Last active
August 13, 2022 22:46
-
-
Save edwardsmoses/58cac09925e8641eab9efef268c32610 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "google_compute_instance" "vm_instance" { | |
| name = "${var.instance_name}" | |
| zone = "${var.instance_zone}" | |
| machine_type = "${var.instance_type}" | |
| boot_disk { | |
| initialize_params { | |
| image = "debian-cloud/debian11" | |
| } | |
| } | |
| network_interface { | |
| network = "${var.instance_network}" | |
| access_config { | |
| # ALlocate a one-to-one NAT IP to the instance | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create the mynetwork network | |
| resource "google_compute_network" "mynetwork" { | |
| name = "mynetwork" | |
| # RESOURCE properties would be here | |
| auto_create_subnetworks = "true" | |
| } | |
| # Add a firewall rule to allow HTTP, SSH, RDP and ICMP traffic | |
| resource "google_compute_firewall" "mynetwork-allow-http-ssh-rdp-icmp" { | |
| name = "mynetwork-allow-http-ssh-rdp-icmp" | |
| network = google_compute_network.mynetwork.self_link | |
| allow { | |
| protocol = "tcp" | |
| ports = ["22", "80", "3389"] | |
| } | |
| allow { | |
| protocol = "icmp" | |
| } | |
| source_ranges = ["0.0.0.0/0"] | |
| } | |
| # Create the mynet-us-vm instance | |
| module "mynet-us-vm" { | |
| source = "./instance" | |
| instance_name = "mynet-us-vm" | |
| instance_zone = "us-central1-b" | |
| instance_network = google_compute_network.mynetwork.self_link | |
| } | |
| # Create the mynet-eu-vm" instance | |
| module "mynet-eu-vm" { | |
| source = "./instance" | |
| instance_name = "mynet-eu-vm" | |
| instance_zone = "europe-central2-b" | |
| instance_network = google_compute_network.mynetwork.self_link | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Configuring Firewall Rules using Terraform - Preparing for GCP Certification | |
| # Create the mynetwork network | |
| resource "google_compute_network" "mynetwork" { | |
| name = "mynetwork" | |
| # RESOURCE properties would be here | |
| auto_create_subnetworks = "true" | |
| } | |
| # Add a firewall rule to allow HTTP, SSH, RDP and ICMP traffic | |
| resource "google_compute_firewall" "mynetwork-allow-http-ssh-rdp-icmp"{ | |
| name = "mynetwork-allow-http-ssh-rdp-icmp" | |
| network = google_compute_network.mynetwork.self_link | |
| allow { | |
| protocol = "tcp" | |
| ports = ["22", "80", "3389"] | |
| } | |
| allow { | |
| protocol = "icmp" | |
| } | |
| source_ranges = ["0.0.0.0/0"] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment