Skip to content

Instantly share code, notes, and snippets.

Last active August 10, 2021 06:53
Show Gist options
  • Save monostere0/110e2c14f0bb71b9fb2e9491c67e80ff to your computer and use it in GitHub Desktop.
Save monostere0/110e2c14f0bb71b9fb2e9491c67e80ff to your computer and use it in GitHub Desktop.
Terraform VPC
provider "aws" {
version = "~> 2.0"
region = "eu-central-1"
resource "aws_vpc" "tf_vpc" {
cidr_block = ""
tags = {
Name = "TerraformVPC"
# The internet gateway associated with the VPC
resource "aws_internet_gateway" "tf_ig" {
vpc_id = "${}"
tags = {
Name = "TerraformIG"
# Public subnet, allows resources (e.g. EC2 instances) with open access to the internet
resource "aws_subnet" "tf_public_subnet" {
vpc_id = "${}"
cidr_block = ""
map_public_ip_on_launch = true
availability_zone = "eu-central-1a"
tags = {
Name = "TerraformPublicSubnet - eu-central-1a"
# Private subnet, resources with access only within the VPC
resource "aws_subnet" "tf_private_subnet" {
vpc_id = "${}"
cidr_block = ""
availability_zone = "eu-central-1b"
tags = {
Name = "TerraformPrivateSubnet - eu-central-1b"
# Elastic IP, used for the NAT Gateway
resource "aws_eip" "tf_nat_eip" {
vpc = true
tags = {
Name = "TerraformEIPForNATGateway"
# NAT Gateway, used for allowing the resources in the private
# subnet to have access to the internet (egress only)
resource "aws_nat_gateway" "tf_nat_gateway" {
subnet_id = "${}"
allocation_id = "${}"
tags = {
Name = "TerraformNATGateway"
# Assign a tag to the default route table created by the VPC
resource "aws_default_route_table" "tf_private_default_route_table" {
default_route_table_id = "${aws_vpc.tf_vpc.default_route_table_id}"
tags = {
Name = "TerraformPrivateMainRouteTable"
# Assign a name tag and the NAT Gateway to the default route table created
# by AWS when creating the VPC using a route
resource "aws_route" "tf_private_default_route_table_route" {
route_table_id = "${aws_vpc.tf_vpc.default_route_table_id}"
destination_cidr_block = ""
nat_gateway_id = "${}"
# The public route table, associated with the internet gateway
resource "aws_route_table" "tf_public_route_table" {
vpc_id = "${}"
tags = {
Name = "TerraformPublicRouteTable"
# The route associated with the public route table
resource "aws_route" "tf_public_route_table_route" {
route_table_id = "${}"
destination_cidr_block = ""
gateway_id = "${}"
# Associates the public route table with the public subnet
resource "aws_route_table_association" "tf_public_route_subnet_assoc" {
route_table_id = "${}"
subnet_id = "${}"
# Allow all traffic both ingress/egress in the default Network ACL and assign a name tag to it
resource "aws_default_network_acl" "tf_default_network_acl" {
default_network_acl_id = "${aws_vpc.tf_vpc.default_network_acl_id}"
ingress {
protocol = -1
rule_no = 100
action = "allow"
cidr_block = ""
from_port = 0
to_port = 0
egress {
protocol = -1
rule_no = 100
action = "allow"
cidr_block = ""
from_port = 0
to_port = 0
tags = {
Name = "TerraformNetworkACL"
# Security group associated with this VPC
# which can later be assigned to resources (e.g. EC2)
resource "aws_default_security_group" "tf_security_group" {
vpc_id = "${}"
egress {
cidr_blocks = [""]
ipv6_cidr_blocks = ["::/0"]
protocol = "-1"
from_port = "0"
to_port = "0"
ingress {
cidr_blocks = [""]
ipv6_cidr_blocks = ["::/0"]
protocol = "-1"
from_port = "0"
to_port = "0"
tags = {
Name = "TerraformSecurityGroup"
Description = "default VPC security group for ${aws_vpc.tf_vpc.tags.Name}"
# AMI information for EC2 (image type)
data "aws_ami" "tf_ec2_ami" {
most_recent = true
owners = ["amazon"]
filter {
name = "name"
values = ["amzn2-ami-hvm-2.0.20200304.0-x86_64-gp2"]
filter {
name = "virtualization-type"
values = ["hvm"]
# The public EC2 instance (uses the public subnet)
resource "aws_instance" "tf_public_ec2_instance" {
subnet_id = "${}"
vpc_security_group_ids = ["${}"]
ami = "${}"
instance_type = "t2.micro"
key_name = "tf_kvp"
tags = {
Name = "TerraformPublicEC2Instance"
# The private EC2 instance (uses the private subnet)
resource "aws_instance" "tf_private_ec2_instance" {
subnet_id = "${}"
vpc_security_group_ids = ["${}"]
ami = "${}"
instance_type = "t2.micro"
key_name = "tf_kvp"
tags = {
Name = "TerraformPrivateEC2Instance"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment