Last active
August 13, 2023 19:16
-
-
Save iknowjason/038c511f77dad08747595cf4481a87f3 to your computer and use it in GitHub Desktop.
Mac OS EC2 Instance on AWS using Terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "region" { | |
| default = "us-east-1" | |
| } | |
| resource "aws_ec2_host" "example_host" { | |
| instance_type = "mac1.metal" | |
| availability_zone = "us-east-2b" | |
| } | |
| data "aws_ami" "macos" { | |
| most_recent = true | |
| owners = ["amazon"] # Amazon | |
| filter { | |
| name = "name" | |
| values = ["amzn-ec2-macos-12*"] | |
| } | |
| filter { | |
| name = "root-device-type" | |
| values = ["ebs"] | |
| } | |
| resource "tls_private_key" "operator" { | |
| algorithm = "RSA" | |
| } | |
| module "key_pair" { | |
| source = "terraform-aws-modules/key-pair/aws" | |
| key_name = "operator-keypair" | |
| public_key = tls_private_key.operator.public_key_openssh | |
| } | |
| # write ssh key to file | |
| resource "local_file" "ssh_key" { | |
| content = tls_private_key.operator.private_key_pem | |
| filename = "${path.module}/ssh_key.pem" | |
| file_permission = "0700" | |
| } | |
| filter { | |
| name = "virtualization-type" | |
| values = ["hvm"] | |
| } | |
| } | |
| resource "aws_instance" "mac_instance" { | |
| ami = data.aws_ami.macos.id | |
| host_id = aws_ec2_host.example_host.id | |
| instance_type = "mac1.metal" | |
| key_name = module.key_pair.key_pair_name | |
| tags = { | |
| Name = "Terraform Mac" | |
| } | |
| } | |
| variable "vpc_cidr" { | |
| default = "10.100.0.0/16" | |
| } | |
| # Create vpc | |
| resource "aws_vpc" "operator" { | |
| cidr_block = var.vpc_cidr | |
| enable_dns_hostnames = true | |
| enable_dns_support = true | |
| instance_tenancy = "default" | |
| tags = { | |
| Name = "operator_vpc" | |
| } | |
| } | |
| data "aws_availability_zones" "available" {} | |
| # Create Internet Gateway | |
| resource "aws_internet_gateway" "operator-igw" { | |
| vpc_id = aws_vpc.operator.id | |
| tags = { | |
| Name = "operator_Internet_Gateway" | |
| } | |
| } | |
| resource "aws_main_route_table_association" "operator" { | |
| vpc_id = aws_vpc.operator.id | |
| route_table_id = aws_route_table.operator-rt.id | |
| } | |
| # Route Table | |
| resource "aws_route_table" "operator-rt" { | |
| vpc_id = aws_vpc.operator.id | |
| route { | |
| cidr_block = "0.0.0.0/0" | |
| gateway_id = aws_internet_gateway.operator-igw.id | |
| } | |
| tags = { | |
| Name = "OperatorLab_Routing_Table" | |
| } | |
| } | |
| output "vpc_id" { | |
| value = aws_vpc.operator.id | |
| } | |
| output "vpc_prefix" { | |
| value = aws_vpc.operator.cidr_block | |
| } | |
| variable "ad_subnet_name" { | |
| default = "ad_subnet" | |
| } | |
| variable "ad_subnet_prefix" { | |
| default = "10.100.10.0/24" | |
| } | |
| # Create the ad_subnet subnet | |
| resource "aws_subnet" "ad_subnet" { | |
| vpc_id = aws_vpc.operator.id | |
| cidr_block = var.ad_subnet_prefix | |
| availability_zone = "us-east-1c" | |
| #availability_zone = data.aws_availability_zones.available.names[1] | |
| map_public_ip_on_launch = true | |
| tags = { | |
| Name = var.ad_subnet_name | |
| } | |
| depends_on = [aws_vpc.operator] | |
| } | |
| output "ad_subnet_id" { | |
| value = aws_subnet.ad_subnet.id | |
| } | |
| output "ad_subnet_prefix" { | |
| value = aws_subnet.ad_subnet.cidr_block | |
| } | |
| variable "user_subnet_name" { | |
| default = "user_subnet" | |
| } | |
| variable "user_subnet_prefix" { | |
| default = "10.100.20.0/24" | |
| } | |
| # Create the user_subnet subnet | |
| resource "aws_subnet" "user_subnet" { | |
| vpc_id = aws_vpc.operator.id | |
| cidr_block = var.user_subnet_prefix | |
| #availability_zone = data.aws_availability_zones.available.names[1] | |
| availability_zone = "us-east-1c" | |
| map_public_ip_on_launch = true | |
| tags = { | |
| Name = var.user_subnet_name | |
| } | |
| depends_on = [aws_vpc.operator] | |
| } | |
| output "user_subnet_id" { | |
| value = aws_subnet.user_subnet.id | |
| } | |
| output "user_subnet_prefix" { | |
| value = aws_subnet.user_subnet.cidr_block | |
| } | |
| variable "siem_subnet_name" { | |
| default = "siem_subnet" | |
| } | |
| variable "siem_subnet_prefix" { | |
| default = "10.100.30.0/24" | |
| } | |
| # Create the siem_subnet subnet | |
| resource "aws_subnet" "siem_subnet" { | |
| vpc_id = aws_vpc.operator.id | |
| cidr_block = var.siem_subnet_prefix | |
| #availability_zone = data.aws_availability_zones.available.names[1] | |
| availability_zone = "us-east-1c" | |
| map_public_ip_on_launch = true | |
| tags = { | |
| Name = var.siem_subnet_name | |
| } | |
| depends_on = [aws_vpc.operator] | |
| } | |
| output "siem_subnet_id" { | |
| value = aws_subnet.siem_subnet.id | |
| } | |
| output "siem_subnet_prefix" { | |
| value = aws_subnet.siem_subnet.cidr_block | |
| } | |
| variable "attack_subnet_name" { | |
| default = "attack_subnet" | |
| } | |
| variable "attack_subnet_prefix" { | |
| default = "10.100.40.0/24" | |
| } | |
| # Create the attack_subnet subnet | |
| resource "aws_subnet" "attack_subnet" { | |
| vpc_id = aws_vpc.operator.id | |
| cidr_block = var.attack_subnet_prefix | |
| #availability_zone = data.aws_availability_zones.available.names[1] | |
| availability_zone = "us-east-1c" | |
| map_public_ip_on_launch = true | |
| tags = { | |
| Name = var.attack_subnet_name | |
| } | |
| depends_on = [aws_vpc.operator] | |
| } | |
| output "attack_subnet_id" { | |
| value = aws_subnet.attack_subnet.id | |
| } | |
| output "attack_subnet_prefix" { | |
| value = aws_subnet.attack_subnet.cidr_block | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Added vpc and network configuration