96 lines
2.2 KiB
HCL
96 lines
2.2 KiB
HCL
resource "aws_internet_gateway" "main" {
|
|
vpc_id = aws_vpc.main.id
|
|
}
|
|
|
|
resource "aws_subnet" "public" {
|
|
vpc_id = aws_vpc.main.id
|
|
cidr_block = var.public_cidr
|
|
map_public_ip_on_launch = true
|
|
}
|
|
|
|
resource "aws_subnet" "private" {
|
|
count = 2
|
|
vpc_id = aws_vpc.main.id
|
|
cidr_block = cidrsubnet(aws_vpc.main.cidr_block, 8, 10 + count.index)
|
|
availability_zone = element(data.aws_availability_zones.available.names, count.index)
|
|
tags = {
|
|
Name = "private_${data.aws_availability_zones.available.names[count.index]}"
|
|
}
|
|
}
|
|
|
|
resource "aws_route_table" "public" {
|
|
vpc_id = aws_vpc.main.id
|
|
route {
|
|
cidr_block = "0.0.0.0/0"
|
|
gateway_id = aws_internet_gateway.main.id
|
|
}
|
|
}
|
|
|
|
resource "aws_route_table_association" "public" {
|
|
route_table_id = aws_route_table.public.id
|
|
subnet_id = aws_subnet.public.id
|
|
}
|
|
|
|
resource "aws_route_table" "private" {
|
|
vpc_id = aws_vpc.main.id
|
|
}
|
|
|
|
resource "aws_route_table_association" "private" {
|
|
count = length(aws_subnet.private)
|
|
route_table_id = aws_route_table.private.id
|
|
subnet_id = aws_subnet.private[count.index].id
|
|
}
|
|
|
|
resource "aws_security_group" "ec2" {
|
|
name = "ec2-allow-ssh-http"
|
|
description = "Security group for the EC2 instance"
|
|
vpc_id = aws_vpc.main.id
|
|
|
|
ingress {
|
|
from_port = 22
|
|
to_port = 22
|
|
protocol = "tcp"
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
}
|
|
|
|
ingress {
|
|
from_port = 80
|
|
to_port = 8080
|
|
protocol = "tcp"
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
}
|
|
|
|
egress {
|
|
from_port = 0
|
|
to_port = 0
|
|
protocol = "-1"
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
}
|
|
|
|
lifecycle {
|
|
create_before_destroy = true
|
|
}
|
|
}
|
|
|
|
resource "aws_security_group" "rds" {
|
|
name = "rds-allow-sql"
|
|
description = "Security group for the RDS instance"
|
|
vpc_id = aws_vpc.main.id
|
|
|
|
ingress {
|
|
from_port = 3306
|
|
to_port = 3306
|
|
protocol = "tcp"
|
|
security_groups = [aws_security_group.ec2.id]
|
|
}
|
|
|
|
lifecycle {
|
|
create_before_destroy = true
|
|
}
|
|
}
|
|
|
|
resource "aws_db_subnet_group" "private" {
|
|
name = "db_subnet_group"
|
|
subnet_ids = [for subnet in aws_subnet.private : subnet.id]
|
|
}
|