This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Place this file under .github/workflows/on_push.yml | |
name: Terraform Workflow on Push | |
on: | |
push: | |
branches: | |
- main | |
env: | |
TF_CLOUD_ORGANIZATION: "${{ secrets.TF_CLOUD_ORGANIZATION }}" | |
TF_WORKSPACE: "${{ secrets.TF_WORKSPACE }}" | |
TF_CLOUD_PROJECT: "${{ secrets.TF_CLOUD_PROJECT }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a VPC with 2 private, 2 public subnet | |
module "vpc" { | |
source = "terraform-aws-modules/vpc/aws" | |
version = "v4.0.2" | |
name = "test-vpc" | |
cidr = var.vpc_cidr_block | |
azs = var.azs | |
private_subnets = var.private_subnet_cidr_blocks | |
public_subnets = var.public_subnet_cidr_blocks | |
manage_default_network_acl = false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_providers { | |
aws = { | |
source = "hashicorp/aws" | |
version = "~> 4.5" | |
} | |
} | |
required_version = "~> 1.4" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Initialize Docker plugin | |
packer { | |
required_plugins { | |
docker = { | |
version = ">= 0.0.7" | |
source = "github.com/hashicorp/docker" | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# To get the effective Account ID for where you are using Terraform | |
data "aws_caller_identity" "current_session" {} | |
# Create the multi-region CloudTrail trail | |
# Has log file integrity validation enabled, as well as logs IAM events | |
# Also logs data events for Lambda and S3 | |
resource "aws_cloudtrail" "myTrail" { | |
name = var.trail_name | |
s3_bucket_name = aws_s3_bucket.ct_bucket.id | |
s3_key_prefix = var.prefix |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a Lambda function | |
resource "aws_lambda_function" "py_sample_hello_world" { | |
function_name = var.lambda_name | |
s3_bucket = var.s3_bucket_id | |
s3_key = var.s3_bucket_key | |
runtime = "python3.8" | |
handler = "sample_python_code.handler" | |
role = aws_iam_role.lambda_execution_role.arn | |
timeout = 30 | |
memory_size = 128 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create an S3 bucket | |
resource "aws_s3_bucket" "example_bucket" { | |
bucket = var.bucket_name | |
} | |
# Enable versioning (optional but helpful for uploading multiple versions | |
resource "aws_s3_bucket_versioning" "bucket_versioning" { | |
bucket = aws_s3_bucket.example_bucket.id | |
versioning_configuration { | |
status = "Enabled" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create REST API | |
resource "aws_api_gateway_rest_api" "py_sample_api" { | |
name = var.api_name | |
description = "Simple REST API Hello World with Lambda proxy integration" | |
endpoint_configuration { | |
types = ["REGIONAL"] | |
} | |
} | |
# Set up proxy resource path |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_providers { | |
aws = { | |
source = "hashicorp/aws" | |
version = "~> 4.5" | |
} | |
} | |
required_version = "~> 1.3" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AWSTemplateFormatVersion: 2010-09-09 | |
Description: CloudFormation template for deploying a secure lambda function. | |
Parameters: | |
SecurityGroupId: | |
Description: Security Group ID used by your EC2 instance. | |
Type: String | |
SubnetId1: |
NewerOlder