Created
August 30, 2020 08:12
-
-
Save njofce/2513eb37bf0e97494bdada17e0ae0123 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_providers { | |
aws = { | |
source = "hashicorp/aws" | |
} | |
} | |
} | |
provider "aws" { | |
profile = "Encite" | |
region = "us-east-1" | |
} | |
provider "aws" { | |
alias = "eu" | |
profile = "Encite" | |
region = "eu-central-1" | |
} | |
provider "aws" { | |
alias = "ap" | |
profile = "Encite" | |
region = "ap-northeast-1" | |
} | |
resource "aws_vpc" "custom-vpc-1" { | |
provider = aws | |
cidr_block = "10.0.0.0/16" | |
enable_dns_support = true | |
enable_dns_hostnames = true | |
} | |
resource "aws_vpc" "custom-vpc-2" { | |
provider = aws.eu | |
cidr_block = "10.0.0.0/16" | |
enable_dns_support = true | |
enable_dns_hostnames = true | |
} | |
resource "aws_vpc" "custom-vpc-3" { | |
provider = aws.ap | |
cidr_block = "10.0.0.0/16" | |
enable_dns_support = true | |
enable_dns_hostnames = true | |
} | |
resource "aws_subnet" "custom-subnet-1" { | |
provider = aws | |
cidr_block = "10.0.1.0/24" | |
vpc_id = aws_vpc.custom-vpc-1.id | |
map_public_ip_on_launch = true | |
} | |
resource "aws_subnet" "custom-subnet-2" { | |
provider = aws.eu | |
cidr_block = "10.0.1.0/24" | |
vpc_id = aws_vpc.custom-vpc-2.id | |
map_public_ip_on_launch = true | |
} | |
resource "aws_subnet" "custom-subnet-3" { | |
provider = aws.ap | |
cidr_block = "10.0.1.0/24" | |
vpc_id = aws_vpc.custom-vpc-3.id | |
map_public_ip_on_launch = true | |
} | |
resource "aws_internet_gateway" "custom-igw-1" { | |
provider = aws | |
vpc_id = aws_vpc.custom-vpc-1.id | |
} | |
resource "aws_internet_gateway" "custom-igw-2" { | |
provider = aws.eu | |
vpc_id = aws_vpc.custom-vpc-2.id | |
} | |
resource "aws_internet_gateway" "custom-igw-3" { | |
provider = aws.ap | |
vpc_id = aws_vpc.custom-vpc-3.id | |
} | |
resource "aws_route_table" "custom-rt1" { | |
provider = aws | |
vpc_id = aws_vpc.custom-vpc-1.id | |
route { | |
cidr_block = "0.0.0.0/0" | |
gateway_id = aws_internet_gateway.custom-igw-1.id | |
} | |
} | |
resource "aws_route_table" "custom-rt2" { | |
provider = aws.eu | |
vpc_id = aws_vpc.custom-vpc-2.id | |
route { | |
cidr_block = "0.0.0.0/0" | |
gateway_id = aws_internet_gateway.custom-igw-2.id | |
} | |
} | |
resource "aws_route_table" "custom-rt3" { | |
provider = aws.ap | |
vpc_id = aws_vpc.custom-vpc-3.id | |
route { | |
cidr_block = "0.0.0.0/0" | |
gateway_id = aws_internet_gateway.custom-igw-3.id | |
} | |
} | |
resource "aws_route_table_association" "custom-rt-association-1" { | |
provider = aws | |
route_table_id = aws_route_table.custom-rt1.id | |
subnet_id = aws_subnet.custom-subnet-1.id | |
} | |
resource "aws_route_table_association" "custom-rt-association-2" { | |
provider = aws.eu | |
route_table_id = aws_route_table.custom-rt2.id | |
subnet_id = aws_subnet.custom-subnet-2.id | |
} | |
resource "aws_route_table_association" "custom-rt-association-3" { | |
provider = aws.ap | |
route_table_id = aws_route_table.custom-rt3.id | |
subnet_id = aws_subnet.custom-subnet-3.id | |
} | |
variable "ingress-rules" { | |
default = { | |
"http-ingress" = { | |
description = "For HTTP" | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
}, | |
"ssh-ingress" = { | |
description = "For SSH" | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
type = map(object({ | |
description = string | |
from_port = number | |
to_port = number | |
protocol = string | |
cidr_blocks = list(string) | |
})) | |
} | |
variable "egress-rules" { | |
default = { | |
"all-egress" = { | |
description = "All" | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
type = map(object({ | |
description = string | |
from_port = number | |
to_port = number | |
protocol = string | |
cidr_blocks = list(string) | |
})) | |
} | |
resource "aws_security_group" "custom-sg1" { | |
provider = aws | |
name = "allow_http_and_ssh" | |
description = "Allow HTTP and SSH traffic" | |
vpc_id = aws_vpc.custom-vpc-1.id | |
dynamic "ingress" { | |
for_each = var.ingress-rules | |
content { | |
description = lookup(ingress.value, "description", null) | |
from_port = lookup(ingress.value, "from_port", null) | |
to_port = lookup(ingress.value, "to_port", null) | |
protocol = lookup(ingress.value, "protocol", null) | |
cidr_blocks = lookup(ingress.value, "cidr_blocks", null) | |
} | |
} | |
dynamic "egress" { | |
for_each = var.egress-rules | |
content { | |
description = lookup(egress.value, "description", null) | |
from_port = lookup(egress.value, "from_port", null) | |
to_port = lookup(egress.value, "to_port", null) | |
protocol = lookup(egress.value, "protocol", null) | |
cidr_blocks = lookup(egress.value, "cidr_blocks", null) | |
} | |
} | |
} | |
resource "aws_security_group" "custom-sg2" { | |
provider = aws.eu | |
name = "allow_http_and_ssh" | |
description = "Allow HTTP and SSH traffic" | |
vpc_id = aws_vpc.custom-vpc-2.id | |
dynamic "ingress" { | |
for_each = var.ingress-rules | |
content { | |
description = lookup(ingress.value, "description", null) | |
from_port = lookup(ingress.value, "from_port", null) | |
to_port = lookup(ingress.value, "to_port", null) | |
protocol = lookup(ingress.value, "protocol", null) | |
cidr_blocks = lookup(ingress.value, "cidr_blocks", null) | |
} | |
} | |
dynamic "egress" { | |
for_each = var.egress-rules | |
content { | |
description = lookup(egress.value, "description", null) | |
from_port = lookup(egress.value, "from_port", null) | |
to_port = lookup(egress.value, "to_port", null) | |
protocol = lookup(egress.value, "protocol", null) | |
cidr_blocks = lookup(egress.value, "cidr_blocks", null) | |
} | |
} | |
} | |
resource "aws_security_group" "custom-sg3" { | |
provider = aws.ap | |
name = "allow_http_and_ssh" | |
description = "Allow HTTP and SSH traffic" | |
dynamic "ingress" { | |
for_each = var.ingress-rules | |
content { | |
description = lookup(ingress.value, "description", null) | |
from_port = lookup(ingress.value, "from_port", null) | |
to_port = lookup(ingress.value, "to_port", null) | |
protocol = lookup(ingress.value, "protocol", null) | |
cidr_blocks = lookup(ingress.value, "cidr_blocks", null) | |
} | |
} | |
dynamic "egress" { | |
for_each = var.egress-rules | |
content { | |
description = lookup(egress.value, "description", null) | |
from_port = lookup(egress.value, "from_port", null) | |
to_port = lookup(egress.value, "to_port", null) | |
protocol = lookup(egress.value, "protocol", null) | |
cidr_blocks = lookup(egress.value, "cidr_blocks", null) | |
} | |
} | |
} | |
resource "aws_key_pair" "custom-kp1" { | |
provider = aws | |
key_name = "terraform-keys2" | |
public_key = "ssh-rsa XT3RdHf7oZcdjPjf0OYSvDHk/WNMvkjF0FMoW+RBtakDyMLFJxIlXqI3lAiwk173n65AlBn1gQ3hgpMT/IgTZLJg6EluyjgL4heyVRuAedh3dBjNHkucRKSCfcNQVFVIeJbAbWG0JJbmVwLIa/JWY+YPyXlYpSqCwCicRcZXea1e6p+TX5GZvKn+MO/rIFRIXbEFIPDIV1nEivj7HW4hADLTIPA1CjGAqaVbqr65Xr4sbpDl0KvDha+uPjueMjKOV93A6a/RUIP5EftZ40cIR2oqu7GH677R5f19GtK6yHfUBlzCbclBlVnrMYWEEBFiG3dIQv55cDs97u9iyeSLqcde2OX4ZEhjb5PH7YOtG8AS0qbu1Y70RG2UgDa3Bv5AcT673mw0ab3kXtUjng1d05eC6pA+voW5jxV/g4a3ESlGtnD029jpfl6vaz53cjL4ml+JXRRgnBVMb= x@Nasis-MacBook-Pro.local" | |
} | |
resource "aws_key_pair" "custom-kp2" { | |
provider = aws.eu | |
key_name = "terraform-keys2" | |
public_key = "ssh-rsa XT3RdHf7oZcdjPjf0OYSvDHk/WNMvkjF0FMoW+RBtakDyMLFJxIlXqI3lAiwk173n65AlBn1gQ3hgpMT/IgTZLJg6EluyjgL4heyVRuAedh3dBjNHkucRKSCfcNQVFVIeJbAbWG0JJbmVwLIa/JWY+YPyXlYpSqCwCicRcZXea1e6p+TX5GZvKn+MO/rIFRIXbEFIPDIV1nEivj7HW4hADLTIPA1CjGAqaVbqr65Xr4sbpDl0KvDha+uPjueMjKOV93A6a/RUIP5EftZ40cIR2oqu7GH677R5f19GtK6yHfUBlzCbclBlVnrMYWEEBFiG3dIQv55cDs97u9iyeSLqcde2OX4ZEhjb5PH7YOtG8AS0qbu1Y70RG2UgDa3Bv5AcT673mw0ab3kXtUjng1d05eC6pA+voW5jxV/g4a3ESlGtnD029jpfl6vaz53cjL4ml+JXRRgnBVMb= x@Nasis-MacBook-Pro.local" | |
} | |
resource "aws_key_pair" "custom-kp3" { | |
provider = aws.ap | |
key_name = "terraform-keys2" | |
public_key = "ssh-rsa XT3RdHf7oZcdjPjf0OYSvDHk/WNMvkjF0FMoW+RBtakDyMLFJxIlXqI3lAiwk173n65AlBn1gQ3hgpMT/IgTZLJg6EluyjgL4heyVRuAedh3dBjNHkucRKSCfcNQVFVIeJbAbWG0JJbmVwLIa/JWY+YPyXlYpSqCwCicRcZXea1e6p+TX5GZvKn+MO/rIFRIXbEFIPDIV1nEivj7HW4hADLTIPA1CjGAqaVbqr65Xr4sbpDl0KvDha+uPjueMjKOV93A6a/RUIP5EftZ40cIR2oqu7GH677R5f19GtK6yHfUBlzCbclBlVnrMYWEEBFiG3dIQv55cDs97u9iyeSLqcde2OX4ZEhjb5PH7YOtG8AS0qbu1Y70RG2UgDa3Bv5AcT673mw0ab3kXtUjng1d05eC6pA+voW5jxV/g4a3ESlGtnD029jpfl6vaz53cjL4ml+JXRRgnBVMb= x@Nasis-MacBook-Pro.local" | |
} | |
resource "aws_instance" "custom-ec2-1" { | |
provider = aws | |
ami = "ami-02354e95b39ca8dec" | |
instance_type = "t2.micro" | |
key_name = aws_key_pair.custom-kp1.key_name | |
subnet_id = aws_subnet.custom-subnet-1.id | |
security_groups = [aws_security_group.custom-sg1.id] | |
user_data = "" | |
} | |
resource "aws_instance" "custom-ec2-2" { | |
provider = aws.eu | |
ami = "ami-0c115dbd34c69a004" | |
instance_type = "t2.micro" | |
key_name = aws_key_pair.custom-kp2.key_name | |
subnet_id = aws_subnet.custom-subnet-2.id | |
security_groups = [aws_security_group.custom-sg2.id] | |
user_data = "" | |
} | |
resource "aws_instance" "custom-ec2-3" { | |
provider = aws.ap | |
ami = "ami-0cc75a8978fbbc969" | |
instance_type = "t2.micro" | |
key_name = aws_key_pair.custom-kp3.key_name | |
subnet_id = aws_subnet.custom-subnet-3.id | |
security_groups = [aws_security_group.custom-sg3.id] | |
user_data = "" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment