | } 21 | 22 | -------------------------------------------------------------------------------- /Section-06-Remote-state/sec-06-tf-state-storage/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | default = "t2.micro" 20 | } 21 | 22 | -------------------------------------------------------------------------------- /Section-08-remote-exec/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | # default = "ami-0a313d6098716f372" 16 | default="ami-07d0cf3af28718ef8" 17 | } 18 | 19 | variable "instance_type" { 20 | default = "t2.micro" 21 | } 22 | 23 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/auto_scaling_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_group" "my_first_asg" { 2 | launch_configuration = aws_launch_configuration.my-first-launch-conf.id 3 | availability_zones = var.azs 4 | 5 | min_size = 2 6 | max_size = 10 7 | desired_capacity = 3 8 | tag { 9 | key = "Name" 10 | value = "terraform-asg" 11 | propagate_at_launch = true 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/silicon_valley.tfvars: -------------------------------------------------------------------------------- 1 | #terraform init -var-file="silicon_valley.tfvars" -backend-config="key=silicon_valley/terraform.tfstate" -reconfigure 2 | #terraform plan -var-file="silicon_valley.tfvars" 3 | #terraform apply -var-file="silicon_valley.tfvars" 4 | project= "Silicon_Valley" 5 | region = "us-east-1" 6 | http_port = 80 7 | ssh_port= 22 8 | my_system = "98.207.180.245/32" 9 | ami ="ami-0a313d6098716f372" 10 | instance_type = "t2.micro" -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/01-deploy-single-server/securitygroups.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | 3 | ingress { 4 | from_port = 22 5 | to_port = 22 6 | protocol = "tcp" 7 | cidr_blocks = [ "73.241.51.131/32"] 8 | } 9 | 10 | egress { 11 | from_port = 0 12 | to_port = 0 13 | protocol = "-1" 14 | cidr_blocks = ["0.0.0.0/0"] 15 | } 16 | 17 | } 18 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/autoscale_target_policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_policy" "my_asg_policy" { 2 | name = "${var.cluster}-webservers_autoscale_policy" 3 | policy_type = "TargetTrackingScaling" 4 | autoscaling_group_name = aws_autoscaling_group.my_first_asg.name 5 | target_tracking_configuration { 6 | predefined_metric_specification { 7 | predefined_metric_type = "ASGAverageCPUUtilization" 8 | } 9 | target_value = "60" 10 | } 11 | 12 | } 13 | -------------------------------------------------------------------------------- /Section-07-working-with-ebs/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | default = "t2.micro" 20 | } 21 | 22 | variable "az" { 23 | default="us-east-1a" 24 | } 25 | 26 | 27 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/autoscale_target_policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_policy" "my_asg_policy" { 2 | name = "${var.cluster}-webservers_autoscale_policy" 3 | policy_type = "TargetTrackingScaling" 4 | autoscaling_group_name = aws_autoscaling_group.my_first_asg.name 5 | target_tracking_configuration { 6 | predefined_metric_specification { 7 | predefined_metric_type = "ASGAverageCPUUtilization" 8 | } 9 | target_value = "60" 10 | } 11 | 12 | } 13 | -------------------------------------------------------------------------------- /Section-07-working-with-iam-role-policy/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | default = "t2.micro" 20 | } 21 | 22 | variable "az" { 23 | default = "us-east-1a" 24 | } 25 | 26 | 27 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/auto_scaling_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_group" "my_first_asg" { 2 | launch_configuration = aws_launch_configuration.my-first-launch-conf.id 3 | availability_zones = var.azs 4 | load_balancers = [ aws_elb.my_first_elb.name ] 5 | min_size = 2 6 | max_size = 10 7 | desired_capacity = 3 8 | tag { 9 | key = "Name" 10 | value = "terraform-asg" 11 | propagate_at_launch = true 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/route53.tf: -------------------------------------------------------------------------------- 1 | resource "aws_route53_zone" "main" { 2 | name = "${var.environment}-myterraform.com" 3 | vpc { 4 | vpc_id = var.vpc_id 5 | } 6 | 7 | tags = { 8 | Environment = var.environment 9 | } 10 | } 11 | 12 | resource "aws_route53_record" "elb-endpoint" { 13 | zone_id = aws_route53_zone.main.zone_id 14 | name = "${var.environment}-chat" 15 | type = "CNAME" 16 | ttl = "300" 17 | records = [ aws_elb.my_first_elb.dns_name ] 18 | } 19 | -------------------------------------------------------------------------------- /Section-06-Remote-state/global-security-group/global_sg.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_db" { 2 | name = "allow_db" 3 | description = "Allow TLS inbound traffic" 4 | 5 | 6 | ingress { 7 | 8 | from_port = 1521 9 | to_port = 1521 10 | protocol = "tcp" 11 | cidr_blocks = ["10.145.8.0/25"] 12 | } 13 | 14 | egress { 15 | from_port = 0 16 | to_port = 0 17 | protocol = "-1" 18 | cidr_blocks = ["0.0.0.0/0"] 19 | 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /Section-09-workspace-demo/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | variable "http_port" { 5 | default = 80 6 | } 7 | variable "ssh_port" { 8 | default = 22 9 | } 10 | variable "my_system" { 11 | default = "98.207.180.245/32" 12 | } 13 | 14 | variable "ami" { 15 | default = "ami-0a313d6098716f372" 16 | } 17 | 18 | variable "instance_type" { 19 | type = map 20 | default = { 21 | default = "t2.micro" 22 | stage = "t2.nano" 23 | prod = "t2.large" 24 | } 25 | 26 | } 27 | 28 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/elb_security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "elb_sg" { 2 | 3 | ingress { 4 | from_port = var.server_port 5 | to_port = var.server_port 6 | protocol = "tcp" 7 | cidr_blocks = [ var.my_public_ip ] 8 | } 9 | 10 | egress { 11 | from_port = 0 12 | to_port = 0 13 | protocol = "-1" 14 | cidr_blocks = ["0.0.0.0/0"] 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/route53.tf: -------------------------------------------------------------------------------- 1 | resource "aws_route53_zone" "main" { 2 | name = "${var.environment}-myterraform.com" 3 | vpc { 4 | vpc_id = var.vpc_id 5 | } 6 | 7 | tags = { 8 | Environment = var.environment 9 | } 10 | } 11 | 12 | resource "aws_route53_record" "elb-endpoint" { 13 | zone_id = aws_route53_zone.main.zone_id 14 | name = "${var.environment}-chat" 15 | type = "CNAME" 16 | ttl = "300" 17 | records = [ aws_elb.my_first_elb.dns_name ] 18 | } 19 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/auto_scaling_policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_policy" "my_asg_policy" { 2 | name = "webservers_autoscale_policy" 3 | policy_type = "TargetTrackingScaling" 4 | autoscaling_group_name = aws_autoscaling_group.my_first_asg.name 5 | 6 | target_tracking_configuration { 7 | predefined_metric_specification { 8 | predefined_metric_type = "ASGAverageCPUUtilization" 9 | } 10 | target_value = "60" 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/autoscale_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_group" "my_first_asg" { 2 | name = "${var.cluster}-websever-asg" 3 | launch_configuration = aws_launch_configuration.my-first-launch-conf.name 4 | load_balancers = [ aws_elb.my_first_elb.name ] 5 | availability_zones = var.azs 6 | min_size = 2 7 | max_size = 10 8 | desired_capacity = 3 9 | 10 | tag { 11 | key = "Name" 12 | value = "terraform-asg-${var.environment}" 13 | propagate_at_launch = true 14 | } 15 | 16 | } 17 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/autoscale_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_autoscaling_group" "my_first_asg" { 2 | name = "${var.cluster}-websever-asg" 3 | launch_configuration = aws_launch_configuration.my-first-launch-conf.name 4 | load_balancers = [ aws_elb.my_first_elb.name ] 5 | availability_zones = var.azs 6 | min_size = 2 7 | max_size = 10 8 | desired_capacity = 3 9 | 10 | tag { 11 | key = "Name" 12 | value = "terraform-asg-${var.environment}" 13 | propagate_at_launch = true 14 | } 15 | 16 | } 17 | -------------------------------------------------------------------------------- /Section-09-workspace-commands/variables.tf: -------------------------------------------------------------------------------- 1 | variable "instance_type" { 2 | type = map 3 | 4 | default = { 5 | default = "t2.nano" 6 | stage = "t2.micro" 7 | prod = "t2.large" 8 | 9 | } 10 | } 11 | 12 | 13 | variable "region" { 14 | default = "us-east-1" 15 | } 16 | variable "http_port" { 17 | default = 80 18 | } 19 | variable "ssh_port" { 20 | default = 22 21 | } 22 | variable "my_system" { 23 | default = "98.207.180.245/32" 24 | } 25 | 26 | variable "ami" { 27 | default = "ami-0a313d6098716f372" 28 | } 29 | 30 | 31 | -------------------------------------------------------------------------------- /Section-09-workspace-tfvars/variables.tf: -------------------------------------------------------------------------------- 1 | variable "instance_type" { 2 | type = map 3 | 4 | default = { 5 | default = "t2.nano" 6 | stage = "t2.micro" 7 | prod = "t2.large" 8 | 9 | } 10 | } 11 | 12 | 13 | variable "region" { 14 | default = "us-east-1" 15 | } 16 | variable "http_port" { 17 | default = 80 18 | } 19 | variable "ssh_port" { 20 | default = 22 21 | } 22 | variable "my_system" { 23 | default = "98.207.180.245/32" 24 | } 25 | 26 | variable "ami" { 27 | default = "ami-0a313d6098716f372" 28 | } 29 | 30 | 31 | -------------------------------------------------------------------------------- /Section-07-working-with-iam-role-policy/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | 3 | ingress { 4 | from_port = "${var.http_port}" 5 | to_port = "${var.http_port}" 6 | protocol = "tcp" 7 | cidr_blocks = ["${var.my_system}"] 8 | } 9 | ingress { 10 | from_port = "${var.ssh_port}" 11 | to_port = "${var.ssh_port}" 12 | protocol = "tcp" 13 | cidr_blocks = ["${var.my_system}"] 14 | } 15 | egress { 16 | from_port = 0 17 | to_port = 0 18 | protocol = "-1" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | } 23 | -------------------------------------------------------------------------------- /Section-07-working-with-iam-role-policy/policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_iam_policy" "s3_policy" { 2 | name = "s3_policy" 3 | path = "/" 4 | description = "s3 policy for Instance " 5 | 6 | policy = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | # /usr/bin/apt-get update 14 | # DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | # /usr/bin/apt-get install apache2 -y 16 | # /usr/sbin/ufw allow in "Apache Full" 17 | # /bin/echo "Hello world " >/var/www/html/index.html 18 | # EOF 19 | #} 20 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/variables.tf: -------------------------------------------------------------------------------- 1 | variable "environment" { 2 | description= "type of environment , prod or stg or dev " 3 | default="stg" 4 | } 5 | 6 | variable "vpc_id" { 7 | description = "provide vpc_id" 8 | } 9 | 10 | variable "instance_type" { 11 | description = "instance type ..." 12 | default = "t2.micro" 13 | } 14 | 15 | variable "cluster" { 16 | 17 | } 18 | 19 | variable "region" { 20 | default = "us-east-1" 21 | } 22 | variable "http_port" { 23 | default = 80 24 | } 25 | variable "ssh_port" { 26 | default = 22 27 | } 28 | variable "my_system" { 29 | default = "98.207.180.245/32" 30 | } 31 | 32 | variable "ami" { 33 | default = "ami-0a313d6098716f372" 34 | } 35 | 36 | variable "azs" { 37 | default = [ "us-east-1a", "us-east-1b", "us-east-1c"] 38 | } 39 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/02-deploy-single-web-server/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "My-Webserver" { 2 | 3 | ami = "ami-0a313d6098716f372" 4 | instance_type = "t2.micro" 5 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 6 | tags = { 7 | Name = "My-Webserver" 8 | } 9 | key_name = "terraform" 10 | user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | /usr/bin/apt-get update 14 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | /usr/bin/apt-get install apache2 -y 16 | /usr/sbin/ufw allow in "Apache Full" 17 | /bin/echo "Hello world " >/var/www/html/index.html 18 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 19 | echo $instance_ip >>/var/www/html/index.html 20 | EOF 21 | } 22 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/04-deploy-cluster-of-webservers/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = " it will define the AWS region " 3 | default = "us-east-1" 4 | } 5 | variable "server_port" { 6 | description = " http service listen on ths port " 7 | default = "80" 8 | } 9 | 10 | variable "ssh_port" { 11 | description = "ssh request to server " 12 | default = "22" 13 | } 14 | variable "instance_type" { 15 | description = "AWS ec2 instance type" 16 | default="t2.micro" 17 | } 18 | variable "my_public_ip" { 19 | description = "My local system public IP ..." 20 | default = "98.207.180.245/32" 21 | } 22 | variable "ami" { 23 | description = "amazon machine image" 24 | default = "ami-0a313d6098716f372" 25 | } 26 | 27 | variable "azs" { 28 | default = [ "us-east-1a", "us-east-1b", "us-east-1c"] 29 | } 30 | -------------------------------------------------------------------------------- /Section-07-working-with-ebs/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | availability_zone = "${var.az}" 6 | key_name = "terraform" 7 | tags = { 8 | Name = "Hello world" 9 | } 10 | user_data = <<-EOF 11 | #!/bin/bash 12 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | /usr/bin/apt-get update 14 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | /usr/bin/apt-get install apache2 -y 16 | /usr/sbin/ufw allow in "Apache Full" 17 | /bin/echo "Hello world " >/var/www/html/index.html 18 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 19 | echo $instance_ip >>/var/www/html/index.html 20 | EOF 21 | 22 | } -------------------------------------------------------------------------------- /Section-09-create-identical-infra-using-tfvars/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world - ${var.project}" 8 | } 9 | user_data = <<-EOF 10 | #!/bin/bash 11 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 12 | /usr/bin/apt-get update 13 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 14 | /usr/bin/apt-get install apache2 -y 15 | /usr/sbin/ufw allow in "Apache Full" 16 | /bin/echo "Hello world " >/var/www/html/index.html 17 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 18 | echo $instance_ip >>/var/www/html/index.html 19 | EOF 20 | 21 | } -------------------------------------------------------------------------------- /Section-06-Remote-state/sec-06-tf-state-storage/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | count = 3 4 | instance_type = "${var.instance_type}" 5 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 6 | key_name = "terraform" 7 | tags = { 8 | Name = "Hello world-${count.index}" 9 | } 10 | user_data = <<-EOF 11 | #!/bin/bash 12 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | /usr/bin/apt-get update 14 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | /usr/bin/apt-get install apache2 -y 16 | /usr/sbin/ufw allow in "Apache Full" 17 | /bin/echo "Hello world " >/var/www/html/index.html 18 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 19 | echo $instance_ip >>/var/www/html/index.html 20 | EOF 21 | 22 | } -------------------------------------------------------------------------------- /Section-09-workspace-demo/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${lookup(var.instance_type,terraform.workspace)}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world-${terraform.workspace}" 8 | } 9 | user_data = <<-EOF 10 | #!/bin/bash 11 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 12 | /usr/bin/apt-get update 13 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 14 | /usr/bin/apt-get install apache2 -y 15 | /usr/sbin/ufw allow in "Apache Full" 16 | /bin/echo "Hello world " >/var/www/html/index.html 17 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 18 | echo $instance_ip >>/var/www/html/index.html 19 | EOF 20 | 21 | } -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = " it will define the AWS region " 3 | default = "us-east-1" 4 | } 5 | variable "server_port" { 6 | description = " http service listen on ths port " 7 | default = "80" 8 | } 9 | 10 | variable "ssh_port" { 11 | description = "ssh request to server " 12 | default = "22" 13 | } 14 | variable "instance_type" { 15 | description = "AWS ec2 instance type" 16 | default="t2.micro" 17 | } 18 | variable "my_public_ip" { 19 | description = "My local system public IP ..." 20 | default = "98.207.180.245/32" 21 | } 22 | variable "ami" { 23 | description = "amazon machine image" 24 | default = "ami-0a313d6098716f372" 25 | } 26 | 27 | variable "azs" { 28 | default = [ "us-east-1a", "us-east-1b", "us-east-1c"] 29 | } 30 | -------------------------------------------------------------------------------- /Section-09-workspace-tfvars/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${lookup(var.instance_type , terraform.workspace) }" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world - ${terraform.workspace}" 8 | } 9 | user_data = <<-EOF 10 | #!/bin/bash 11 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 12 | /usr/bin/apt-get update 13 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 14 | /usr/bin/apt-get install apache2 -y 15 | /usr/sbin/ufw allow in "Apache Full" 16 | /bin/echo "Hello world " >/var/www/html/index.html 17 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 18 | echo $instance_ip >>/var/www/html/index.html 19 | EOF 20 | 21 | } -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = " it will define the AWS region " 3 | default = "us-east-1" 4 | } 5 | variable "server_port" { 6 | description = " http service listen on ths port " 7 | default = "80" 8 | } 9 | 10 | variable "ssh_port" { 11 | description = "ssh request to server " 12 | default = "22" 13 | } 14 | variable "instance_type" { 15 | description = "AWS ec2 instance type" 16 | default="t2.micro" 17 | } 18 | variable "my_public_ip" { 19 | description = "My local system public IP ..." 20 | default = "98.207.180.245/32" 21 | } 22 | variable "ami" { 23 | description = "amazon machine image" 24 | default = "ami-0a313d6098716f372" 25 | } 26 | 27 | variable "azs" { 28 | default = [ "us-east-1a", "us-east-1b", "us-east-1c"] 29 | } 30 | -------------------------------------------------------------------------------- /Section-09-workspace-commands/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${lookup(var.instance_type , terraform.workspace) }" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world - ${terraform.workspace}" 8 | } 9 | user_data = <<-EOF 10 | #!/bin/bash 11 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 12 | /usr/bin/apt-get update 13 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 14 | /usr/bin/apt-get install apache2 -y 15 | /usr/sbin/ufw allow in "Apache Full" 16 | /bin/echo "Hello world " >/var/www/html/index.html 17 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 18 | echo $instance_ip >>/var/www/html/index.html 19 | EOF 20 | 21 | } -------------------------------------------------------------------------------- /Section-06-Remote-state/webserver/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}","${data.terraform_remote_state.global_sg.outputs.global_sg_id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world" 8 | } 9 | user_data = <<-EOF 10 | #!/bin/bash 11 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 12 | /usr/bin/apt-get update 13 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 14 | /usr/bin/apt-get install apache2 -y 15 | /usr/sbin/ufw allow in "Apache Full" 16 | /bin/echo "Hello world " >/var/www/html/index.html 17 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 18 | echo $instance_ip >>/var/www/html/index.html 19 | EOF 20 | 21 | } -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/05-deploy-cluster-of-webservers-in-autoscale-group/asg_launch_conf.tf: -------------------------------------------------------------------------------- 1 | resource aws_launch_configuration "my-first-launch-conf" { 2 | name = "webserver-launch" 3 | image_id = var.ami 4 | instance_type = var.instance_type 5 | security_groups=["${aws_security_group.webserver_sg.id}"] 6 | key_name = "terraform" 7 | user_data = <<-EOF 8 | #!/bin/bash 9 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 10 | /usr/bin/apt-get update 11 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 12 | /usr/bin/apt-get install apache2 -y 13 | /usr/sbin/ufw allow in "Apache Full" 14 | /bin/echo "Hello world " >/var/www/html/index.html 15 | instance_ip=`curl http://169.254.169.254/latest/meta-data/public-ipv4` 16 | echo $instance_ip >>/var/www/html/index.html 17 | EOF 18 | } 19 | -------------------------------------------------------------------------------- /Section-06-Remote-state/webserver/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | 3 | ingress { 4 | from_port = "${var.http_port}" 5 | to_port = "${var.http_port}" 6 | protocol = "tcp" 7 | cidr_blocks = [ "${var.my_system}"] 8 | } 9 | ingress { 10 | from_port = "${var.ssh_port}" 11 | to_port = "${var.ssh_port}" 12 | protocol = "tcp" 13 | cidr_blocks = [ "${var.my_system}"] 14 | } 15 | egress { 16 | from_port = 0 17 | to_port = 0 18 | protocol = "-1" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | } 23 | 24 | data "terraform_remote_state" "global_sg" { 25 | backend = "s3" 26 | config = { 27 | bucket = "terraformiac-mystach-tfstate" 28 | key = "global_security_group/terraform.tfstate" 29 | region="us-east-1" 30 | } 31 | } 32 | 33 | 34 | -------------------------------------------------------------------------------- /Section-10-RealWorldProject/tf-deploy-jenkins-ci/policy.tf: -------------------------------------------------------------------------------- 1 | resource "aws_iam_policy" "s3_policy" { 2 | name = "s3_policy" 3 | path = "/" 4 | description = "s3 policy for Instance " 5 | 6 | policy = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 15 | # /usr/bin/apt-get update 16 | # DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 17 | # /usr/bin/apt-get install apache2 -y 18 | # /usr/sbin/ufw allow in "Apache Full" 19 | # /bin/echo "Hello world " >/var/www/html/index.html 20 | # EOF 21 | } 22 | 23 | #user_data="${file("user_data.sh")}" 24 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/03-deploy-configurable-sever-use-variables/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "My-Webserver" { 2 | 3 | ami = "${var.ami}" 4 | instance_type = "${var.instance_type}" 5 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 6 | tags = { 7 | Name = "My-Webserver" 8 | } 9 | key_name = "terraform" 10 | user_data = <<-EOF 11 | #!/bin/bash 12 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | /usr/bin/apt-get update 14 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | /usr/bin/apt-get install apache2 -y 16 | /usr/sbin/ufw allow in "Apache Full" 17 | /bin/echo "Hello world " >/var/www/html/index.html 18 | instance_ip=`curl http://169.254.169.254/latest/meta-data/public-ipv4` 19 | echo $instance_ip >>/var/www/html/index.html 20 | EOF 21 | } 22 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/04-deploy-cluster-of-webservers/main.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "My-Webserver" { 2 | count = 3 3 | ami = var.ami 4 | instance_type = var.instance_type 5 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 6 | tags = { 7 | Name = "My-Webserver-${count.index}" 8 | } 9 | key_name = "terraform" 10 | user_data = <<-EOF 11 | #!/bin/bash 12 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 13 | /usr/bin/apt-get update 14 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 15 | /usr/bin/apt-get install apache2 -y 16 | /usr/sbin/ufw allow in "Apache Full" 17 | /bin/echo "Hello world " >/var/www/html/index.html 18 | instance_ip=`curl http://169.254.169.254/latest/meta-data/public-ipv4` 19 | echo $instance_ip >>/var/www/html/index.html 20 | EOF 21 | } 22 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/server_security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | 3 | ingress { 4 | from_port = var.server_port 5 | to_port = var.server_port 6 | protocol = "tcp" 7 | cidr_blocks = [ var.my_public_ip ] 8 | } 9 | 10 | ingress { 11 | from_port = var.ssh_port 12 | to_port = var.ssh_port 13 | protocol = "tcp" 14 | cidr_blocks = [ var.my_public_ip ] 15 | } 16 | ingress { 17 | from_port = var.server_port 18 | to_port = var.server_port 19 | protocol = "tcp" 20 | security_groups = [ aws_security_group.elb_sg.id ] 21 | } 22 | 23 | egress { 24 | from_port = 0 25 | to_port = 0 26 | protocol = "-1" 27 | cidr_blocks = ["0.0.0.0/0"] 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/launch_config.tf: -------------------------------------------------------------------------------- 1 | resource "aws_launch_configuration" "my-first-launch-conf" { 2 | name = "${var.cluster}-webserver-launch" 3 | image_id = var.ami 4 | instance_type = var.instance_type 5 | security_groups=[ aws_security_group.webserver_sg.id ] 6 | key_name = "terraform" 7 | 8 | lifecycle { 9 | create_before_destroy = true 10 | } 11 | user_data=file("${path.module}/user_data.sh") 12 | # user_data = <<-EOF 13 | # #!/bin/bash 14 | # exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 15 | # /usr/bin/apt-get update 16 | # DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 17 | # /usr/bin/apt-get install apache2 -y 18 | # /usr/sbin/ufw allow in "Apache Full" 19 | # /bin/echo "Hello world " >/var/www/html/index.html 20 | # EOF 21 | } 22 | 23 | #user_data="${file("user_data.sh")}" 24 | -------------------------------------------------------------------------------- /Section-03-single-server-to-cluster-weberver-asg-alb/06-deploy-cluster-of-webservers-in-ASG-with-LoadBalancer/asg_launch_conf.tf: -------------------------------------------------------------------------------- 1 | resource aws_launch_configuration "my-first-launch-conf" { 2 | #name = "webserver-launch" 3 | image_id = var.ami 4 | instance_type = var.instance_type 5 | security_groups=[ aws_security_group.webserver_sg.id ] 6 | key_name = "terraform" 7 | user_data = <<-EOF 8 | #!/bin/bash 9 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 10 | /usr/bin/apt-get update 11 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 12 | /usr/bin/apt-get install apache2 -y 13 | /usr/sbin/ufw allow in "Apache Full" 14 | /bin/echo "Hello world " >/var/www/html/index.html 15 | instance_ip=`curl http://169.254.169.254/latest/meta-data/public-ipv4` 16 | echo $instance_ip >>/var/www/html/index.html 17 | EOF 18 | 19 | lifecycle { 20 | create_before_destroy = true 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /Section-07-working-with-iam-role-policy/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hello-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | availability_zone = "${var.az}" 6 | key_name = "terraform" 7 | iam_instance_profile = "${aws_iam_instance_profile.ec2_profile.name}" 8 | tags = { 9 | Name = "Hello world" 10 | OwnerEmail = "terraform@ilearnxl.com" 11 | Project = "iam-role-demo" 12 | } 13 | user_data = <<-EOF 14 | #!/bin/bash 15 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 16 | /usr/bin/apt-get update 17 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 18 | /usr/bin/apt-get install apache2 -y 19 | /usr/sbin/ufw allow in "Apache Full" 20 | /bin/echo "Hello world " >/var/www/html/index.html 21 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 22 | echo $instance_ip >>/var/www/html/index.html 23 | EOF 24 | 25 | } 26 | -------------------------------------------------------------------------------- /Section-08-local-exec/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hellow-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world" 8 | } 9 | 10 | provisioner "local-exec" { 11 | command = "echo ${self.private_ip} > webserver_private_ip.txt" 12 | # command = "echo ${self.public_ip} > webserver_public_ip.txt" 13 | on_failure = continue 14 | } 15 | provisioner "local-exec" { 16 | command = "echo ${self.public_ip} > webserver_public_ip.txt" 17 | on_failure = continue 18 | } 19 | user_data = <<-EOF 20 | #!/bin/bash 21 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 22 | /usr/bin/apt-get update 23 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 24 | /usr/bin/apt-get install apache2 -y 25 | /usr/sbin/ufw allow in "Apache Full" 26 | /bin/echo "Hello world " >/var/www/html/index.html 27 | instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 28 | echo $instance_ip >>/var/www/html/index.html 29 | EOF 30 | 31 | } 32 | -------------------------------------------------------------------------------- /Section-10-RealWorldProject/tf-deploy-jenkins-ci/jenkins-ec2.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "jenkins" { 2 | ami = var.ami 3 | instance_type = "t2.micro" 4 | key_name = "terraform" 5 | iam_instance_profile = "${aws_iam_instance_profile.ec2_profile.name}" 6 | vpc_security_group_ids = [aws_security_group.allow_login.id] 7 | tags = { 8 | Name = var.project 9 | OS = "ubuntu" 10 | } 11 | user_data = < >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 14 | /usr/bin/wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add - 15 | /bin/sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' 16 | /usr/bin/apt-get update 17 | DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 18 | /usr/bin/apt-get install default-jdk -y 19 | /usr/bin/apt-get install jenkins -y 20 | /bin/systemctl start jenkins 21 | /bin/systemctl status jenkins 22 | /usr/sbin/ufw allow 8080 23 | /usr/sbin/ufw status 24 | /usr/bin/apt install python3-pip -y 25 | pip3 install awscli 26 | apt install unzip 27 | wget -q https://releases.hashicorp.com/terraform/0.11.6/terraform_0.11.6_linux_amd64.zip 28 | unzip terraform_0.11.6_linux_amd64.zip 29 | mv terraform /usr/local/bin/terraform 30 | terraform version 31 | echo "######### all commands executed successfuly !! ########## " 32 | EOC 33 | } 34 | -------------------------------------------------------------------------------- /Section-08-remote-exec/webserver.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "hello-world" { 2 | ami = "${var.ami}" 3 | instance_type = "${var.instance_type}" 4 | vpc_security_group_ids = ["${aws_security_group.webserver_sg.id}"] 5 | key_name = "terraform" 6 | tags = { 7 | Name = "Hello world" 8 | } 9 | 10 | provisioner "remote-exec" { 11 | inline = [ 12 | "sudo /usr/bin/apt-get update", 13 | "sudo DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq", 14 | "sudo /usr/bin/apt-get install apache2 -y", 15 | "sudo /usr/sbin/ufw allow in 'Apache Full' ", 16 | "sudo /bin/chmod 757 /var/www/html/index.html", 17 | "sudo /bin/echo 'Hello world' >/var/www/html/index.html", 18 | "instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`", 19 | "sudo echo $instance_ip >>/var/www/html/index.html", 20 | ] 21 | connection { 22 | type = "ssh" 23 | user = "ubuntu" 24 | private_key=file("./terraform.pem") 25 | host = self.public_ip 26 | } 27 | } 28 | # user_data = <<-EOF 29 | # #!/bin/bash 30 | # exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 31 | # /usr/bin/apt-get update 32 | # DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get upgrade -yq 33 | # /usr/bin/apt-get install apache2 -y 34 | # /usr/sbin/ufw allow in "Apache Full" 35 | # /bin/echo "Hello world " >/var/www/html/index.html 36 | # instance_ip=`curl http://169.254.169.254/latest/meta-data/local-ipv4` 37 | # echo $instance_ip >>/var/www/html/index.html 38 | # EOF 39 | 40 | } -------------------------------------------------------------------------------- /Section-05-modules/tf-module-versioning-stack/module/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | name="webserver_sg-${var.environment}" 3 | } 4 | 5 | resource "aws_security_group_rule" "allow_http" { 6 | type="ingress" 7 | security_group_id = aws_security_group.webserver_sg.id 8 | from_port = var.http_port 9 | to_port = var.http_port 10 | protocol = "tcp" 11 | cidr_blocks = [ var.my_system ] 12 | } 13 | resource "aws_security_group_rule" "allow_ssh" { 14 | type = "ingress" 15 | security_group_id = aws_security_group.webserver_sg.id 16 | from_port = var.ssh_port 17 | to_port = var.ssh_port 18 | protocol = "tcp" 19 | cidr_blocks = [ var.my_system] 20 | } 21 | resource "aws_security_group_rule" "allow_outgoing" { 22 | type = "egress" 23 | security_group_id = aws_security_group.webserver_sg.id 24 | from_port = 0 25 | to_port = 0 26 | protocol = "-1" 27 | cidr_blocks = ["0.0.0.0/0"] 28 | } 29 | # ingress { 30 | # from_port = "${var.http_port}" 31 | # to_port = "${var.http_port}" 32 | # protocol = "tcp" 33 | # cidr_blocks = [ "${var.my_system}"] 34 | # } 35 | 36 | # ingress { 37 | # from_port = "${var.ssh_port}" 38 | # to_port = "${var.ssh_port}" 39 | # protocol = "tcp" 40 | # cidr_blocks = [ "${var.my_system}"] 41 | # } 42 | # egress { 43 | # from_port = 0 44 | # to_port = 0 45 | # protocol = "-1" 46 | # cidr_blocks = ["0.0.0.0/0"] 47 | # } 48 | 49 | # } 50 | -------------------------------------------------------------------------------- /Section-05-modules/tf-module-lab-demo/module/webservers-elb-asg/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "webserver_sg" { 2 | name="webserver_sg-${var.environment}" 3 | } 4 | 5 | resource "aws_security_group_rule" "allow_http" { 6 | type="ingress" 7 | security_group_id = aws_security_group.webserver_sg.id 8 | from_port = var.http_port 9 | to_port = var.http_port 10 | protocol = "tcp" 11 | cidr_blocks = [ var.my_system ] 12 | } 13 | resource "aws_security_group_rule" "allow_ssh" { 14 | type = "ingress" 15 | security_group_id = aws_security_group.webserver_sg.id 16 | from_port = var.ssh_port 17 | to_port = var.ssh_port 18 | protocol = "tcp" 19 | cidr_blocks = [ var.my_system] 20 | } 21 | resource "aws_security_group_rule" "allow_outgoing" { 22 | type = "egress" 23 | security_group_id = aws_security_group.webserver_sg.id 24 | from_port = 0 25 | to_port = 0 26 | protocol = "-1" 27 | cidr_blocks = ["0.0.0.0/0"] 28 | } 29 | # ingress { 30 | # from_port = "${var.http_port}" 31 | # to_port = "${var.http_port}" 32 | # protocol = "tcp" 33 | # cidr_blocks = [ "${var.my_system}"] 34 | # } 35 | 36 | # ingress { 37 | # from_port = "${var.ssh_port}" 38 | # to_port = "${var.ssh_port}" 39 | # protocol = "tcp" 40 | # cidr_blocks = [ "${var.my_system}"] 41 | # } 42 | # egress { 43 | # from_port = 0 44 | # to_port = 0 45 | # protocol = "-1" 46 | # cidr_blocks = ["0.0.0.0/0"] 47 | # } 48 | 49 | # } 50 | -------------------------------------------------------------------------------- /Section-07-vpc-subnet-igw-natgw/vpc-subnet-nat-gw-nat-gw.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "main" { 2 | cidr_block = "10.118.8.0/22" 3 | enable_dns_hostnames = true 4 | tags = { 5 | Name = "stage" 6 | } 7 | } 8 | #internal Subnets 9 | resource "aws_subnet" "internal-01" { 10 | vpc_id = "${aws_vpc.main.id}" 11 | cidr_block = "10.118.8.128/25" 12 | map_public_ip_on_launch = "false" 13 | availability_zone= "us-east-1a" 14 | tags = { 15 | Name = "internal-01" 16 | } 17 | 18 | } 19 | resource "aws_subnet" "internal-02" { 20 | vpc_id = "${aws_vpc.main.id}" 21 | cidr_block = "10.118.9.128/25" 22 | map_public_ip_on_launch = "false" 23 | availability_zone = "us-east-1b" 24 | tags = { 25 | Name = "internal-02" 26 | } 27 | 28 | } 29 | # external subnets 30 | resource "aws_subnet" "external-01" { 31 | vpc_id = "${aws_vpc.main.id}" 32 | cidr_block = "10.118.8.0/25" 33 | map_public_ip_on_launch = "true" 34 | availability_zone= "us-east-1a" 35 | tags = { 36 | Name = "external-01" 37 | } 38 | 39 | } 40 | resource "aws_subnet" "external-02" { 41 | vpc_id = "${aws_vpc.main.id}" 42 | cidr_block = "10.118.9.0/25" 43 | map_public_ip_on_launch = "true" 44 | availability_zone= "us-east-1b" 45 | tags = { 46 | Name = "external-02" 47 | } 48 | 49 | } 50 | 51 | #internet gateway 52 | resource "aws_internet_gateway" "stage-internet-gw" { 53 | vpc_id = "${aws_vpc.main.id}" 54 | 55 | tags = { 56 | Name = "stage-internet-gw" 57 | } 58 | } 59 | 60 | # route table for 61 | 62 | resource "aws_route_table" "rt-table-public-ig" { 63 | vpc_id = "${aws_vpc.main.id}" 64 | route { 65 | cidr_block = "0.0.0.0/0" 66 | gateway_id = "${aws_internet_gateway.stage-internet-gw.id}" 67 | } 68 | 69 | tags = { 70 | Name = "rt-stage-external" 71 | } 72 | } 73 | 74 | # route table associtation to public subnets... 75 | resource "aws_route_table_association" "rt-external-association" { 76 | subnet_id = "${aws_subnet.external-01.id}" 77 | route_table_id = "${aws_route_table.rt-table-public-ig.id}" 78 | } 79 | resource "aws_route_table_association" "terraformtraining-public-2-a" { 80 | subnet_id = "${aws_subnet.external-02.id}" 81 | route_table_id = "${aws_route_table.rt-table-public-ig.id}" 82 | } 83 | 84 | 85 | 86 | resource "aws_eip" "nat" { 87 | vpc = true 88 | } 89 | 90 | resource "aws_nat_gateway" "stage-nat-gw" { 91 | allocation_id = "${aws_eip.nat.id}" 92 | subnet_id = "${aws_subnet.external-01.id}" 93 | depends_on = ["aws_internet_gateway.stage-internet-gw"] 94 | tags = { 95 | Name = "stage-nat-gw" 96 | } 97 | } 98 | 99 | # route table for NAT Gateway 100 | resource "aws_route_table" "rt-stage-internal" { 101 | vpc_id = "${aws_vpc.main.id}" 102 | route { 103 | cidr_block = "0.0.0.0/0" 104 | nat_gateway_id = "${aws_nat_gateway.stage-nat-gw.id}" 105 | } 106 | 107 | tags = { 108 | Name = "stage-nat-gw-route-table" 109 | } 110 | } 111 | 112 | 113 | # NAT Gateway toute table association for internal subnet. 114 | resource "aws_route_table_association" "stage-internal-01-rt-association" { 115 | subnet_id = "${aws_subnet.internal-01.id}" 116 | route_table_id = "${aws_route_table.rt-stage-internal.id}" 117 | } 118 | resource "aws_route_table_association" "stage-internal-02-rt-association" { 119 | subnet_id = "${aws_subnet.internal-02.id}" 120 | route_table_id = "${aws_route_table.rt-stage-internal.id}" 121 | } --------------------------------------------------------------------------------