-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathterraformfile.txt
145 lines (117 loc) · 3.15 KB
/
terraformfile.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "Project VPC"
}
}
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.main.id}"
tags = {
Name = "Project VPC IG"
}
}
resource "aws_route_table" "second_rt" {
vpc_id = "${aws_vpc.main.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}"
}
tags = {
Name = "2nd Route Table"
}
}
#resource "aws_subnet" "my_subnet" {
# vpc_id = aws_vpc.my_vpc.id
#cidr_block = "10.0.1.0/24"
#}
variable "public_subnet_cidrs" {
type = string
description = "Public Subnet CIDR values"
default = "10.0.1.0/24"
}
resource "aws_subnet" "public_subnets" {
#count = var.public_subnet_cidrs
vpc_id = "${aws_vpc.main.id}"
cidr_block = var.public_subnet_cidrs
tags = {
Name = "Public-Subnet"
}
}
#resource "aws_route_table" "my_route_table" {
# vpc_id = aws_vpc.my_vpc.id
#}
resource "aws_route_table_association" "public_subnet_asso" {
#count = length(var.public_subnet_cidrs)
subnet_id = "${aws_subnet.public_subnets.id}"
route_table_id = "${aws_route_table.second_rt.id}"
}
# Create a security group
resource "aws_security_group" "my_security_group123" {
name = "my-security-group"
description = "My security group"
vpc_id = "${aws_vpc.main.id}"
tags = {
Name = "my-security-group1234"
}
# Inbound rule allowing SSH access (Port 22)
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Inbound rule allowing HTTP access (Port 80)
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Inbound rule allowing HTTPS access (Port 443)
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Outbound rule allowing all traffic
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
# Optionally, you can add more ingress and egress rules here
}
# Create the network interface
resource "aws_network_interface" "my_network_interface" {
subnet_id = "${aws_subnet.public_subnets.id}"
security_groups = [aws_security_group.my_security_group123.id]
private_ips = ["10.0.1.100"]
}
# Allocate an Elastic IP
resource "aws_eip" "my_eip" {
vpc = true
}
# Associate the Elastic IP with the network interface
resource "aws_eip_association" "my_eip_association" {
network_interface_id = aws_network_interface.my_network_interface.id
allocation_id = aws_eip.my_eip.id
instance_id = aws_instance.my_instance.id
}
# Create the Ubuntu server instance
resource "aws_instance" "my_instance" {
ami = "ami-024e6efaf93d85776" # Replace with the desired Ubuntu AMI ID
instance_type = "t2.micro"
key_name = "terraUbuntuKpair"
subnet_id = "${aws_subnet.public_subnets.id}"
security_groups = [aws_security_group.my_security_group123.id]
# User data script to install and enable Apache
user_data = <<-EOF
#!/bin/bash
apt-get update
apt-get install -y apache2
systemctl enable apache2
systemctl start apache2
EOF
}