├── .github └── workflows │ └── terraform.yml ├── .gitignore ├── EC2withJenkins ├── README.md ├── ec2_jenkins.tf ├── provider.tf ├── security_group.tf └── variables.tf ├── README.md ├── Software-provision ├── .gitignore ├── README.md ├── aws-instance-server-configure.tf ├── index.html ├── provider.tf ├── terraform.pem └── variables.tf ├── Terraform-aws-route53 ├── instance.tf ├── route53.tf ├── variables.tf └── vpc.tf ├── aws-instance-example.tf ├── aws-instance-first-script ├── .gitignore ├── Jenkinsfile ├── README.md ├── aws-instance-example.tf ├── provider.tf └── variables.tf ├── ebs-with-userdata ├── README.md ├── ebs_volume.tf ├── instance.tf ├── security_group.tf ├── variables.tf ├── volume.sh └── vpc.tf ├── kms_policy.json.tpl ├── main.tf ├── provider.tf ├── terraform-aws-autoscaling ├── main.tf └── variables.tf ├── terraform-aws-ebs ├── ebs_volume.tf ├── instance.tf ├── security_group.tf ├── variables.tf └── vpc.tf ├── terraform-aws-ec2-userdata ├── apache_config.sh ├── output.tf ├── provider.tf ├── security_group.tf ├── user-data-file-input.tf ├── user_data.tf └── variables.tf ├── terraform-aws-ec2-with-vpc ├── instance.tf ├── provider.tf ├── security_group.tf ├── variables.tf └── vpc.tf ├── terraform-aws-elasticsearch ├── README.md ├── iam_role_policy.tf ├── main.tf ├── output.tf └── variables.tf ├── terraform-aws-elb-alb ├── elb.tf ├── instances.tf ├── route53.tf ├── security_group.tf ├── variables.tf └── vpc.tf ├── terraform-aws-iam ├── iam │ ├── aws_iam_group.tf │ └── main.tf └── iam_role_with_instance │ ├── instance.tf │ ├── main.tf │ ├── s3_bucket.tf │ └── variables.tf ├── terraform-aws-private-public-ip ├── instance.tf ├── variables.tf └── vpc.tf ├── terraform-aws-rds-dynamoDb └── dynamodb.tf ├── terraform-aws-rds-mariaDb ├── instance.tf ├── mariadb.tf ├── security_group.tf ├── variables.tf └── vpc.tf ├── terraform-aws-sns ├── example │ ├── .terraform.lock.hcl │ ├── example.tf │ └── version.tf ├── main.tf ├── python │ └── hello-python.py └── variable.tf ├── terraform-aws-vpc ├── internet-gateway.tf ├── nat.tf ├── private_subnets.tf ├── public_subnets.tf ├── route_table.tf ├── variables.tf └── vpc.tf ├── terraform-data-source ├── .gitignore ├── README.md ├── aws-data-source-example.tf ├── provider.tf └── variables.tf ├── terraform-for-each-example ├── main.tf └── provider.tf ├── terraform-module ├── main.tf └── variables.tf ├── terraform-output ├── .gitignore ├── README.md ├── arn.txt ├── aws-instance-example.tf ├── ip_list.txt ├── output.tf ├── provider.tf └── variables.tf ├── terraform-remote-state ├── .gitignore ├── README.md ├── aws-remote-state-example.tf ├── backend.tf ├── provider.tf └── variables.tf └── terraform-variables ├── provider.tf ├── terraform-variable-example.tf └── variables.tf /.github/workflows/terraform.yml: -------------------------------------------------------------------------------- 1 | name: terraform-tutorials-ci 2 | 3 | on: [push, pull_request] 4 | 5 | env: 6 | AWS_ACCESS_KEY_ID: ${{ secrets.aws_access_key }} 7 | AWS_SECRET_ACCESS_KEY: ${{ secrets.aws_secret_access_key }} 8 | ACTIONS_ALLOW_UNSECURE_COMMANDS: true 9 | 10 | jobs: 11 | build: 12 | name: build 13 | runs-on: ubuntu-latest 14 | steps: 15 | - name: Checkout 16 | uses: actions/checkout@v1 17 | - name: Set up Terraform 18 | uses: marocchino/setup-terraform@v1 19 | with: 20 | version: "0.12.15" 21 | - name: Build module 'aws-instance-first-script' 22 | run: cd aws-instance-first-script && terraform init && terraform validate && terraform plan 23 | - name: Build module 'aws-EC2-with-jenkins' 24 | run: cd EC2withJenkins && terraform init && terraform validate && terraform plan 25 | - name: Build module 'aws-Application-Load-Balancer' 26 | run: cd terraform-aws-elb-alb && terraform init && terraform validate && terraform plan 27 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /EC2withJenkins/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial # Jenkins Install in EC2 Instance 2 | 3 | 4 | Terraform Tutorial is the set of examples of [Terraform](https://www.terraform.io/) modules that is building the EC2 Instance with jenkins 5 | infrastructure resources on AWS Cloud. 6 | 7 | To learn about module, follow the readme of each module. 8 | 9 | ## Developing 10 | 11 | - **Terraform**: v0.11.14 12 | - **Terraform Docs**: https://www.terraform.io/docs/configuration-0-11/index.html 13 | 14 | ## Usage 15 | 16 | ```hcl 17 | module "ec2_instance" { 18 | source = "git::https://github.com/easyawslearn/Terraform-Tutorial.git/EC2withJenkins" 19 | 20 | region = "us-west-2" 21 | key-name = "ec2-demo" 22 | instance_type = "t2.micro" 23 | 24 | } 25 | ``` 26 | 27 | ## Inputs 28 | 29 | | Name | Description | Type | Default | Required | 30 | |------|-------------|:----:|:-----:|:-----:| 31 | | region | AWS region | string | us-east-1 | yes | 32 | | key-name | ec2 access key name | string | ec2-demo | yes | 33 | | instance_type | ec2 instance_type | string | t2.micro | yes | 34 | -------------------------------------------------------------------------------- /EC2withJenkins/ec2_jenkins.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_instance" "ec2_jenkins" { 3 | ami = "${lookup(var.ami_id, var.region)}" 4 | instance_type = "${var.instance_type}" 5 | # Security group assign to instance 6 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 7 | 8 | # key name 9 | key_name = "${var.key_name}" 10 | 11 | user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html 18 | 19 | yum install java-1.8.0-openjdk-devel -y 20 | curl --silent --location http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo | sudo tee /etc/yum.repos.d/jenkins.repo 21 | sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key 22 | yum install -y jenkins 23 | systemctl start jenkins 24 | systemctl status jenkins 25 | systemctl enable jenkins 26 | 27 | EOF 28 | 29 | tags = { 30 | Name = "Ec2-User-data" 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /EC2withJenkins/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /EC2withJenkins/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | #vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | ingress { 15 | # SSH Port 80 allowed from any IP 16 | from_port = 80 17 | to_port = 80 18 | protocol = "tcp" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | ingress { 23 | # SSH Port 80 allowed from any IP 24 | from_port = 8080 25 | to_port = 8080 26 | protocol = "tcp" 27 | cidr_blocks = ["0.0.0.0/0"] 28 | } 29 | 30 | egress { 31 | from_port = 0 32 | to_port = 0 33 | protocol = "-1" 34 | cidr_blocks = ["0.0.0.0/0"] 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /EC2withJenkins/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-00dc79254d0461090" 9 | } 10 | } 11 | variable "instance_type" { 12 | type = "string" 13 | default = "t2.micro" 14 | } 15 | variable "key_name" { 16 | type = "string" 17 | default = "ec2-demo" 18 | } 19 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | 3 | ![](https://github.com/easyawslearn/Terraform-Tutorial/workflows/terraform-tutorials-ci/badge.svg) 4 | 5 | Terraform Tutorial is the set of examples of [Terraform](https://www.terraform.io/) modules that is building the infrastructure resources 6 | on AWS Cloud. 7 | 8 | To learn about module, follow the readme of each module. 9 | 10 | ## Developing 11 | 12 | - **Terraform**: v0.11.14 13 | - **Terraform Docs**: https://www.terraform.io/docs/configuration-0-11/index.html 14 | - **Youtube Channel for subscription**: https://www.youtube.com/channel/UCck6BsJ0H8C8C8JVgSS1b8Q?view_as=subscriber 15 | - **Terraform Tutorial in English**: https://www.youtube.com/watch?v=5WykrpB7qS4&list=PL_OdF9Z6GmVaRD6e6sYLQO_WYqTKcj3aj 16 | - **Terraform Tutorial in Hindi**: https://www.youtube.com/watch?v=LNYQXLf60N4&list=PL_OdF9Z6GmVY9QfBfNUua_X2c2mT65SAX 17 | -------------------------------------------------------------------------------- /Software-provision/.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /Software-provision/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | Terraform Tutorial with all the Live Example 3 | -------------------------------------------------------------------------------- /Software-provision/aws-instance-server-configure.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_instance" "web-server" { 3 | ami = "${lookup(var.ami_id, var.region)}" 4 | instance_type = "t2.micro" 5 | key_name = "terraform" 6 | 7 | 8 | provisioner "file" { 9 | source = "index.html" 10 | destination = "/tmp/index.html" 11 | } 12 | provisioner "remote-exec" { 13 | inline = [ 14 | "sudo yum install -y httpd;sudo cp /tmp/index.html /var/www/html/", 15 | "sudo service httpd restart", 16 | "sudo service httpd status" 17 | ] 18 | } 19 | connection { 20 | user = "ec2-user" 21 | private_key = "${file("${var.private_key_path}")}" 22 | host = "${aws_instance.web-server.public_ip}" 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /Software-provision/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | THIS IS MY WEB Server Deployed on AWS EC2 Intance using Terraform Script 4 | 5 | 6 | -------------------------------------------------------------------------------- /Software-provision/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | -------------------------------------------------------------------------------- /Software-provision/terraform.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAjwPLx8LUEWbq9K84qM7J39Ksl8gtAtKczKuduC6xfEygjfznhjG73wp1qAKG 3 | pfKJJS20r/mShYbWsnKRojjM+tU0Jm76gTzpOwXYG3eWA4bsoAOdZtWyKPnl1scb/SP5X5Fdvtka 4 | baeVbz+lekX7c540wTGWzf4AuZjTs29A/PUYWKW9sOwsth4WgSHDuNdQznU0EgXhzuV7a9z4FlrR 5 | +SZ400g6ONs2hfT7o4sqSGu8JcVnJUyQY0lY1Sgnkw0g0KGdyP2ZA6dIHcNutcYnRXNmspIRfdG9 6 | 79BDKeYNsdU/U0hk1YLAe8j7vH0Iq3oMCU5FdRUr5ITSD4Xt5M9zAQIDAQABAoIBAHwJ1c+PKjFh 7 | qvzHkIPQvoRzC6ClTGy7UKWvXx7k2KkvKL2dkQzxy7k6MCuk7TW28r4dMy7BbhSDi2jAN5GUZCxV 8 | iGKhNIGs27iGbBX+lUy/1DFAkV8kjt49R9wNWzgl4F7EDKO/Vs2uYMxZTmOLmPiBSc4Z/WryF5zh 9 | cROatanudwmNKH/Mg+Wj9TuOFS5b5Lir0H0xfip+SHRbjWQAd8xp3RqYl82HzHbrJKbkVNiLqrd2 10 | 7IIkbfd6wMKtacruROLofNgDUSHr7050aIh/dgQIOXK08qAdlGRceQ/wUJsQVZqCta4alnu7lQTi 11 | 4lATrnincZM8RZL9dBayMIKXGLECgYEA2hvv6mtZIQYmZeC1Z/anpcE0PQUunuvahKliTbRa4yKw 12 | 6EHC/I8fZPNSFhqHnCml88k6ptaTDH13zqFF7CrcD2JqhRTjHkFZGP3u6sP63BJ2QJFOVglwvk9Y 13 | 7fr2BHKNIOdyHOpZccHOaIxXN6EY3CUyH+5RBmOY1HfDuM1Trc0CgYEAp9woN4NKL0e25PxEhgnD 14 | vlNRHEPT5ltHTSqiQUjK63OP36A8WF/cGhJUXtXuAXVWcFIfMRh9g+XsYaFtvCDYykPsRYlZJQYV 15 | KRncAVk29qyfJe11zvOD99uo+wro/V+dXRQkbgtFrcOYF3eBmAuVCWi+Eyp5pm/cgZbY/JRDRgUC 16 | gYEAlbwYORb5WXKfadGauITdEy5QbpPgLbo9ilW+5xmqS8TFLq327uxS4TsqX4JXFx6Aj5zWZzNo 17 | QGrilTiiiD/kU6t89WAhi+PRBxdNrl5dGjiSdkFLRkW04PIYW0ivHN6HhM9fx/oa7b3ftmaiec5f 18 | AsOGZeV2Oqylfze5ZmWPzQECgYEAjG5XBvpDmgJ5NGEIQsrwg83YUbk9Eb7Ti+9bBxsLCKgJeaDo 19 | W1b3IKitBRocoAO2aQmLJtvCRhKZC6St1XH1bGIezJ33gk3wbg5ATLCClyQbkPN0V8rKYRXX7Q5X 20 | lYHkePZc8+NiS9kS6K8GMFmgOdrzCb3DQEbdR10X81dmYLECgYAhsgAbZNzrXAO+E3ooTJgIyZLW 21 | QxB74kDIxTNFgUL+U01l70x92aY03TofLFare+9jGuNdDmLjzqbTswz/AXK8FUkxbRo8R18ldpoz 22 | gvgh56v8VYulsULRphNeKoXJG3CTRmQEjDgrKYRSzHed3nVnRctT0iUAg/zAbUpzOIhdgg== 23 | -----END RSA PRIVATE KEY----- -------------------------------------------------------------------------------- /Software-provision/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" {} 2 | variable "secret_key" {} 3 | variable "region" { 4 | default = "us-east-1" 5 | } 6 | variable "private_key_path" { 7 | default = "terraform.pem" 8 | } 9 | 10 | variable "ami_id" { 11 | type = "map" 12 | default = { 13 | us-east-1 = "ami-035b3c7efe6d061d5" 14 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 15 | eu-central-1 = "ami-9787h5h6nsn" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /Terraform-aws-route53/instance.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | 6 | 7 | resource "aws_instance" "IP_example" { 8 | ami = lookup(var.ami_id, var.region) 9 | instance_type = var.instance_type 10 | subnet_id = aws_subnet.public_1.id 11 | 12 | # Security group assign to instance 13 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 14 | private_ip = "10.0.1.10" 15 | # key name 16 | key_name = var.key_name 17 | 18 | user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html 25 | EOF 26 | 27 | tags = { 28 | Name = "Private_IP" 29 | } 30 | } 31 | 32 | resource "aws_eip" "eip" { 33 | instance = aws_instance.IP_example.id 34 | vpc = true 35 | } 36 | 37 | output "public_ip" { 38 | value = aws_instance.IP_example.public_ip 39 | } 40 | -------------------------------------------------------------------------------- /Terraform-aws-route53/route53.tf: -------------------------------------------------------------------------------- 1 | resource "aws_route53_zone" "easy_aws" { 2 | name = "easyaws.in" 3 | 4 | tags = { 5 | Environment = "dev" 6 | } 7 | } 8 | 9 | resource "aws_route53_record" "www" { 10 | zone_id = aws_route53_zone.easy_aws.zone_id 11 | name = "www.easyaws.in" 12 | type = "A" 13 | ttl = "300" 14 | records = [aws_eip.eip.public_ip] 15 | } 16 | 17 | output "name_server"{ 18 | value=aws_route53_zone.easy_aws.name_servers 19 | } 20 | -------------------------------------------------------------------------------- /Terraform-aws-route53/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | 18 | variable "device_name" { 19 | type = "string" 20 | default = "/dev/xvdh" 21 | } 22 | variable "key_name" { 23 | type = "string" 24 | default = "ec2-demo" 25 | } 26 | 27 | variable "cidr" { 28 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 29 | type = string 30 | default = "10.0.0.0/16" 31 | } 32 | variable "instance_tenancy" { 33 | description = "A tenancy option for instances launched into the VPC" 34 | type = string 35 | default = "default" 36 | } 37 | 38 | variable "enable_dns_hostnames" { 39 | description = "Should be true to enable DNS hostnames in the VPC" 40 | type = bool 41 | default = true 42 | } 43 | 44 | variable "enable_dns_support" { 45 | description = "Should be true to enable DNS support in the VPC" 46 | type = bool 47 | default = true 48 | } 49 | 50 | variable "enable_classiclink" { 51 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 52 | type = bool 53 | default = false 54 | } 55 | 56 | variable "tags" { 57 | description = "A map of tags to add to all resources" 58 | type = string 59 | default = "Vpc-custom-demo" 60 | } 61 | -------------------------------------------------------------------------------- /Terraform-aws-route53/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | availability_zone = "us-east-1a" 23 | vpc_id = aws_vpc.vpc_demo.id 24 | map_public_ip_on_launch = true 25 | cidr_block = "10.0.1.0/24" 26 | 27 | tags = { 28 | Name = "public_1-demo" 29 | } 30 | } 31 | 32 | resource "aws_route_table" "route-public" { 33 | vpc_id = aws_vpc.vpc_demo.id 34 | 35 | route { 36 | cidr_block = "10.0.0.0/0" 37 | gateway_id = aws_internet_gateway.gw.id 38 | } 39 | 40 | tags = { 41 | Name = "public-route-table-demo" 42 | } 43 | } 44 | 45 | resource "aws_route_table_association" "public_1" { 46 | subnet_id = aws_subnet.public_1.id 47 | route_table_id = aws_route_table.route-public.id 48 | } 49 | 50 | resource "aws_security_group" "allow_ssh" { 51 | name = "allow_SSH" 52 | description = "Allow SSH inbound traffic" 53 | vpc_id = aws_vpc.vpc_demo.id 54 | 55 | ingress { 56 | # SSH Port 22 allowed from any IP 57 | from_port = 22 58 | to_port = 22 59 | protocol = "tcp" 60 | cidr_blocks = ["0.0.0.0/0"] 61 | } 62 | 63 | ingress { 64 | # SSH Port 80 allowed from any IP 65 | from_port = 80 66 | to_port = 80 67 | protocol = "tcp" 68 | cidr_blocks = ["0.0.0.0/0"] 69 | } 70 | 71 | egress { 72 | from_port = 0 73 | to_port = 0 74 | protocol = "-1" 75 | cidr_blocks = ["0.0.0.0/0"] 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /aws-instance-example.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | 8 | resource "aws_instance" "my_web_server" { 9 | ami = "${lookup(var.ami_id, var.region)}" 10 | instance_type = "t2.micro" 11 | } 12 | -------------------------------------------------------------------------------- /aws-instance-first-script/.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /aws-instance-first-script/Jenkinsfile: -------------------------------------------------------------------------------- 1 | 2 | pipeline { 3 | 4 | parameters { 5 | string(name: 'environment', defaultValue: 'terraform', description: 'Workspace/environment file to use for deployment') 6 | booleanParam(name: 'autoApprove', defaultValue: false, description: 'Automatically run apply after generating plan?') 7 | 8 | } 9 | 10 | 11 | environment { 12 | AWS_ACCESS_KEY_ID = credentials('AWS_ACCESS_KEY_ID') 13 | AWS_SECRET_ACCESS_KEY = credentials('AWS_SECRET_ACCESS_KEY') 14 | } 15 | 16 | agent any 17 | options { 18 | timestamps () 19 | ansiColor('xterm') 20 | } 21 | stages { 22 | stage('checkout') { 23 | steps { 24 | script{ 25 | dir("terraform") 26 | { 27 | git "https://github.com/easyawslearn/Terraform-Tutorial.git" 28 | } 29 | } 30 | } 31 | } 32 | 33 | stage('Plan') { 34 | steps { 35 | sh 'pwd;cd terraform/aws-instance-first-script ; terraform init -input=false' 36 | sh 'pwd;cd terraform/aws-instance-first-script ; terraform workspace new ${environment}' 37 | sh 'pwd;cd terraform/aws-instance-first-script ; terraform workspace select ${environment}' 38 | sh "pwd;cd terraform/aws-instance-first-script ;terraform plan -input=false -out tfplan " 39 | sh 'pwd;cd terraform/aws-instance-first-script ;terraform show -no-color tfplan > tfplan.txt' 40 | } 41 | } 42 | stage('Approval') { 43 | when { 44 | not { 45 | equals expected: true, actual: params.autoApprove 46 | } 47 | } 48 | 49 | steps { 50 | script { 51 | def plan = readFile 'terraform/aws-instance-first-script/tfplan.txt' 52 | input message: "Do you want to apply the plan?", 53 | parameters: [text(name: 'Plan', description: 'Please review the plan', defaultValue: plan)] 54 | } 55 | } 56 | } 57 | 58 | stage('Apply') { 59 | steps { 60 | sh "pwd;cd terraform/aws-instance-first-script ; terraform apply -input=false tfplan" 61 | } 62 | } 63 | } 64 | 65 | } 66 | -------------------------------------------------------------------------------- /aws-instance-first-script/README.md: -------------------------------------------------------------------------------- 1 | # aws-instance-first-script 2 | 3 | ![](https://github.com/easyawslearn/Terraform-Tutorial/workflows/terraform-tutorials-ci/badge.svg) 4 | 5 | A Terraform module for creating AWS EC2 instance. 6 | 7 | ## Usage 8 | 9 | ```hcl 10 | module "ec2_instance" { 11 | source = "git::https://github.com/easyawslearn/Terraform-Tutorial.git//aws-instance-first-script" 12 | 13 | region = "us-west-2" 14 | } 15 | ``` 16 | 17 | ## Inputs 18 | 19 | | Name | Description | Type | Default | Required | 20 | |------|-------------|:----:|:-----:|:-----:| 21 | | region | AWS region | string | us-east-1 | yes | 22 | -------------------------------------------------------------------------------- /aws-instance-first-script/aws-instance-example.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "web1" { 2 | ami = "${lookup(var.ami_id, var.region)}" 3 | instance_type = "t2.micro" 4 | } 5 | -------------------------------------------------------------------------------- /aws-instance-first-script/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /aws-instance-first-script/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | 5 | variable "ami_id" { 6 | type = "map" 7 | 8 | default = { 9 | us-east-1 = "ami-035b3c7efe6d061d5" 10 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 11 | eu-central-1 = "ami-9787h5h6nsn" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /ebs-with-userdata/README.md: -------------------------------------------------------------------------------- 1 | # aws-instance-with-ebs-volume 2 | 3 | A Terraform module for creating AWS EC2 instance with userdata for creating EBS. 4 | 5 | ## Usage 6 | 7 | ```hcl 8 | module "ec2_instance" { 9 | source = "git::https://github.com/easyawslearn/Terraform-Tutorial.git/ebc-with-userdata" 10 | 11 | region = "us-west-2" 12 | key-name = "ec2-demo" 13 | instance_type = "t2.micro" 14 | ebs_size = "20" 15 | } 16 | ``` 17 | 18 | ## Inputs 19 | 20 | | Name | Description | Type | Default | Required | 21 | |------|-------------|:----:|:-----:|:-----:| 22 | | region | AWS region | string | us-east-1 | yes | 23 | | key-name | ec2 access key name | string | ec2-demo | yes | 24 | | instance_type | ec2 instance_type | string | t2.micro | yes | 25 | | ebs_size | EBS volume size | string | 20 | yes | 26 | -------------------------------------------------------------------------------- /ebs-with-userdata/ebs_volume.tf: -------------------------------------------------------------------------------- 1 | resource "aws_ebs_volume" "ebs_volume" { 2 | availability_zone = "us-east-1a" 3 | size = var.ebs_size 4 | type = "gp2" 5 | 6 | tags = { 7 | Name = "ebs-volume-terraform-demo" 8 | } 9 | } 10 | 11 | resource "aws_volume_attachment" "ebc_volume_attachment" { 12 | device_name = var.device_name 13 | volume_id = aws_ebs_volume.ebs_volume.id 14 | instance_id = aws_instance.ebs_instance_example.id 15 | } 16 | 17 | data "template_file" "init" { 18 | template = "${file("volume.sh")}" 19 | 20 | vars = { 21 | device_name = var.device_name 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /ebs-with-userdata/instance.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | version = "~> 2.0" 4 | } 5 | 6 | resource "aws_instance" "ebs_instance_example" { 7 | ami = lookup(var.ami_id, var.region) 8 | instance_type = var.instance_type 9 | subnet_id = aws_subnet.public_1.id 10 | 11 | # Security group assign to instance 12 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 13 | 14 | # key name 15 | key_name = var.key_name 16 | # User data passing through template rendering 17 | user_data = data.template_file.init.rendered 18 | 19 | tags = { 20 | Name = "EBS with userdata" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /ebs-with-userdata/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | ingress { 15 | # SSH Port 80 allowed from any IP 16 | from_port = 80 17 | to_port = 80 18 | protocol = "tcp" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | egress { 23 | from_port = 0 24 | to_port = 0 25 | protocol = "-1" 26 | cidr_blocks = ["0.0.0.0/0"] 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /ebs-with-userdata/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | 18 | variable "device_name" { 19 | type = "string" 20 | default = "/dev/xvdh" 21 | } 22 | 23 | variable "ebs_size" { 24 | type = "string" 25 | default = "20" 26 | } 27 | 28 | variable "key_name" { 29 | type = "string" 30 | default = "ec2-demo" 31 | } 32 | 33 | variable "cidr" { 34 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 35 | type = string 36 | default = "10.0.0.0/16" 37 | } 38 | variable "instance_tenancy" { 39 | description = "A tenancy option for instances launched into the VPC" 40 | type = string 41 | default = "default" 42 | } 43 | 44 | variable "enable_dns_hostnames" { 45 | description = "Should be true to enable DNS hostnames in the VPC" 46 | type = bool 47 | default = true 48 | } 49 | 50 | variable "enable_dns_support" { 51 | description = "Should be true to enable DNS support in the VPC" 52 | type = bool 53 | default = true 54 | } 55 | 56 | variable "enable_classiclink" { 57 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 58 | type = bool 59 | default = false 60 | } 61 | 62 | variable "tags" { 63 | description = "A map of tags to add to all resources" 64 | type = string 65 | default = "Vpc-custom-demo" 66 | } 67 | -------------------------------------------------------------------------------- /ebs-with-userdata/volume.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -xe 2 | exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 3 | sleep 30 4 | sudo mkdir -p /data 5 | sleep 30 6 | sudo mkfs.ext4 ${device_name} 7 | sudo mount ${device_name} /data 8 | -------------------------------------------------------------------------------- /ebs-with-userdata/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | availability_zone = "us-east-1a" 23 | vpc_id = aws_vpc.vpc_demo.id 24 | map_public_ip_on_launch = true 25 | cidr_block = "10.0.1.0/24" 26 | 27 | tags = { 28 | Name = "public_1-demo" 29 | } 30 | } 31 | 32 | resource "aws_route_table" "route-public" { 33 | vpc_id = aws_vpc.vpc_demo.id 34 | 35 | route { 36 | cidr_block = "10.0.0.0/0" 37 | gateway_id = aws_internet_gateway.gw.id 38 | } 39 | 40 | tags = { 41 | Name = "public-route-table-demo" 42 | } 43 | } 44 | 45 | resource "aws_route_table_association" "public_1" { 46 | subnet_id = aws_subnet.public_1.id 47 | route_table_id = aws_route_table.route-public.id 48 | } 49 | -------------------------------------------------------------------------------- /kms_policy.json.tpl: -------------------------------------------------------------------------------- 1 | { 2 | "Version": "2012-10-17", 3 | "Id": "kms-key-policy", 4 | "Statement": [ 5 | { 6 | "Sid": "Enable IAM User Permissions", 7 | "Effect": "Allow", 8 | "Principal": {"AWS": "arn:aws:iam::${account_id}:root","Service": "logs.us-east-1.amazonaws.com"}, 9 | "Action": "kms:*", 10 | "Resource": "*" 11 | } 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | data "template_file" "kms_policy" { 2 | template = "${file("${kms_policy.json.tpl")}" 3 | 4 | vars { 5 | account_id = "${var.account_id}" 6 | } 7 | } 8 | 9 | resource "aws_kms_key" "key" { 10 | policy = "${data.template_file.kms_policy.rendered}" 11 | } 12 | 13 | resource "aws_cloudwatch_log_group" "yada" { 14 | name = "vijay" 15 | 16 | kms_key_id = aws_kms_key.key.arn 17 | 18 | } 19 | -------------------------------------------------------------------------------- /provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | -------------------------------------------------------------------------------- /terraform-aws-autoscaling/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | 5 | resource "aws_launch_configuration" "launch_config" { 6 | name = "web_config" 7 | image_id = lookup(var.ami_id, var.region) 8 | instance_type = "t2.micro" 9 | key_name = var.key_name 10 | security_groups = [ var.security_grpup_id] 11 | } 12 | 13 | resource "aws_autoscaling_group" "example_autoscaling" { 14 | name = "autoscaling-terraform-test" 15 | max_size = 2 16 | min_size = 1 17 | health_check_grace_period = 300 18 | health_check_type = "EC2" 19 | desired_capacity = 1 20 | force_delete = true 21 | launch_configuration = aws_launch_configuration.launch_config.name 22 | availability_zones = ["us-east-1a","us-east-1b"] 23 | # vpc_zone_identifier = [aws_subnet.example1.id, aws_subnet.example2.id] 24 | 25 | } 26 | 27 | resource "aws_autoscaling_policy" "asp" { 28 | name = "asp-terraform-test" 29 | scaling_adjustment = 1 30 | adjustment_type = "ChangeInCapacity" 31 | cooldown = 300 32 | policy_type = "SimpleScaling" 33 | autoscaling_group_name = aws_autoscaling_group.example_autoscaling.name 34 | } 35 | 36 | resource "aws_cloudwatch_metric_alarm" "aws_cloudwatch_metric_alarm" { 37 | alarm_name = "terraform-test-cloudwatch" 38 | comparison_operator = "GreaterThanOrEqualToThreshold" 39 | evaluation_periods = "2" 40 | metric_name = "CPUUtilization" 41 | namespace = "AWS/EC2" 42 | period = "120" 43 | statistic = "Average" 44 | threshold = "30" 45 | alarm_description = "This metric monitors ec2 cpu utilization" 46 | 47 | dimensions = { 48 | AutoScalingGroupName = aws_autoscaling_group.example_autoscaling.name 49 | } 50 | 51 | actions_enabled = true 52 | alarm_actions = [aws_autoscaling_policy.asp.arn] 53 | 54 | } 55 | 56 | resource "aws_sns_topic" "user_updates" { 57 | name = "user-updates-topic" 58 | display_name = "example auto scaling" 59 | } 60 | 61 | resource "aws_autoscaling_notification" "example_notifications" { 62 | group_names = [aws_autoscaling_group.example_autoscaling.name] 63 | 64 | notifications = [ 65 | "autoscaling:EC2_INSTANCE_LAUNCH", 66 | "autoscaling:EC2_INSTANCE_TERMINATE", 67 | "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", 68 | "autoscaling:EC2_INSTANCE_TERMINATE_ERROR", 69 | ] 70 | 71 | topic_arn = aws_sns_topic.user_updates.arn 72 | } -------------------------------------------------------------------------------- /terraform-aws-autoscaling/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-04d29b6f966df1537" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | 14 | variable "key_name" { 15 | type = "string" 16 | default = "ec2-demo" 17 | } 18 | 19 | variable "instance_type" { 20 | type = "string" 21 | default = "t2.micro" 22 | } 23 | 24 | variable "subnets" { 25 | type = list(string) 26 | default = ["subnet-59b98303","subnet-0d7cb232"] 27 | } 28 | 29 | variable "azs" { 30 | type = list(string) 31 | default = ["us-east-1a","us-east-1b"] 32 | } 33 | 34 | variable "security_grpup_id" { 35 | type = "string" 36 | default = "sg-53623a20" 37 | } 38 | -------------------------------------------------------------------------------- /terraform-aws-ebs/ebs_volume.tf: -------------------------------------------------------------------------------- 1 | resource "aws_ebs_volume" "ebs_volume" { 2 | availability_zone = "us-east-1a" 3 | size = 20 4 | type = "gp2" 5 | 6 | tags = { 7 | Name = "ebs-volume-terraform-demo" 8 | } 9 | } 10 | 11 | resource "aws_volume_attachment" "ebc_volume_attachment" { 12 | device_name = "/dev/xvdh" 13 | volume_id = aws_ebs_volume.ebs_volume.id 14 | instance_id = aws_instance.ebs_instance_example.id 15 | } 16 | -------------------------------------------------------------------------------- /terraform-aws-ebs/instance.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | 5 | resource "aws_instance" "ebs_instance_example" { 6 | ami = lookup(var.ami_id, var.region) 7 | instance_type = var.instance_type 8 | subnet_id = aws_subnet.public_1.id 9 | 10 | # Security group assign to instance 11 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 12 | 13 | # key name 14 | key_name = var.key_name 15 | 16 | tags = { 17 | Name = "Ec2-with-VPC" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /terraform-aws-ebs/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | egress { 15 | from_port = 0 16 | to_port = 0 17 | protocol = "-1" 18 | cidr_blocks = ["0.0.0.0/0"] 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /terraform-aws-ebs/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | variable "key_name" { 18 | type = "string" 19 | default = "ec2-demo" 20 | } 21 | 22 | variable "cidr" { 23 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 24 | type = string 25 | default = "10.0.0.0/16" 26 | } 27 | variable "instance_tenancy" { 28 | description = "A tenancy option for instances launched into the VPC" 29 | type = string 30 | default = "default" 31 | } 32 | 33 | variable "enable_dns_hostnames" { 34 | description = "Should be true to enable DNS hostnames in the VPC" 35 | type = bool 36 | default = true 37 | } 38 | 39 | variable "enable_dns_support" { 40 | description = "Should be true to enable DNS support in the VPC" 41 | type = bool 42 | default = true 43 | } 44 | 45 | variable "enable_classiclink" { 46 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 47 | type = bool 48 | default = false 49 | } 50 | 51 | variable "tags" { 52 | description = "A map of tags to add to all resources" 53 | type = string 54 | default = "Vpc-custom-demo" 55 | } 56 | -------------------------------------------------------------------------------- /terraform-aws-ebs/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | availability_zone = "us-east-1a" 23 | vpc_id = aws_vpc.vpc_demo.id 24 | map_public_ip_on_launch = true 25 | cidr_block = "10.0.1.0/24" 26 | 27 | tags = { 28 | Name = "public_1-demo" 29 | } 30 | } 31 | 32 | resource "aws_route_table" "route-public" { 33 | vpc_id = aws_vpc.vpc_demo.id 34 | 35 | route { 36 | cidr_block = "10.0.0.0/0" 37 | gateway_id = aws_internet_gateway.gw.id 38 | } 39 | 40 | tags = { 41 | Name = "public-route-table-demo" 42 | } 43 | } 44 | 45 | resource "aws_route_table_association" "public_1" { 46 | subnet_id = aws_subnet.public_1.id 47 | route_table_id = aws_route_table.route-public.id 48 | } 49 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/apache_config.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | sudo yum update -y 3 | sudo yum install -y httpd.x86_64 4 | sudo service httpd start 5 | sudo service httpd enable 6 | echo "

Deployed via Terraform

" | sudo tee /var/www/html/index.html 7 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = "${aws_instance.user_data_example.public_ip}" 3 | } 4 | output "user_data_example_input_file" { 5 | value = "${aws_instance.user_data_example_input_file.public_ip}" 6 | } 7 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | #vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | ingress { 15 | # SSH Port 80 allowed from any IP 16 | from_port = 80 17 | to_port = 80 18 | protocol = "tcp" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | egress { 23 | from_port = 0 24 | to_port = 0 25 | protocol = "-1" 26 | cidr_blocks = ["0.0.0.0/0"] 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/user-data-file-input.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_instance" "user_data_example_input_file" { 3 | ami = lookup(var.ami_id, var.region) 4 | instance_type = var.instance_type 5 | # subnet_id = aws_subnet.public_1.id 6 | 7 | # Security group assign to instance 8 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 9 | 10 | # key name 11 | key_name = var.key_name 12 | user_data = "${file("apache_config.sh")}" 13 | 14 | tags = { 15 | Name = "Ec2-User-data-with-file" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/user_data.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_instance" "user_data_example" { 3 | ami = lookup(var.ami_id, var.region) 4 | instance_type = var.instance_type 5 | # subnet_id = aws_subnet.public_1.id 6 | 7 | # Security group assign to instance 8 | vpc_security_group_ids = [aws_security_group.allow_ssh.id] 9 | 10 | # key name 11 | key_name = var.key_name 12 | 13 | user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html 20 | EOF 21 | 22 | tags = { 23 | Name = "Ec2-User-data" 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /terraform-aws-ec2-userdata/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | variable "key_name" { 18 | type = "string" 19 | default = "ec2-demo" 20 | } 21 | -------------------------------------------------------------------------------- /terraform-aws-ec2-with-vpc/instance.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "web" { 2 | ami = lookup(var.ami_id, var.region) 3 | instance_type = var.instance_type 4 | 5 | # Public Subnet assign to instance 6 | subnet_id = aws_subnet.public_1.id 7 | 8 | # Security group assign to instance 9 | vpc_security_group_ids=[aws_security_group.allow_ssh.id] 10 | 11 | # key name 12 | key_name = var.key_name 13 | 14 | tags = { 15 | Name = "Ec2-with-VPC" 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /terraform-aws-ec2-with-vpc/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /terraform-aws-ec2-with-vpc/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | egress { 15 | from_port = 0 16 | to_port = 0 17 | protocol = "-1" 18 | cidr_blocks = ["0.0.0.0/0"] 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /terraform-aws-ec2-with-vpc/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | variable "key_name" { 18 | type = "string" 19 | default = "ec2-demo" 20 | } 21 | 22 | variable "cidr" { 23 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 24 | type = string 25 | default = "10.0.0.0/16" 26 | } 27 | variable "instance_tenancy" { 28 | description = "A tenancy option for instances launched into the VPC" 29 | type = string 30 | default = "default" 31 | } 32 | 33 | variable "enable_dns_hostnames" { 34 | description = "Should be true to enable DNS hostnames in the VPC" 35 | type = bool 36 | default = true 37 | } 38 | 39 | variable "enable_dns_support" { 40 | description = "Should be true to enable DNS support in the VPC" 41 | type = bool 42 | default = true 43 | } 44 | 45 | variable "enable_classiclink" { 46 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 47 | type = bool 48 | default = false 49 | } 50 | 51 | variable "tags" { 52 | description = "A map of tags to add to all resources" 53 | type = string 54 | default = "Vpc-custom-demo" 55 | } 56 | -------------------------------------------------------------------------------- /terraform-aws-ec2-with-vpc/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | vpc_id = aws_vpc.vpc_demo.id 23 | map_public_ip_on_launch = true 24 | cidr_block = "10.0.1.0/24" 25 | 26 | tags = { 27 | Name = "public_1-demo" 28 | } 29 | } 30 | 31 | resource "aws_route_table" "route-public" { 32 | vpc_id = aws_vpc.vpc_demo.id 33 | 34 | route { 35 | cidr_block = "10.0.0.0/0" 36 | gateway_id = aws_internet_gateway.gw.id 37 | } 38 | 39 | tags = { 40 | Name = "public-route-table-demo" 41 | } 42 | } 43 | 44 | resource "aws_route_table_association" "public_1" { 45 | subnet_id = aws_subnet.public_1.id 46 | route_table_id = aws_route_table.route-public.id 47 | } 48 | -------------------------------------------------------------------------------- /terraform-aws-elasticsearch/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | 3 | 4 | ## Introduction 5 | 6 | This module will create: 7 | - Elasticsearch cluster with the specified node count in aws 8 | - Elasticsearch domain policy that accepts a list of IAM role ARNs from which to permit management traffic to the cluster 9 | 10 | __NOTE:__ To enable [zone awareness](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains.html#es-managedomains-zoneawareness) to deploy Elasticsearch nodes into two different Availability Zones, you need to set `zone_awareness_enabled` to `true` 11 | If you don't enable zone awareness, Amazon ES places an endpoint into only one subnet. 12 | 13 | ## Usage 14 | 15 | Basic [example](examples/basic) 16 | 17 | ```hcl 18 | module "elasticsearch" { 19 | source = "git::https://github.com/easyawslearn/Terraform-Tutorial/terraform-aws-elasticsearch.git" 20 | domain_name = "eg" 21 | elasticsearch_version = "6.5" 22 | zone_awareness_enabled = "false" 23 | instance_type = "t2.small.elasticsearch" 24 | instance_count = 2 25 | encrypt_at_rest_enabled = true 26 | 27 | advanced_options { 28 | "rest.action.multi.allow_explicit_index" = "true" 29 | } 30 | } 31 | ``` 32 | 33 | 34 | ## Developing 35 | 36 | - **Terraform**: v0.11.14 37 | - **Terraform Docs**: https://www.terraform.io/docs/configuration-0-11/index.html 38 | 39 | 40 | 41 | ## Inputs 42 | 43 | | Name | Description | Type | Default | Required | 44 | |------|-------------|:----:|:-----:|:-----:| 45 | | advanced_options | Key-value string pairs to specify advanced configuration options | map(string) | `` | no | 46 | | automated_snapshot_start_hour | Hour at which automated snapshots are taken, in UTC | number | `0` | no | 47 | | availability_zone_count | Number of Availability Zones for the domain to use. | number | `2` | no | 48 | | dedicated_master_count | Number of dedicated master nodes in the cluster | number | `0` | no | 49 | | dedicated_master_enabled | Indicates whether dedicated master nodes are enabled for the cluster | bool | `false` | no | 50 | | dedicated_master_type | Instance type of the dedicated master nodes in the cluster | string | `t2.small.elasticsearch` | no | 51 | | ebs_iops | The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type | number | `0` | no | 52 | | ebs_volume_size | EBS volumes for data storage in GB | number | `0` | no | 53 | | ebs_volume_type | Storage type of EBS volumes | string | `gp2` | no | 54 | | elasticsearch_version | Version of Elasticsearch to deploy | string | `6.5` | no | 55 | | enabled | Set to false to prevent the module from creating any resources | bool | `true` | no | 56 | | encrypt_at_rest_enabled | Whether to enable encryption at rest | bool | `true` | no | 57 | | encrypt_at_rest_kms_key_id | The KMS key ID to encrypt the Elasticsearch domain with. If not specified, then it defaults to using the AWS/Elasticsearch service KMS key | string | `` | no | 58 | | instance_count | Number of data nodes in the cluster | number | `4` | no | 59 | | instance_type | Elasticsearch instance type for data nodes in the cluster | string | `t2.small.elasticsearch` | no | 60 | | log_publishing_application_cloudwatch_log_group_arn | ARN of the CloudWatch log group to which log for ES_APPLICATION_LOGS needs to be published | string | `` | no | 61 | | log_publishing_application_enabled | Specifies whether log publishing option for ES_APPLICATION_LOGS is enabled or not | bool | `false` | no | 62 | | log_publishing_index_cloudwatch_log_group_arn | ARN of the CloudWatch log group to which log for INDEX_SLOW_LOGS needs to be published | string | `` | no | 63 | | log_publishing_index_enabled | Specifies whether log publishing option for INDEX_SLOW_LOGS is enabled or not | bool | `false` | no | 64 | | log_publishing_search_cloudwatch_log_group_arn | ARN of the CloudWatch log group to which log for SEARCH_SLOW_LOGS needs to be published | string | `` | no | 65 | | log_publishing_search_enabled | Specifies whether log publishing option for SEARCH_SLOW_LOGS is enabled or not | bool | `false` | no | 66 | | domain_name | Name of the application | string | - | yes | 67 | | namespace | Namespace (e.g. `eg` or `cp`) | string | `` | no | 68 | | node_to_node_encryption_enabled | Whether to enable node-to-node encryption | bool | `false` | no | 69 | | zone_awareness_enabled | Enable zone awareness for Elasticsearch cluster | bool | `true` | no | 70 | 71 | ## Outputs 72 | 73 | | Name | Description | 74 | |------|-------------| 75 | | domain_arn | ARN of the Elasticsearch domain | 76 | | domain_endpoint | Domain-specific endpoint used to submit index, search, and data upload requests | 77 | | domain_hostname | Elasticsearch domain hostname to submit index, search, and data upload requests | 78 | | domain_id | Unique identifier for the Elasticsearch domain | 79 | | elasticsearch_user_iam_role_arn | The ARN of the IAM role to allow access to Elasticsearch cluster | 80 | | elasticsearch_user_iam_role_name | The name of the IAM role to allow access to Elasticsearch cluster | 81 | 82 | 83 | 84 | 85 | 86 | ## References 87 | 88 | For additional context, refer to some of these links. 89 | 90 | - [What is Amazon Elasticsearch Service](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/what-is-amazon-elasticsearch-service.html) - Complete description of Amazon Elasticsearch Service 91 | - [Amazon Elasticsearch Service Access Control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html) - Describes several ways of controlling access to Elasticsearch domains 92 | - [VPC Support for Amazon Elasticsearch Service Domains](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html) - Describes Elasticsearch Service VPC Support and VPC architectures with and without zone awareness 93 | - [Creating and Configuring Amazon Elasticsearch Service Domains](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-createupdatedomains.html) - Provides a complete description on how to create and configure Amazon Elasticsearch Service (Amazon ES) domains 94 | - [Kibana and Logstash](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-kibana.html) - Describes some considerations for using Kibana and Logstash with Amazon Elasticsearch Service 95 | - [Control Access to Amazon Elasticsearch Service Domain](https://aws.amazon.com/blogs/security/how-to-control-access-to-your-amazon-elasticsearch-service-domain/) - Describes how to Control Access to Amazon Elasticsearch Service Domain 96 | - [elasticsearch_domain](https://www.terraform.io/docs/providers/aws/r/elasticsearch_domain.html) - Terraform reference documentation for the `elasticsearch_domain` resource 97 | - [elasticsearch_domain_policy](https://www.terraform.io/docs/providers/aws/r/elasticsearch_domain_policy.html) - Terraform reference documentation for the `elasticsearch_domain_policy` resource 98 | -------------------------------------------------------------------------------- /terraform-aws-elasticsearch/iam_role_policy.tf: -------------------------------------------------------------------------------- 1 | 2 | # Role that pods can assume for access to elasticsearch and kibana 3 | resource "aws_iam_role" "elasticsearch_user" { 4 | name = "module.user_label.id" 5 | assume_role_policy = join("", data.aws_iam_policy_document.assume_role.*.json) 6 | description = "IAM Role to assume to access the Elasticsearch module.label.id cluster" 7 | 8 | tags = { 9 | tag-key = "tag-value" 10 | } 11 | } 12 | 13 | data "aws_iam_policy_document" "assume_role" { 14 | 15 | statement { 16 | actions = [ 17 | "sts:AssumeRole" 18 | ] 19 | 20 | principals { 21 | type = "Service" 22 | identifiers = ["ec2.amazonaws.com"] 23 | } 24 | 25 | principals { 26 | type = "AWS" 27 | identifiers = ["*"] 28 | } 29 | 30 | effect = "Allow" 31 | } 32 | } 33 | 34 | 35 | data "aws_iam_policy_document" "default" { 36 | 37 | statement { 38 | actions = ["es:*", ] 39 | resources = [ 40 | join("", aws_elasticsearch_domain.default.*.arn), 41 | "${join("", aws_elasticsearch_domain.default.*.arn)}/*" 42 | ] 43 | 44 | principals { 45 | type = "AWS" 46 | identifiers = ["*"] 47 | } 48 | } 49 | } 50 | 51 | resource "aws_elasticsearch_domain_policy" "default" { 52 | domain_name = "easyaws" 53 | access_policies = join("", data.aws_iam_policy_document.default.*.json) 54 | } 55 | -------------------------------------------------------------------------------- /terraform-aws-elasticsearch/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | version = "~> 2.0" 4 | } 5 | 6 | resource "aws_elasticsearch_domain" "default" { 7 | domain_name = var.domain_name 8 | elasticsearch_version = var.elasticsearch_version 9 | 10 | advanced_options = var.advanced_options 11 | 12 | ebs_options { 13 | ebs_enabled = var.ebs_volume_size > 0 ? true : false 14 | volume_size = var.ebs_volume_size 15 | volume_type = var.ebs_volume_type 16 | iops = var.ebs_iops 17 | } 18 | 19 | encrypt_at_rest { 20 | enabled = var.encrypt_at_rest_enabled 21 | kms_key_id = var.encrypt_at_rest_kms_key_id 22 | } 23 | 24 | cluster_config { 25 | instance_count = var.instance_count 26 | instance_type = var.instance_type 27 | dedicated_master_enabled = var.dedicated_master_enabled 28 | dedicated_master_count = var.dedicated_master_count 29 | dedicated_master_type = var.dedicated_master_type 30 | zone_awareness_enabled = var.zone_awareness_enabled 31 | 32 | zone_awareness_config { 33 | availability_zone_count = var.availability_zone_count 34 | } 35 | } 36 | 37 | node_to_node_encryption { 38 | enabled = var.node_to_node_encryption_enabled 39 | } 40 | 41 | snapshot_options { 42 | automated_snapshot_start_hour = var.automated_snapshot_start_hour 43 | } 44 | 45 | log_publishing_options { 46 | enabled = var.log_publishing_index_enabled 47 | log_type = "INDEX_SLOW_LOGS" 48 | cloudwatch_log_group_arn = var.log_publishing_index_cloudwatch_log_group_arn 49 | } 50 | 51 | log_publishing_options { 52 | enabled = var.log_publishing_search_enabled 53 | log_type = "SEARCH_SLOW_LOGS" 54 | cloudwatch_log_group_arn = var.log_publishing_search_cloudwatch_log_group_arn 55 | } 56 | 57 | log_publishing_options { 58 | enabled = var.log_publishing_application_enabled 59 | log_type = "ES_APPLICATION_LOGS" 60 | cloudwatch_log_group_arn = var.log_publishing_application_cloudwatch_log_group_arn 61 | } 62 | 63 | tags = { 64 | Domain = "TestDomain" 65 | } 66 | 67 | } 68 | -------------------------------------------------------------------------------- /terraform-aws-elasticsearch/output.tf: -------------------------------------------------------------------------------- 1 | 2 | output "domain_arn" { 3 | value = join("", aws_elasticsearch_domain.default.*.arn) 4 | description = "ARN of the Elasticsearch domain" 5 | } 6 | 7 | output "domain_id" { 8 | value = join("", aws_elasticsearch_domain.default.*.domain_id) 9 | description = "Unique identifier for the Elasticsearch domain" 10 | } 11 | 12 | output "domain_endpoint" { 13 | value = join("", aws_elasticsearch_domain.default.*.endpoint) 14 | description = "Domain-specific endpoint used to submit index, search, and data upload requests" 15 | } 16 | 17 | output "elasticsearch_user_iam_role_name" { 18 | value = join(",", aws_iam_role.elasticsearch_user.*.name) 19 | description = "The name of the IAM role to allow access to Elasticsearch cluster" 20 | } 21 | 22 | output "elasticsearch_user_iam_role_arn" { 23 | value = join(",", aws_iam_role.elasticsearch_user.*.arn) 24 | description = "The ARN of the IAM role to allow access to Elasticsearch cluster" 25 | } 26 | -------------------------------------------------------------------------------- /terraform-aws-elasticsearch/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-2" 4 | } 5 | 6 | variable "domain_name" { 7 | type = string 8 | default = "easyaws" 9 | description = "name of Elasticsearch Domain" 10 | } 11 | 12 | variable "elasticsearch_version" { 13 | type = string 14 | default = "6.5" 15 | description = "Version of Elasticsearch to deploy" 16 | } 17 | 18 | variable "instance_type" { 19 | type = string 20 | default = "t2.small.elasticsearch" 21 | description = "Elasticsearch instance type for data nodes in the cluster" 22 | } 23 | 24 | variable "instance_count" { 25 | type = number 26 | description = "Number of data nodes in the cluster" 27 | default = 1 28 | } 29 | 30 | variable "zone_awareness_enabled" { 31 | type = bool 32 | default = true 33 | description = "Enable zone awareness for Elasticsearch cluster" 34 | } 35 | 36 | variable "availability_zone_count" { 37 | type = number 38 | default = 2 39 | description = "Number of Availability Zones for the domain to use." 40 | } 41 | 42 | variable "ebs_volume_size" { 43 | type = number 44 | description = "EBS volumes for data storage in GB" 45 | default = 20 46 | } 47 | 48 | variable "ebs_volume_type" { 49 | type = string 50 | default = "gp2" 51 | description = "Storage type of EBS volumes" 52 | } 53 | 54 | variable "ebs_iops" { 55 | type = number 56 | default = 0 57 | description = "The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type" 58 | } 59 | 60 | variable "encrypt_at_rest_enabled" { 61 | type = bool 62 | default = false 63 | description = "Whether to enable encryption at rest" 64 | } 65 | 66 | variable "encrypt_at_rest_kms_key_id" { 67 | type = string 68 | default = "" 69 | description = "The KMS key ID to encrypt the Elasticsearch domain with. If not specified, then it defaults to using the AWS/Elasticsearch service KMS key" 70 | } 71 | 72 | variable "log_publishing_index_enabled" { 73 | type = bool 74 | default = false 75 | description = "Specifies whether log publishing option for INDEX_SLOW_LOGS is enabled or not" 76 | } 77 | 78 | variable "log_publishing_search_enabled" { 79 | type = bool 80 | default = false 81 | description = "Specifies whether log publishing option for SEARCH_SLOW_LOGS is enabled or not" 82 | } 83 | 84 | variable "log_publishing_application_enabled" { 85 | type = bool 86 | default = false 87 | description = "Specifies whether log publishing option for ES_APPLICATION_LOGS is enabled or not" 88 | } 89 | 90 | variable "log_publishing_index_cloudwatch_log_group_arn" { 91 | type = string 92 | default = "" 93 | description = "ARN of the CloudWatch log group to which log for INDEX_SLOW_LOGS needs to be published" 94 | } 95 | 96 | variable "log_publishing_search_cloudwatch_log_group_arn" { 97 | type = string 98 | default = "" 99 | description = "ARN of the CloudWatch log group to which log for SEARCH_SLOW_LOGS needs to be published" 100 | } 101 | 102 | variable "log_publishing_application_cloudwatch_log_group_arn" { 103 | type = string 104 | default = "" 105 | description = "ARN of the CloudWatch log group to which log for ES_APPLICATION_LOGS needs to be published" 106 | } 107 | 108 | variable "automated_snapshot_start_hour" { 109 | type = number 110 | description = "Hour at which automated snapshots are taken, in UTC" 111 | default = 0 112 | } 113 | 114 | variable "dedicated_master_enabled" { 115 | type = bool 116 | default = false 117 | description = "Indicates whether dedicated master nodes are enabled for the cluster" 118 | } 119 | 120 | variable "dedicated_master_count" { 121 | type = number 122 | description = "Number of dedicated master nodes in the cluster" 123 | default = 0 124 | } 125 | 126 | variable "dedicated_master_type" { 127 | type = string 128 | default = "t2.small.elasticsearch" 129 | description = "Instance type of the dedicated master nodes in the cluster" 130 | } 131 | 132 | variable "advanced_options" { 133 | type = map(string) 134 | default = {} 135 | description = "Key-value string pairs to specify advanced configuration options" 136 | } 137 | 138 | 139 | variable "node_to_node_encryption_enabled" { 140 | type = bool 141 | default = false 142 | description = "Whether to enable node-to-node encryption" 143 | } 144 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/elb.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | 5 | resource "aws_lb" "elb_example" { 6 | name = "elb" 7 | internal = false 8 | load_balancer_type = "application" 9 | security_groups = [aws_security_group.elb_sg.id] 10 | subnets = [aws_subnet.public_1.id,aws_subnet.public_2.id] 11 | 12 | enable_deletion_protection = true 13 | tags = { 14 | Environment = "elb-example" 15 | } 16 | } 17 | 18 | resource "aws_lb_listener" "front_end" { 19 | load_balancer_arn = aws_lb.elb_example.arn 20 | port = "80" 21 | protocol = "HTTP" 22 | 23 | default_action { 24 | type = "forward" 25 | target_group_arn = aws_lb_target_group.test.arn 26 | 27 | } 28 | } 29 | 30 | resource "aws_lb_target_group" "test" { 31 | name = "tf-example-lb-tg" 32 | port = 80 33 | protocol = "HTTP" 34 | target_type="instance" 35 | vpc_id = aws_vpc.vpc_demo.id 36 | } 37 | 38 | resource "aws_lb_target_group_attachment" "test" { 39 | target_group_arn = aws_lb_target_group.test.arn 40 | target_id = aws_instance.elb_instance_example1.id 41 | port = 80 42 | } 43 | resource "aws_lb_target_group_attachment" "test1" { 44 | target_group_arn = aws_lb_target_group.test.arn 45 | target_id = aws_instance.elb_instance_example2.id 46 | port = 80 47 | } 48 | 49 | 50 | output "elb_example" { 51 | description = "The DNS name of the ELB" 52 | value = aws_lb.elb_example.dns_name 53 | } 54 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/instances.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "elb_instance_example1" { 2 | ami = lookup(var.ami_id, var.region) 3 | instance_type = var.instance_type 4 | subnet_id = aws_subnet.public_1.id 5 | 6 | # Security group assign to instance 7 | vpc_security_group_ids = [aws_security_group.elb_sg.id] 8 | 9 | # key name 10 | key_name = var.key_name 11 | 12 | user_data = <Deployed ELB Instance Example 1" | sudo tee /var/www/html/index.html 19 | EOF 20 | 21 | tags = { 22 | Name = "EC2-Instance-1" 23 | } 24 | } 25 | 26 | resource "aws_instance" "elb_instance_example2" { 27 | ami = lookup(var.ami_id, var.region) 28 | instance_type = var.instance_type 29 | subnet_id = aws_subnet.public_1.id 30 | 31 | # Security group assign to instance 32 | vpc_security_group_ids = [aws_security_group.elb_sg.id] 33 | 34 | # key name 35 | key_name = var.key_name 36 | 37 | user_data = <Deployed ELB Instance Example 2" | sudo tee /var/www/html/index.html 44 | EOF 45 | 46 | tags = { 47 | Name = "EC2-Instance-1" 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/route53.tf: -------------------------------------------------------------------------------- 1 | resource "aws_route53_zone" "easy_aws" { 2 | name = "easyaws.in" 3 | 4 | tags = { 5 | Environment = "dev" 6 | } 7 | } 8 | 9 | resource "aws_route53_record" "www" { 10 | zone_id = aws_route53_zone.easy_aws.zone_id 11 | name = "www.easyaws.in" 12 | type = "A" 13 | 14 | alias { 15 | name = aws_lb.elb_example.dns_name 16 | zone_id = aws_lb.elb_example.zone_id 17 | evaluate_target_health = true 18 | } 19 | 20 | } 21 | 22 | output "name_server"{ 23 | value=aws_route53_zone.easy_aws.name_servers 24 | } 25 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "elb_sg" { 2 | name = "allow_SSH" 3 | description = "Allow SSH inbound traffic" 4 | vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | ingress { 15 | # SSH Port 22 allowed from any IP 16 | from_port = 80 17 | to_port = 80 18 | protocol = "tcp" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | egress { 23 | from_port = 0 24 | to_port = 0 25 | protocol = "-1" 26 | cidr_blocks = ["0.0.0.0/0"] 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | us-east-2 = "ami-02ccb28830b645a41" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | variable "key_name" { 18 | type = "string" 19 | default = "ec2-demo" 20 | } 21 | 22 | variable "cidr" { 23 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 24 | type = string 25 | default = "10.0.0.0/16" 26 | } 27 | variable "instance_tenancy" { 28 | description = "A tenancy option for instances launched into the VPC" 29 | type = string 30 | default = "default" 31 | } 32 | 33 | variable "enable_dns_hostnames" { 34 | description = "Should be true to enable DNS hostnames in the VPC" 35 | type = bool 36 | default = true 37 | } 38 | 39 | variable "enable_dns_support" { 40 | description = "Should be true to enable DNS support in the VPC" 41 | type = bool 42 | default = true 43 | } 44 | 45 | variable "enable_classiclink" { 46 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 47 | type = bool 48 | default = false 49 | } 50 | 51 | variable "tags" { 52 | description = "A map of tags to add to all resources" 53 | type = string 54 | default = "Vpc-custom-demo" 55 | } 56 | -------------------------------------------------------------------------------- /terraform-aws-elb-alb/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | availability_zone = "us-east-1a" 23 | vpc_id = aws_vpc.vpc_demo.id 24 | map_public_ip_on_launch = true 25 | cidr_block = "10.0.1.0/24" 26 | 27 | tags = { 28 | Name = "public_1-demo" 29 | } 30 | } 31 | 32 | resource "aws_subnet" "public_2" { 33 | availability_zone = "us-east-1b" 34 | vpc_id = aws_vpc.vpc_demo.id 35 | map_public_ip_on_launch = true 36 | cidr_block = "10.0.2.0/24" 37 | 38 | tags = { 39 | Name = "public_1-demo" 40 | } 41 | } 42 | 43 | resource "aws_route_table" "route-public" { 44 | vpc_id = aws_vpc.vpc_demo.id 45 | 46 | route { 47 | cidr_block = "10.0.0.0/0" 48 | gateway_id = aws_internet_gateway.gw.id 49 | } 50 | 51 | tags = { 52 | Name = "public-route-table-demo" 53 | } 54 | } 55 | 56 | resource "aws_route_table_association" "public_1" { 57 | subnet_id = aws_subnet.public_1.id 58 | route_table_id = aws_route_table.route-public.id 59 | } 60 | 61 | resource "aws_route_table_association" "public_2" { 62 | subnet_id = aws_subnet.public_2.id 63 | route_table_id = aws_route_table.route-public.id 64 | } 65 | -------------------------------------------------------------------------------- /terraform-aws-iam/iam/aws_iam_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_iam_group" "admin" { 2 | name = "developer-admin-group" 3 | } 4 | 5 | resource "aws_iam_policy_attachment" "admin-attach" { 6 | name = "admin-attachment" 7 | groups = [aws_iam_group.admin.name] 8 | policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" 9 | } 10 | # Customer Policy Attachment 11 | resource "aws_iam_group" "custom_admin" { 12 | name = "developer-admin-grp-custom-policy-example" 13 | } 14 | resource "aws_iam_group_policy" "Custom_developer_admin_policy" { 15 | name = "my_developer_policy" 16 | group = aws_iam_group.custom_admin.name 17 | 18 | policy = <Deployed via Terraform" | sudo tee /var/www/html/index.html 24 | EOF 25 | 26 | tags = { 27 | Name = "Private_IP" 28 | } 29 | } 30 | 31 | resource "aws_eip" "eip" { 32 | instance = aws_instance.IP_example.id 33 | vpc = true 34 | } 35 | 36 | output "public_ip" { 37 | value = aws_instance.IP_example.public_ip 38 | } 39 | -------------------------------------------------------------------------------- /terraform-aws-private-public-ip/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | 18 | variable "device_name" { 19 | type = "string" 20 | default = "/dev/xvdh" 21 | } 22 | variable "key_name" { 23 | type = "string" 24 | default = "ec2-demo" 25 | } 26 | 27 | variable "cidr" { 28 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 29 | type = string 30 | default = "10.0.0.0/16" 31 | } 32 | variable "instance_tenancy" { 33 | description = "A tenancy option for instances launched into the VPC" 34 | type = string 35 | default = "default" 36 | } 37 | 38 | variable "enable_dns_hostnames" { 39 | description = "Should be true to enable DNS hostnames in the VPC" 40 | type = bool 41 | default = true 42 | } 43 | 44 | variable "enable_dns_support" { 45 | description = "Should be true to enable DNS support in the VPC" 46 | type = bool 47 | default = true 48 | } 49 | 50 | variable "enable_classiclink" { 51 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 52 | type = bool 53 | default = false 54 | } 55 | 56 | variable "tags" { 57 | description = "A map of tags to add to all resources" 58 | type = string 59 | default = "Vpc-custom-demo" 60 | } 61 | -------------------------------------------------------------------------------- /terraform-aws-private-public-ip/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "aws_vpc" "vpc_demo" { 2 | cidr_block = var.cidr 3 | instance_tenancy = var.instance_tenancy 4 | enable_dns_hostnames = var.enable_dns_hostnames 5 | enable_dns_support = var.enable_dns_support 6 | enable_classiclink = var.enable_classiclink 7 | 8 | tags = { 9 | Name = var.tags 10 | } 11 | } 12 | 13 | resource "aws_internet_gateway" "gw" { 14 | vpc_id = aws_vpc.vpc_demo.id 15 | 16 | tags = { 17 | Name = "internet-gateway-demo" 18 | } 19 | } 20 | 21 | resource "aws_subnet" "public_1" { 22 | availability_zone = "us-east-1a" 23 | vpc_id = aws_vpc.vpc_demo.id 24 | map_public_ip_on_launch = true 25 | cidr_block = "10.0.1.0/24" 26 | 27 | tags = { 28 | Name = "public_1-demo" 29 | } 30 | } 31 | 32 | resource "aws_route_table" "route-public" { 33 | vpc_id = aws_vpc.vpc_demo.id 34 | 35 | route { 36 | cidr_block = "10.0.0.0/0" 37 | gateway_id = aws_internet_gateway.gw.id 38 | } 39 | 40 | tags = { 41 | Name = "public-route-table-demo" 42 | } 43 | } 44 | 45 | resource "aws_route_table_association" "public_1" { 46 | subnet_id = aws_subnet.public_1.id 47 | route_table_id = aws_route_table.route-public.id 48 | } 49 | 50 | resource "aws_security_group" "allow_ssh" { 51 | name = "allow_SSH" 52 | description = "Allow SSH inbound traffic" 53 | vpc_id = aws_vpc.vpc_demo.id 54 | 55 | ingress { 56 | # SSH Port 22 allowed from any IP 57 | from_port = 22 58 | to_port = 22 59 | protocol = "tcp" 60 | cidr_blocks = ["0.0.0.0/0"] 61 | } 62 | 63 | ingress { 64 | # SSH Port 80 allowed from any IP 65 | from_port = 80 66 | to_port = 80 67 | protocol = "tcp" 68 | cidr_blocks = ["0.0.0.0/0"] 69 | } 70 | 71 | egress { 72 | from_port = 0 73 | to_port = 0 74 | protocol = "-1" 75 | cidr_blocks = ["0.0.0.0/0"] 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /terraform-aws-rds-dynamoDb/dynamodb.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | version = "~> 2.0" 4 | } 5 | 6 | resource "aws_dynamodb_table" "basic-dynamodb-table" { 7 | name = "DynamoDB-Terraform" 8 | billing_mode = "PROVISIONED" 9 | read_capacity = 20 10 | write_capacity = 20 11 | hash_key = "UserId" 12 | range_key = "Name" 13 | 14 | attribute { 15 | name = "UserId" 16 | type = "S" 17 | } 18 | 19 | attribute { 20 | name = "Name" 21 | type = "S" 22 | } 23 | 24 | ttl { 25 | attribute_name = "TimeToExist" 26 | enabled = false 27 | } 28 | 29 | global_secondary_index { 30 | name = "UserTitleIndex" 31 | hash_key = "UserId" 32 | range_key = "Name" 33 | write_capacity = 10 34 | read_capacity = 10 35 | projection_type = "INCLUDE" 36 | non_key_attributes = ["UserId"] 37 | } 38 | 39 | tags = { 40 | Name = "dynamodb-table" 41 | Environment = "Training" 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /terraform-aws-rds-mariaDb/instance.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | 6 | 7 | resource "aws_instance" "rds_example" { 8 | ami = lookup(var.ami_id, var.region) 9 | instance_type = var.instance_type 10 | subnet_id = aws_subnet.public_1.id 11 | 12 | # Security group assign to instance 13 | vpc_security_group_ids = [aws_security_group.allow_ssh_http.id] 14 | availability_zone="us-east-1a" 15 | # key name 16 | key_name = var.key_name 17 | 18 | user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html 25 | EOF 26 | 27 | tags = { 28 | Name = "RDS_MariaDB_Example" 29 | } 30 | } 31 | 32 | 33 | output "public_ip" { 34 | value = aws_instance.rds_example.public_ip 35 | } 36 | -------------------------------------------------------------------------------- /terraform-aws-rds-mariaDb/mariadb.tf: -------------------------------------------------------------------------------- 1 | resource "aws_db_parameter_group" "default" { 2 | name = "mariadb" 3 | family = "mariadb10.2" 4 | 5 | parameter { 6 | name = "max_allowed_packet" 7 | value = "16777216" 8 | } 9 | } 10 | 11 | resource "aws_db_subnet_group" "default" { 12 | name = "main" 13 | subnet_ids = [aws_subnet.private_1.id, aws_subnet.private_2.id] 14 | 15 | tags = { 16 | Name = "My DB subnet group" 17 | } 18 | } 19 | 20 | resource "aws_db_instance" "default" { 21 | allocated_storage = 20 22 | storage_type = "gp2" 23 | engine = "mariadb" 24 | engine_version = "10.2.21" 25 | instance_class = "db.t2.micro" 26 | name = "mydb" 27 | username = "root" 28 | password = "foobarbaz" 29 | parameter_group_name = "mariadb" 30 | db_subnet_group_name=aws_db_subnet_group.default.name 31 | vpc_security_group_ids=[aws_security_group.db.id] 32 | availability_zone=aws_subnet.private_1.availability_zone 33 | } 34 | 35 | output "end_point" { 36 | value = aws_db_instance.default.endpoint 37 | } 38 | -------------------------------------------------------------------------------- /terraform-aws-rds-mariaDb/security_group.tf: -------------------------------------------------------------------------------- 1 | resource "aws_security_group" "allow_ssh_http" { 2 | name = "allow_SSH_http" 3 | description = "Allow SSH inbound traffic" 4 | vpc_id = aws_vpc.vpc_demo.id 5 | 6 | ingress { 7 | # SSH Port 22 allowed from any IP 8 | from_port = 22 9 | to_port = 22 10 | protocol = "tcp" 11 | cidr_blocks = ["0.0.0.0/0"] 12 | } 13 | 14 | ingress { 15 | # SSH Port 80 allowed from any IP 16 | from_port = 80 17 | to_port = 80 18 | protocol = "tcp" 19 | cidr_blocks = ["0.0.0.0/0"] 20 | } 21 | 22 | egress { 23 | from_port = 0 24 | to_port = 0 25 | protocol = "-1" 26 | cidr_blocks = ["0.0.0.0/0"] 27 | } 28 | } 29 | 30 | resource "aws_security_group" "db" { 31 | name = "allow_SSH" 32 | description = "Allow SSH inbound traffic" 33 | vpc_id = aws_vpc.vpc_demo.id 34 | 35 | ingress { 36 | # SSH Port 22 allowed from any IP 37 | from_port = 3306 38 | to_port = 3306 39 | protocol = "tcp" 40 | security_groups =[aws_security_group.allow_ssh_http.id] 41 | } 42 | 43 | egress { 44 | from_port = 0 45 | to_port = 0 46 | protocol = "-1" 47 | cidr_blocks = ["0.0.0.0/0"] 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /terraform-aws-rds-mariaDb/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = "string" 3 | default = "us-east-1" 4 | } 5 | variable "ami_id" { 6 | type = "map" 7 | default = { 8 | us-east-1 = "ami-035b3c7efe6d061d5" 9 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 10 | eu-central-1 = "ami-9787h5h6nsn75gd33" 11 | } 12 | } 13 | variable "instance_type" { 14 | type = "string" 15 | default = "t2.micro" 16 | } 17 | 18 | variable "device_name" { 19 | type = "string" 20 | default = "/dev/xvdh" 21 | } 22 | variable "key_name" { 23 | type = "string" 24 | default = "ec2-demo" 25 | } 26 | 27 | variable "cidr" { 28 | description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden" 29 | type = string 30 | default = "10.0.0.0/16" 31 | } 32 | variable "instance_tenancy" { 33 | description = "A tenancy option for instances launched into the VPC" 34 | type = string 35 | default = "default" 36 | } 37 | 38 | variable "enable_dns_hostnames" { 39 | description = "Should be true to enable DNS hostnames in the VPC" 40 | type = bool 41 | default = true 42 | } 43 | 44 | variable "enable_dns_support" { 45 | description = "Should be true to enable DNS support in the VPC" 46 | type = bool 47 | default = true 48 | } 49 | 50 | variable "enable_classiclink" { 51 | description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic." 52 | type = bool 53 | default = false 54 | } 55 | 56 | variable "tags" { 57 | description = "A map of tags to add to all resources" 58 | type = string 59 | default = "Vpc-custom-demo" 60 | } 61 | -------------------------------------------------------------------------------- /terraform-aws-rds-mariaDb/vpc.tf: -------------------------------------------------------------------------------- 1 | ###### 2 | # VPC 3 | ###### 4 | #terraform version >= 12 5 | ############ 6 | resource "aws_vpc" "vpc_demo" { 7 | cidr_block = var.cidr 8 | instance_tenancy = var.instance_tenancy 9 | enable_dns_hostnames = var.enable_dns_hostnames 10 | enable_dns_support = var.enable_dns_support 11 | enable_classiclink = var.enable_classiclink 12 | 13 | tags = { 14 | Name = var.tags 15 | } 16 | 17 | } 18 | resource "aws_internet_gateway" "gw" { 19 | vpc_id = "${aws_vpc.vpc_demo.id}" 20 | 21 | tags = { 22 | Name = "internet-gateway-demo" 23 | } 24 | } 25 | 26 | 27 | resource "aws_subnet" "private_1" { 28 | availability_zone = "us-east-1a" 29 | vpc_id = aws_vpc.vpc_demo.id 30 | map_public_ip_on_launch = false 31 | cidr_block = "10.0.4.0/24" 32 | 33 | tags = { 34 | Name = "private_1-demo" 35 | } 36 | } 37 | resource "aws_subnet" "private_2" { 38 | availability_zone = "us-east-1b" 39 | vpc_id = aws_vpc.vpc_demo.id 40 | map_public_ip_on_launch = false 41 | cidr_block = "10.0.5.0/24" 42 | 43 | tags = { 44 | Name = "private_2-demo" 45 | } 46 | } 47 | resource "aws_subnet" "private_3" { 48 | availability_zone = "us-east-1c" 49 | vpc_id = aws_vpc.vpc_demo.id 50 | map_public_ip_on_launch = false 51 | cidr_block = "10.0.6.0/24" 52 | 53 | tags = { 54 | Name = "private_3-demo" 55 | } 56 | } 57 | resource "aws_subnet" "public_1" { 58 | availability_zone = "us-east-1a" 59 | vpc_id = aws_vpc.vpc_demo.id 60 | map_public_ip_on_launch = true 61 | cidr_block = "10.0.1.0/24" 62 | 63 | tags = { 64 | Name = "public_1-demo" 65 | } 66 | } 67 | resource "aws_subnet" "public_2" { 68 | vpc_id = aws_vpc.vpc_demo.id 69 | availability_zone = "us-east-1b" 70 | map_public_ip_on_launch = true 71 | cidr_block = "10.0.2.0/24" 72 | 73 | tags = { 74 | Name = "public_2-demo" 75 | } 76 | } 77 | resource "aws_subnet" "public_3" { 78 | availability_zone = "us-east-1c" 79 | vpc_id = aws_vpc.vpc_demo.id 80 | map_public_ip_on_launch = true 81 | cidr_block = "10.0.3.0/24" 82 | 83 | tags = { 84 | Name = "public_3-demo" 85 | } 86 | } 87 | resource "aws_route_table" "route-public" { 88 | vpc_id = "${aws_vpc.vpc_demo.id}" 89 | 90 | route { 91 | cidr_block = "10.0.0.0/0" 92 | gateway_id = "${aws_internet_gateway.gw.id}" 93 | } 94 | 95 | tags = { 96 | Name = "public-route-table-demo" 97 | } 98 | } 99 | 100 | resource "aws_route_table_association" "public_1" { 101 | subnet_id = "${aws_subnet.public_1.id}" 102 | route_table_id = "${aws_route_table.route-public.id}" 103 | } 104 | 105 | resource "aws_route_table_association" "public_2" { 106 | subnet_id = "${aws_subnet.public_2.id}" 107 | route_table_id = "${aws_route_table.route-public.id}" 108 | } 109 | 110 | resource "aws_route_table_association" "public_3" { 111 | subnet_id = "${aws_subnet.public_3.id}" 112 | route_table_id = "${aws_route_table.route-public.id}" 113 | } 114 | 115 | resource "aws_route_table" "route_private" { 116 | vpc_id = "${aws_vpc.vpc_demo.id}" 117 | 118 | tags = { 119 | Name = "private-route-table-demo" 120 | } 121 | } 122 | 123 | resource "aws_route_table_association" "private_1" { 124 | subnet_id = "${aws_subnet.private_1.id}" 125 | route_table_id = "${aws_route_table.route_private.id}" 126 | } 127 | resource "aws_route_table_association" "private_2" { 128 | subnet_id = "${aws_subnet.private_2.id}" 129 | route_table_id = "${aws_route_table.route_private.id}" 130 | } 131 | resource "aws_route_table_association" "private_3" { 132 | subnet_id = "${aws_subnet.private_3.id}" 133 | route_table_id = "${aws_route_table.route_private.id}" 134 | } 135 | -------------------------------------------------------------------------------- /terraform-aws-sns/example/.terraform.lock.hcl: -------------------------------------------------------------------------------- 1 | # This file is maintained automatically by "terraform init". 2 | # Manual edits may be lost in future updates. 3 | 4 | provider "registry.terraform.io/hashicorp/aws" { 5 | version = "4.22.0" 6 | constraints = ">= 3.1.15" 7 | hashes = [ 8 | "h1:KOsejPSvd2eEfuhtbLilFMnQZlaOJ53p7/NR+4qSibo=", 9 | "zh:299efb8ba733b7742f0ef1c5c5467819e0c7bf46264f5f36ba6b6674304a5244", 10 | "zh:4db198a41d248491204d4ca644662c32f748177d5cbe01f3c7adbb957d4d77f0", 11 | "zh:62ebc2b05b25eafecb1a75f19d6fc5551faf521ada9df9e5682440d927f642e1", 12 | "zh:636b590840095b4f817c176034cf649f543c0ce514dc051d6d0994f0a05c53ef", 13 | "zh:8594bd8d442288873eee56c0b4535cbdf02cacfcf8f6ddcf8cd5f45bb1d3bc80", 14 | "zh:8e18a370949799f20ba967eec07a84aaedf95b3ee5006fe5af6eae13fbf39dc3", 15 | "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", 16 | "zh:aa968514231e404fb53311d8eae2e8b6bde1fdad1f4dd5a592ab93d9cbf11af4", 17 | "zh:af8e5c48bf36d4fff1a6fca760d5b85f14d657cbdf95e9cd5e898c68104bad31", 18 | "zh:d8a75ba36bf8b6f2e49be5682f48eccb6c667a4484afd676ae347213ae208622", 19 | "zh:dd7c419674a47e587dabe98b150a8f1f7e31c248c68e8bf5e9ca0a400b5e2c4e", 20 | "zh:fdeb6314a2ce97489bbbece59511f78306955e8a23b02cbd1485bd04185a3673", 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /terraform-aws-sns/example/example.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "eu-west-1" 3 | } 4 | 5 | module "sns_cloudwatch" { 6 | source = "github.com/easyawslearn/Terraform-Tutorial/terraform-aws-sns" 7 | cloudwatch_event_rule_name = "capture-aws-sign-in" 8 | description = "Capture each AWS Console Sign In" 9 | sns_name = "mysns" 10 | sns_display_name = "demosns" 11 | lambda_function_name = "S3cloudHub_Test_Lambda_Function" 12 | lambda_function_runtime = "python3.8" 13 | } 14 | -------------------------------------------------------------------------------- /terraform-aws-sns/example/version.tf: -------------------------------------------------------------------------------- 1 | # Terraform version 2 | terraform { 3 | required_version = ">= 0.14.11" 4 | 5 | required_providers { 6 | aws = { 7 | source = "hashicorp/aws" 8 | version = ">= 3.1.15" 9 | } 10 | } 11 | } 12 | 13 | -------------------------------------------------------------------------------- /terraform-aws-sns/main.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = var.region 3 | } 4 | 5 | resource "aws_cloudwatch_event_rule" "default" { 6 | count = var.enabled == true ? 1 : 0 7 | 8 | name = var.cloudwatch_event_rule_name 9 | description = var.description 10 | event_pattern = <= 12 5 | ############ 6 | resource "aws_vpc" "vpc_demo" { 7 | cidr_block = var.cidr 8 | instance_tenancy = var.instance_tenancy 9 | enable_dns_hostnames = var.enable_dns_hostnames 10 | enable_dns_support = var.enable_dns_support 11 | enable_classiclink = var.enable_classiclink 12 | 13 | tags = { 14 | Name = var.tags 15 | } 16 | 17 | } 18 | -------------------------------------------------------------------------------- /terraform-data-source/.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /terraform-data-source/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | Terraform Tutorial with all the Live Example 3 | -------------------------------------------------------------------------------- /terraform-data-source/aws-data-source-example.tf: -------------------------------------------------------------------------------- 1 | data "aws_vpc" "selected" { 2 | 3 | filter { 4 | name = "tag:Name" 5 | values = ["Default"] 6 | } 7 | } 8 | 9 | resource "aws_subnet" "example" { 10 | vpc_id = "${data.aws_vpc.selected.id}" 11 | cidr_block = "172.31.0.0/20" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-data-source/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /terraform-data-source/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" {} 2 | variable "secret_key" {} 3 | variable "region" { 4 | default = "us-east-1" 5 | } 6 | variable "ami_id" { 7 | type = "map" 8 | default = { 9 | us-east-1 = "ami-035b3c7efe6d061d5" 10 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 11 | eu-central-1 = "ami-9787h5h6nsn" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /terraform-for-each-example/main.tf: -------------------------------------------------------------------------------- 1 | variable "vpc_id" { 2 | description = "ID for the AWS VPC where a security group is to be created." 3 | } 4 | 5 | variable "subnet_numbers" { 6 | description = "List of 8-bit numbers of subnets of base_cidr_block that should be granted access." 7 | default = [1, 2, 3, 4, 5, 6] 8 | } 9 | 10 | data "aws_vpc" "example" { 11 | id = var.vpc_id 12 | } 13 | 14 | 15 | resource "aws_security_group" "example" { 16 | name = "for_each_example" 17 | description = "Allows access from friendly subnets" 18 | vpc_id = var.vpc_id 19 | 20 | ingress { 21 | from_port = 0 22 | to_port = 0 23 | protocol = -1 24 | 25 | cidr_blocks = [ 26 | for num in var.subnet_numbers: 27 | cidrsubnet(data.aws_vpc.example.cidr_block, 8, num) 28 | ] 29 | } 30 | } -------------------------------------------------------------------------------- /terraform-for-each-example/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "us-east-1" 3 | } 4 | -------------------------------------------------------------------------------- /terraform-module/main.tf: -------------------------------------------------------------------------------- 1 | # Demostration of pass agruments in module using variable 2 | module "module-example" { 3 | source = "github.com/Patelvijaykumar/terraform-aws-instance-template.git" 4 | 5 | region = "${var.region}" 6 | ami_id = "${var.ami_id}" 7 | instance_type = "${var.instance_type}" 8 | tag = "${var.tag}" 9 | 10 | } 11 | 12 | # # Demostration of pass agruments in module 13 | # module "module-example" { 14 | # source = "github.com/Patelvijaykumar/terraform-aws-instance-template.git" 15 | # 16 | # region = "us-east-1" 17 | # ami_id = "ami-035b3c7efe6d061d5" 18 | # instance_type = "t2.micro" 19 | # tag = "module example" 20 | # 21 | # } 22 | 23 | 24 | 25 | output "instance_public_ip_address"{ 26 | value="${module.module-example.instance_ip}" 27 | } 28 | -------------------------------------------------------------------------------- /terraform-module/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | default = "us-east-1" 3 | } 4 | 5 | variable "ami_id" { 6 | default = "ami-035b3c7efe6d061d5" 7 | } 8 | 9 | variable "instance_type" { 10 | default = "t2.micro" 11 | } 12 | 13 | variable "tag" { 14 | default = "t2.micro" 15 | } 16 | -------------------------------------------------------------------------------- /terraform-output/.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /terraform-output/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | Terraform Tutorial with all the Live Example 3 | -------------------------------------------------------------------------------- /terraform-output/arn.txt: -------------------------------------------------------------------------------- 1 | arn:aws:ec2:us-east-1:150843920836:instance/i-0d2877106f7377c0c 2 | -------------------------------------------------------------------------------- /terraform-output/aws-instance-example.tf: -------------------------------------------------------------------------------- 1 | resource "aws_instance" "web-server" { 2 | ami = "${lookup(var.ami_id, var.region)}" 3 | instance_type = "t2.micro" 4 | 5 | 6 | provisioner "local-exec" { 7 | command = "echo ${aws_instance.web-server.private_ip} >> ip_list.txt" 8 | } 9 | 10 | provisioner "local-exec" { 11 | command = "echo ${aws_instance.web-server.arn} >> arn.txt" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /terraform-output/ip_list.txt: -------------------------------------------------------------------------------- 1 | 172.31.84.95 2 | 172.31.45.49 3 | -------------------------------------------------------------------------------- /terraform-output/output.tf: -------------------------------------------------------------------------------- 1 | output "public_ip" { 2 | value = "${aws_instance.web-server.public_ip}" 3 | } 4 | -------------------------------------------------------------------------------- /terraform-output/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | -------------------------------------------------------------------------------- /terraform-output/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" {} 2 | variable "secret_key" {} 3 | variable "region" { 4 | default = "us-east-1" 5 | } 6 | variable "ami_id" { 7 | type = "map" 8 | default = { 9 | us-east-1 = "ami-035b3c7efe6d061d5" 10 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 11 | eu-central-1 = "ami-9787h5h6nsn" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /terraform-remote-state/.gitignore: -------------------------------------------------------------------------------- 1 | # Local .terraform directories 2 | **/.terraform/* 3 | 4 | # .tfstate files 5 | *.tfstate 6 | *.tfstate.* 7 | 8 | # .tfvars files 9 | *.tfvars 10 | -------------------------------------------------------------------------------- /terraform-remote-state/README.md: -------------------------------------------------------------------------------- 1 | # Terraform-Tutorial 2 | Terraform Tutorial with all the Live Example 3 | -------------------------------------------------------------------------------- /terraform-remote-state/aws-remote-state-example.tf: -------------------------------------------------------------------------------- 1 | 2 | resource "aws_s3_bucket" "bucket" { 3 | bucket = "my-tf-test-bucket-abc" 4 | acl = "private" 5 | 6 | tags = { 7 | Name = "My bucket" 8 | Environment = "Dev" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /terraform-remote-state/backend.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 0.11.0" 3 | backend "s3" { 4 | bucket = "backup-state-terraform" 5 | key = "terraform/test" 6 | region = "us-east-1" 7 | dynamodb_table = "backend-test" 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /terraform-remote-state/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | version = "~> 2.0" 4 | } 5 | -------------------------------------------------------------------------------- /terraform-remote-state/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" {} 2 | variable "secret_key" {} 3 | variable "region" { 4 | default = "us-east-1" 5 | } 6 | variable "ami_id" { 7 | type = "map" 8 | default = { 9 | us-east-1 = "ami-035b3c7efe6d061d5" 10 | eu-west-2 = "ami-132b3c7efe6sdfdsfd" 11 | eu-central-1 = "ami-9787h5h6nsn" 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /terraform-variables/provider.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | -------------------------------------------------------------------------------- /terraform-variables/terraform-variable-example.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "${var.region}" 3 | access_key = "${var.access_key}" 4 | secret_key = "${var.secret_key}" 5 | version = "~> 2.0" 6 | } 7 | 8 | resource "aws_instance" "my_web_server" { 9 | ami = "${lookup(var.ami_id, var.region)}" 10 | instance_type = "t2.micro" 11 | } 12 | -------------------------------------------------------------------------------- /terraform-variables/variables.tf: -------------------------------------------------------------------------------- 1 | variable "access_key" { } 2 | variable "secret_key" { } 3 | variable "region" { 4 | default="us-east-1" 5 | } 6 | variable "instance_type" { 7 | default="t2.micro" 8 | } 9 | 10 | variable "ami_id" { 11 | type = "map" 12 | default = { 13 | us-east-1 = "ami-035b3c7efe6d061d5" 14 | eu-west-2= "ami-132b3c7efe6sdfdsfd" 15 | eu-central-1="ami-9787h5h6nsn" 16 | } 17 | } 18 | --------------------------------------------------------------------------------