asegni AymenSegni

## allow-trafic-backend-policy.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  name: backend-policy
  namespace: development
spec:
  podSelector:
    matchLabels:
      app: webapp
      role: backend

## shared_vpc_module.tf
#
# VPC Resources
#  * VPC
#  * Subnets
#  * Internet Gateway
#  * Route Tables
#  * Sec Groups

module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

## deploy_shared_vpc.tf
# VPC Module
module "vpc" {

  source          = "../modules/shared_vpc"
  cidr            = var.cidr
  azs             = var.azs
  private_subnets = var.private_subnets
  public_subnets  = var.public_subnets
  environment     = "krypton"
  ingress_ips     = var.ingress_ips

## aws_eks_providr.tf
provider "aws" {
  region  = "eu-central-1"
  version = "~> 2.57"
  profile = "terraform-user"
}

## aws_eks_backend.tf
terraform {
  backend "s3" {
    region         = "eu-central-1"
    bucket         = "terraform-eks-dev"
    key            = "terraform.tfstate"
    encrypt        = "true"
    dynamodb_table = "terraform-state-lock"
  }
}

## aws_eks_backend.tf
terraform {
  backend "s3" {
    region         = "eu-central-1"
    bucket         = "terraform-eks-dev"
    key            = "terraform.tfstate"
    encrypt        = "true"
    dynamodb_table = "terraform-state-lock"
  }
}

## vpc_tf_vars.tf
cidr            = "10.0.0.0/16"
azs             = ["eu-central-1a", "eu-central-1b", "eu-central-1c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
ingress_ips     = ["10.0.0.100/32", "10.0.0.101/32", "10.0.0.103/32"]
cluster_name    = "aymen.krypton.berlin"

## kops_resources_module.tf
// main.tf

resource "aws_s3_bucket" "kops_state" {
  bucket = "${var.environment}-kops-s3"
  acl    = "private"

  versioning {
    enabled = true
  }

## aws_eks_output.tf
output "region" {
  value = "eu-central-1"
}

output "vpc_id" {
  value = module.vpc.vpc_id
}

output "vpc_cidr_block" {
  value = module.vpc.vpc_cidr_block

## kops_template.yaml
apiVersion: kops/v1alpha2
kind: Cluster
metadata:
  name: {{.cluster_name.value}}
spec:
  api:
    loadBalancer:
      type: Public
      additionalSecurityGroups: ["{{.k8s_api_http_security_group_id.value}}"]
  authorization:
	kind: NetworkPolicy
	apiVersion: networking.k8s.io/v1
	metadata:
	name: backend-policy
	namespace: development
	spec:
	podSelector:
	matchLabels:
	app: webapp
	role: backend
	#
	# VPC Resources
	# * VPC
	# * Subnets
	# * Internet Gateway
	# * Route Tables
	# * Sec Groups

	module "vpc" {
	source = "terraform-aws-modules/vpc/aws"
	# VPC Module
	module "vpc" {

	source = "../modules/shared_vpc"
	cidr = var.cidr
	azs = var.azs
	private_subnets = var.private_subnets
	public_subnets = var.public_subnets
	environment = "krypton"
	ingress_ips = var.ingress_ips
	provider "aws" {
	region = "eu-central-1"
	version = "~> 2.57"
	profile = "terraform-user"
	}
	terraform {
	backend "s3" {
	region = "eu-central-1"
	bucket = "terraform-eks-dev"
	key = "terraform.tfstate"
	encrypt = "true"
	dynamodb_table = "terraform-state-lock"
	}
	}
	cidr = "10.0.0.0/16"
	azs = ["eu-central-1a", "eu-central-1b", "eu-central-1c"]
	private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
	public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
	ingress_ips = ["10.0.0.100/32", "10.0.0.101/32", "10.0.0.103/32"]
	cluster_name = "aymen.krypton.berlin"
	// main.tf

	resource "aws_s3_bucket" "kops_state" {
	bucket = "${var.environment}-kops-s3"
	acl = "private"

	versioning {
	enabled = true
	}
	output "region" {
	value = "eu-central-1"
	}

	output "vpc_id" {
	value = module.vpc.vpc_id
	}

	output "vpc_cidr_block" {
	value = module.vpc.vpc_cidr_block
	apiVersion: kops/v1alpha2
	kind: Cluster
	metadata:
	name: {{.cluster_name.value}}
	spec:
	api:
	loadBalancer:
	type: Public
	additionalSecurityGroups: ["{{.k8s_api_http_security_group_id.value}}"]
	authorization: