diff --git a/Project-16: Cloud State with Terraform/README.md b/Project-16: Cloud State with Terraform/README.md new file mode 100644 index 0000000..56ddd89 --- /dev/null +++ b/Project-16: Cloud State with Terraform/README.md @@ -0,0 +1,232 @@ +# Project-16: Cloud State with Terraform + +[*Project Source*](https://www.udemy.com/course/devopsprojects/?src=sac&kw=devops+projects) + +![](images/Project-16.png) + +## Pre-requisites + +* AWS Account +* GitHub account +* Terraform, Maven, JDK installed locally +* Any IDE (VS Code, IntelliJ, etc) + +### Step-1: Create a repository in GitHub + +We will create a repo in GitHub and name it as `terraform-aws-vprofile`. +You can make it private not to expose any Access keys you are using, since my AWS credentials are configured with awscli, I will create thsi repo as public. + +![](images/repo-created.png) + +### Step-2: Clone the repo to your local + +We will clone the repository to the IDE that we will be using. I will be using IntelliJ for this project. + +### Step-3: Terraform Setup + +We need to install Terraform and awscli locally for this project. +You can follow documentation to do so. + +[Install Terraform](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli) +[Install AWSCLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) + +Once both are installed, check their version from terminal/powershell. + +![](images/terraform-installed.png) + +You need to create an IAM user with Programmatic Access keys. Download credentials. configure aws from cli: + +![](images/aws-configured.png) + +### Step-4: S3 for Backend + +First we will create an s3 bucket to store the state in AWS. I will create bucket with awscli command: +```sh +aws s3 mb s3://terra-state-vprofile-rd --region=us-east-1 +aws s3 ls +``` + +Create `backend-s3.tf` file under `terraform-aws-vprofile` repo with below content: +```sh +terraform { + backend "s3" { + bucket = "terra-state-vprofile-rd" # replace with your s3 bucketname + key = "terraform" + region = "us-east-1" + } +} +``` + +Go to project directory and run `terraform init` to initialize backend. + +![](images/backend-initialized.png) + +### Step-5: Variables and Providers + +We will create a HA infrastructure for our vprofile project. We will create a VPC with 3 Public subnets and 3 Private subnets. We will create Elasticache, ActiveMQ and RDS-MySQL services for our application. To be able to create a reusable code, we will use variables in our Terraform code. + +Create `vars.tf` file and `providers.tf` file as in given under `terraform-files` directory. + +### Step-6: KeyPairs + +We will create an SSH key with name of `vprofilekey` as we mentioned in `vars.tf` file. Go to `terraform-aws-vprofile` directory, run below command: + +![](images/ssh-keygen.png) + +Now we can create `keypairs.tf` file with below content. We will use `file` function to get the content from path instead of copy-pasting whole content. + +![](images/keypairs.png) + +We can commit/push files to GitHub except private/public key files. + +Run below commands from local: +```sh +terraform init +terraform validate +terraform fmt +terraform plan +terraform apply +``` + +Our first resource keypair is created with terraform. + +![](images/key-generated.png) + +### Step-7: VPC Module & Setup + +One easier way to create resources with terraform is using modules. we can find modules in terraform registry. We will use official [VPC module](https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest) from AWS. + +Create `vpc.tf` file similar to given file under `terraform-files` directory. + +We will commit/push this file to remote repo. + +Since we added a new module, first we need to run: +```sh +terraform init +terraform validate +terraform fmt +terraform plan +terraform apply +``` + +### Step-8: Security Groups Setup + +We need to create SecGrp for below services: + +* Beanstalk Load Balancer +* Bastion Host +* Beanstalk instances +* Backend services (Active MQ - Elasticache - RDS) + +Create `secgrp.tf` file similar to given file under `terraform-files` directory. + +We will commit/push this file to remote repo. + +Run below commands to create secgrp resources: +```sh +terraform validate +terraform fmt +terraform plan +terraform apply +``` + +### Step-9: RDS, Elasticache and ActiveMQ Setup + +Create `backend-services.tf` file similar to given file under `terraform-files` directory. + +We will commit/push this file to remote repo. + +### Step-10: Beanstalk ENV Setup + +Create `bean-app.tf` and `bean-env.tf` files similar to given file under `terraform-files` directory. + +We will commit/push this file to remote repo. + +Run below commands to create secgrp resources: +```sh +terraform validate +terraform fmt +terraform plan +terraform apply +``` + +### Step-11: Bastion Host & DB Initialization + +We will create a Bastion host then connect to RDS instance through this instance and initialize the Database. + +We will use templatefile function to initialize RDS. You may checkout more about this function from [documentation](https://developer.hashicorp.com/terraform/language/functions/templatefile) + +We need to get RDS-endpoint as a environment variable after it is created and replace it in template file to be able to connect to mysql database. + +Create `templates` directory in project, under the same directory create a file named as `db-deploy.tftpl` with below content: +```sh +sudo apt update +sudo apt install git mysql-client -y +git clone -b vp-rem https://github.com/devopshydclub/vprofile-project.git +mysql -h ${rds-endpoint} -u ${dbuser} --password=${dbpass} accounts < /home/ubuntu/vprofile-project/src/main/resources/db_backup.sql +``` +Create `bastion-host.tf` file similar to given file under `terraform-files` directory. + +We will commit/push this file to remote repo. + +Run below commands to create secgrp resources: +```sh +terraform validate +terraform fmt +terraform plan +terraform apply +``` + +### Step-12: Artifact Deployment + +Clone repository to from bewlo repository, we need to do some updates in `application.properties` file. +```sh +git clone -b vp-rem https://github.com/rumeysakdogan/vprofileproject-all.git +``` +We will update below parts in that file. +Replace db01 -> RDS endpoint +Replace mc01 -> elasticache Endpoint +Replace rmq01 -> Actice MQ AMQP endpoint(only take url after //) and port +rabbitmq.username=rabbit +rabbitmq.password= +```sh +#JDBC Configutation for Database Connection +jdbc.driverClassName=com.mysql.jdbc.Driver +jdbc.url=jdbc:mysql://db01:3306/accounts?useUnicode=true&characterEncoding=UTF-8& + +#Memcached Configuration For Active and StandBy Host +#For Active Host +memcached.active.host=mc01 +memcached.active.port=11211 +#For StandBy Host +memcached.standBy.host=127.0.0.2 +memcached.standBy.port=11211 + +#RabbitMq Configuration +rabbitmq.address=rmq01 +rabbitmq.port=5672 +rabbitmq.username=test +rabbitmq.password=test + +``` + +Save and exit, then go to project directory where `pom.xml` exists and run `mvn install` to generate our artifact. + +![](images/artifact-ready.png) + +Our artifact is ready, we will upload it to Beanstalk manually. + +Go to Beanstalk from AWS Console, click on application you created by terraform. `Upload and Deploy` + + +### Step-13: Validate and CleanUp + +We can validate our application now from browser, click on url given in Benstalk page. + +![](images/app-deployed.png) + +You can run below command to clean-up your AWS account. +```sh +terraform destroy -auto-approve +``` + diff --git a/Project-16: Cloud State with Terraform/images/Project-16.png b/Project-16: Cloud State with Terraform/images/Project-16.png new file mode 100644 index 0000000..79c7a63 Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/Project-16.png differ diff --git a/Project-16: Cloud State with Terraform/images/app-deployed.png b/Project-16: Cloud State with Terraform/images/app-deployed.png new file mode 100644 index 0000000..85d68c2 Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/app-deployed.png differ diff --git a/Project-16: Cloud State with Terraform/images/artifact-ready.png b/Project-16: Cloud State with Terraform/images/artifact-ready.png new file mode 100644 index 0000000..1eead0c Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/artifact-ready.png differ diff --git a/Project-16: Cloud State with Terraform/images/aws-configured.png b/Project-16: Cloud State with Terraform/images/aws-configured.png new file mode 100644 index 0000000..dbeb13f Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/aws-configured.png differ diff --git a/Project-16: Cloud State with Terraform/images/backend-initialized.png b/Project-16: Cloud State with Terraform/images/backend-initialized.png new file mode 100644 index 0000000..97a11ef Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/backend-initialized.png differ diff --git a/Project-16: Cloud State with Terraform/images/key-generated.png b/Project-16: Cloud State with Terraform/images/key-generated.png new file mode 100644 index 0000000..2ee52ea Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/key-generated.png differ diff --git a/Project-16: Cloud State with Terraform/images/keypairs.png b/Project-16: Cloud State with Terraform/images/keypairs.png new file mode 100644 index 0000000..5eff6f6 Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/keypairs.png differ diff --git a/Project-16: Cloud State with Terraform/images/repo-created.png b/Project-16: Cloud State with Terraform/images/repo-created.png new file mode 100644 index 0000000..9578566 Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/repo-created.png differ diff --git a/Project-16: Cloud State with Terraform/images/ssh-keygen.png b/Project-16: Cloud State with Terraform/images/ssh-keygen.png new file mode 100644 index 0000000..cf9ea9f Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/ssh-keygen.png differ diff --git a/Project-16: Cloud State with Terraform/images/terraform-installed.png b/Project-16: Cloud State with Terraform/images/terraform-installed.png new file mode 100644 index 0000000..16137d6 Binary files /dev/null and b/Project-16: Cloud State with Terraform/images/terraform-installed.png differ diff --git a/Project-16: Cloud State with Terraform/terraform-files/backend-s3.tf b/Project-16: Cloud State with Terraform/terraform-files/backend-s3.tf new file mode 100644 index 0000000..e62cf82 --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/backend-s3.tf @@ -0,0 +1,7 @@ +terraform { + backend "s3" { + bucket = "terra-state-vprofile-rd" + key = "terraform" + region = "us-east-1" + } +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/backend-services.tf b/Project-16: Cloud State with Terraform/terraform-files/backend-services.tf new file mode 100644 index 0000000..492cd1d --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/backend-services.tf @@ -0,0 +1,58 @@ +resource "aws_db_subnet_group" "vprofile-rds-subgrp" { + name = "vprofile-rds-subgrp" + subnet_ids = [module.vpc.private_subnets[0], module.vpc.private_subnets[1], module.vpc.private_subnets[2]] + tags = { + Name = "Subnet groups for RDS" + } +} + +resource "aws_elasticache_subnet_group" "vprofile-ecache-subgrp" { + name = "vprofile-ecache-subgrp" + subnet_ids = [module.vpc.private_subnets[0], module.vpc.private_subnets[1], module.vpc.private_subnets[2]] + tags = { + Name = "Subnet groups for ECACHE" + } + +} + +resource "aws_db_instance" "vprofile-rds" { + allocated_storage = 20 + storage_type = "gp2" + engine = "mysql" + engine_version = "5.7.34" + instance_class = "db.t2.micro" + db_name = var.dbname + username = var.dbuser + password = var.dbpass + parameter_group_name = "default.mysql5.7" + skip_final_snapshot = true + publicly_accessible = false + multi_az = false + db_subnet_group_name = aws_db_subnet_group.vprofile-rds-subgrp.name + vpc_security_group_ids = [aws_security_group.vprofile-backend-sg.id] +} + +resource "aws_elasticache_cluster" "vprofile-cache" { + cluster_id = "vprofile-cache" + engine = "memcached" + node_type = "cache.t2.micro" + num_cache_nodes = 1 + parameter_group_name = "default.memcached1.6" + port = 11211 + subnet_group_name = aws_elasticache_subnet_group.vprofile-ecache-subgrp.name + security_group_ids = [aws_security_group.vprofile-backend-sg.id] +} + +resource "aws_mq_broker" "vprofile-rmq" { + broker_name = "vprofile-rmq" + engine_type = "ActiveMQ" + engine_version = "5.15.0" + host_instance_type = "mq.t2.micro" + security_groups = [aws_security_group.vprofile-backend-sg.id] + subnet_ids = [module.vpc.private_subnets[0]] + + user { + username = var.rmquser + password = var.rmqpass + } +} diff --git a/Project-16: Cloud State with Terraform/terraform-files/bastion-host.tf b/Project-16: Cloud State with Terraform/terraform-files/bastion-host.tf new file mode 100644 index 0000000..e42c8e0 --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/bastion-host.tf @@ -0,0 +1,33 @@ +resource "aws_instance" "vprofile-bastion" { + ami = lookup(var.AMIS, var.AWS_REGION) + instance_type = "t2.micro" + key_name = aws_key_pair.vprofilekey.key_name + subnet_id = module.vpc.public_subnets[0] + count = var.instance_count + vpc_security_group_ids = [aws_security_group.vprofile-bastion-sg.id] + + tags = { + Name = "vprofile-bastion" + PROJECT = "vprofile" + } + + provisioner "file" { + content = templatefile("templates/db-deploy.tftpl", { rds-endpoint = aws_db_instance.vprofile-rds.address, dbuser = var.dbuser, dbpass = var.dbpass }) + destination = "/tmp/vprofile-dbdeploy.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /tmp/vprofile-dbdeploy.sh", + "sudo /tmp/vprofile-dbdeploy.sh" + ] + } + + connection { + user = var.USER + private_key = file(var.PRIV_KEY_PATH) + host = self.public_ip + } + + depends_on = [aws_db_instance.vprofile-rds] +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/bean-app.tf b/Project-16: Cloud State with Terraform/terraform-files/bean-app.tf new file mode 100644 index 0000000..c96775f --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/bean-app.tf @@ -0,0 +1,3 @@ +resource "aws_elastic_beanstalk_application" "vprofile-prod" { + name = "vprofile-prod" +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/bean-env.tf b/Project-16: Cloud State with Terraform/terraform-files/bean-env.tf new file mode 100644 index 0000000..b39c96a --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/bean-env.tf @@ -0,0 +1,139 @@ +resource "aws_elastic_beanstalk_environment" "vprofile-bean-prod" { + application = aws_elastic_beanstalk_application.vprofile-prod.name + name = "vprofile-bean-prod" + solution_stack_name = "64bit Amazon Linux 2 v4.3.2 running Tomcat 8.5 Corretto 11" + cname_prefix = "vprofile-bean-prod-rd" + + setting { + namespace = "aws:ec2:vpc" + name = "VPCId" + value = module.vpc.vpc_id + } + + setting { + name = "IamInstanceProfile" + namespace = "aws:autoscaling:launchconfiguration" + value = "aws-elasticbeanstalk-ec2-role" + } + + setting { + namespace = "aws:ec2:vpc" + name = "Subnets" + value = join(",", [module.vpc.private_subnets[0], module.vpc.private_subnets[1], module.vpc.private_subnets[2]]) + } + + setting { + namespace = "aws:ec2:vpc" + name = "AssociatePublicIpAddress" + value = "false" + } + + setting { + namespace = "aws:ec2:vpc" + name = "ELBSubnets" + value = join(",", [module.vpc.public_subnets[0], module.vpc.public_subnets[1], module.vpc.public_subnets[2]]) + } + + setting { + name = "InstanceType" + namespace = "aws:autoscaling:launchconfiguration" + value = "t2.micro" + } + + setting { + name = "EC2KeyName" + namespace = "aws:autoscaling:launchconfiguration" + value = aws_key_pair.vprofilekey.key_name + } + setting { + name = "Availability Zones" + namespace = "aws:autoscaling:asg" + value = "Any 3" + } + + setting { + name = "MinSize" + namespace = "aws:autoscaling:asg" + value = "1" + } + + setting { + name = "MaxSize" + namespace = "aws:autoscaling:asg" + value = "4" + } + + setting { + name = "environment" + namespace = "aws:elasticbeanstalk:application:environment" + value = "prod" + } + + setting { + name = "SystemType" + namespace = "aws:elasticbeanstalk:healthreporting:system" + value = "enhanced" + } + + setting { + name = "LOGGING_APPENDER" + namespace = "aws:elasticbeanstalk:application:environment" + value = "GRAYLOG" + } + + setting { + name = "RollingUpdateEnabled" + namespace = "aws:autoscaling:updatepolicy:rollingupdate" + value = "true" + } + + setting { + name = "RollingUpdateType" + namespace = "aws:autoscaling:updatepolicy:rollingupdate" + value = "Health" + } + + setting { + name = "MaxBatchSize" + namespace = "aws:autoscaling:updatepolicy:rollingupdate" + value = "1" + } + + setting { + name = "CrossZone" + namespace = "aws:elb:loadbalancer" + value = "true" + } + + setting { + name = "BatchSizeType" + namespace = "aws:elasticbeanstalk:command" + value = "Fixed" + } + + setting { + name = "StickinessEnabled" + namespace = "aws:elasticbeanstalk:environment:process:default" + value = "true" + } + + setting { + name = "DeploymentPolicy" + namespace = "aws:elasticbeanstalk:command" + value = "Rolling" + } + + setting { + name = "SecurityGroups" + namespace = "aws:autoscaling:launchconfiguration" + value = aws_security_group.vprofile-prod-sg.id + } + + setting { + name = "SecurityGroups" + namespace = "aws:elbv2:loadbalancer" + value = aws_security_group.vprofile-bean-alb-sg.id + } + + depends_on = [aws_security_group.vprofile-prod-sg, aws_security_group.vprofile-bean-alb-sg] +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/keypairs.tf b/Project-16: Cloud State with Terraform/terraform-files/keypairs.tf new file mode 100644 index 0000000..2482d11 --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/keypairs.tf @@ -0,0 +1,4 @@ +resource "aws_key_pair" "vprofilekey" { + key_name = "vprofilekey" + public_key = file(var.PUB_KEY_PATH) +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/providers.tf b/Project-16: Cloud State with Terraform/terraform-files/providers.tf new file mode 100644 index 0000000..6861363 --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/providers.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = var.AWS_REGION +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/secgrp.tf b/Project-16: Cloud State with Terraform/terraform-files/secgrp.tf new file mode 100644 index 0000000..888963f --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/secgrp.tf @@ -0,0 +1,89 @@ +resource "aws_security_group" "vprofile-bean-alb-sg" { + name = "vprofile-bean-alb-sg" + description = "Security group for bean-elb" + vpc_id = module.vpc.vpc_id + egress { + from_port = 0 + protocol = "-1" + to_port = 0 + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 80 + protocol = "tcp" + to_port = 80 + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_security_group" "vprofile-bastion-sg" { + name = "vprofile-bastion-sg" + description = "Security group for bastion-host" + vpc_id = module.vpc.vpc_id + egress { + from_port = 0 + protocol = "-1" + to_port = 0 + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 22 + protocol = "tcp" + to_port = 22 + cidr_blocks = [var.MyIP] + } +} + +resource "aws_security_group" "vprofile-prod-sg" { + name = "vprofile-prod-sg" + description = "Security group for beanstalk instances" + vpc_id = module.vpc.vpc_id + egress { + from_port = 0 + protocol = "-1" + to_port = 0 + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 22 + protocol = "tcp" + to_port = 22 + security_groups = [aws_security_group.vprofile-bastion-sg.id] + } +} + +resource "aws_security_group" "vprofile-backend-sg" { + name = "vprofile-backend-sg" + description = "Security group for ActiveMQ, Elasticache, RDS" + vpc_id = module.vpc.vpc_id + + egress { + from_port = 0 + protocol = "-1" + to_port = 0 + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 0 + protocol = "tcp" + to_port = 0 + security_groups = [aws_security_group.vprofile-prod-sg.id] + } + + ingress { + from_port = 3306 + protocol = "tcp" + to_port = 3306 + security_groups = [aws_security_group.vprofile-bastion-sg.id] + } +} + +resource "aws_security_group_rule" "sec_group_allow_itself" { + type = "ingress" + from_port = 0 + to_port = 65535 + protocol = "tcp" + security_group_id = aws_security_group.vprofile-backend-sg.id + source_security_group_id = aws_security_group.vprofile-backend-sg.id +} \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/templates/.DS_Store b/Project-16: Cloud State with Terraform/terraform-files/templates/.DS_Store new file mode 100644 index 0000000..5008ddf Binary files /dev/null and b/Project-16: Cloud State with Terraform/terraform-files/templates/.DS_Store differ diff --git a/Project-16: Cloud State with Terraform/terraform-files/templates/db-deploy.tftpl b/Project-16: Cloud State with Terraform/terraform-files/templates/db-deploy.tftpl new file mode 100644 index 0000000..2bce0ed --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/templates/db-deploy.tftpl @@ -0,0 +1,4 @@ +sudo apt update +sudo apt install git mysql-client-core-8.0 -y +git clone -b vp-rem https://github.com/devopshydclub/vprofile-project.git +mysql -h ${rds-endpoint} -u ${dbuser} --password=${dbpass} accounts --ssl-mode=DISABLED < /home/ubuntu/vprofile-project/src/main/resources/db_backup.sql \ No newline at end of file diff --git a/Project-16: Cloud State with Terraform/terraform-files/vars.tf b/Project-16: Cloud State with Terraform/terraform-files/vars.tf new file mode 100644 index 0000000..0836f35 --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/vars.tf @@ -0,0 +1,97 @@ +variable "AWS_REGION" { + default = "us-east-1" +} + +variable "AMIS" { + type = map(any) + default = { + us-east-1 = "ami-0a6b2839d44d781b2" # ubuntu 20.04 AMI + us-east-2 = "ami-0574da009dca65348" + us-west-1 = "ami-0574da719dca65125" + } +} + +variable "PRIV_KEY_PATH" { + default = "vprofilekey" +} + +variable "PUB_KEY_PATH" { + default = "vprofilekey.pub" +} + +variable "USER" { + default = "ubuntu" +} + +variable "MyIP" { + default = "73.161.253.221/32" +} + +variable "rmquser" { + default = "rabbit" +} + +variable "rmqpass" { + default = "S3nd3n@d4h4guz3l" +} + +variable "dbuser" { + default = "admin" +} + +variable "dbpass" { + default = "admin123" +} + +variable "dbname" { + default = "accounts" +} + +variable "instance_count" { + default = "1" +} + +variable "VPC_NAME" { + default = "vprofile-VPC" +} + +variable "Zone1" { + default = "us-east-1a" +} + +variable "Zone2" { + default = "us-east-1b" +} + +variable "Zone3" { + default = "us-east-1c" +} + +variable "VpcCIDR" { + default = "172.21.0.0/16" +} + +variable "PubSub1CIDR" { + default = "172.21.1.0/24" +} + +variable "PubSub2CIDR" { + default = "172.21.2.0/24" +} + +variable "PubSub3CIDR" { + default = "172.21.3.0/24" +} + +variable "PrivSub1CIDR" { + default = "172.21.4.0/24" +} + +variable "PrivSub2CIDR" { + default = "172.21.5.0/24" +} + +variable "PrivSub3CIDR" { + default = "172.21.6.0/24" +} + diff --git a/Project-16: Cloud State with Terraform/terraform-files/vpc.tf b/Project-16: Cloud State with Terraform/terraform-files/vpc.tf new file mode 100644 index 0000000..bed170f --- /dev/null +++ b/Project-16: Cloud State with Terraform/terraform-files/vpc.tf @@ -0,0 +1,25 @@ +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + version = "3.18.1" + + name = var.VPC_NAME + cidr = var.VpcCIDR + azs = [var.Zone1, var.Zone2, var.Zone3] + private_subnets = [var.PrivSub1CIDR, var.PrivSub2CIDR, var.PrivSub3CIDR] + public_subnets = [var.PubSub1CIDR, var.PubSub2CIDR, var.PubSub3CIDR] + + enable_nat_gateway = true + single_nat_gateway = true + + enable_dns_hostnames = true + enable_dns_support = true + + tags = { + Terraform = "true" + Environment = "Prod" + } + + vpc_tags = { + Name = var.VPC_NAME + } +} \ No newline at end of file