paulcdejean/three.tf

## three.tf
resource "aws_route_table_association" "lb" {
  subnet_id      = aws_subnet.lb.id
  route_table_id = aws_route_table.public.id
}

resource "aws_subnet" "lb_other_subnet" {
  vpc_id            = aws_vpc.vpc.id
  cidr_block        = "10.0.200.0/24"
  availability_zone = "us-east-1b"
  tags = {
    Name = "oauthexample_lb_othersubnet"
  }
}

resource "aws_route_table_association" "lb_other_subnet" {
  subnet_id      = aws_subnet.lb_other_subnet.id
  route_table_id = aws_route_table.public.id
}

resource "aws_lb_target_group" "prometheus" {
  name     = "prometheus"
  port     = 80
  protocol = "HTTP"
  vpc_id   = aws_vpc.vpc.id
}

resource "aws_lb_target_group_attachment" "prometheus" {
  target_group_arn = aws_lb_target_group.prometheus.arn
  target_id        = aws_instance.prom.id
  port             = 80
}

resource "aws_security_group" "lb" {
  name        = "oauthexample-lb"
  description = "oauthexample sg for app elbs"
  vpc_id      = aws_vpc.vpc.id
}

resource "aws_security_group_rule" "lb" {
  security_group_id = aws_security_group.lb.id
  type              = "ingress"
  cidr_blocks       = ["0.0.0.0/0"]
  protocol          = "tcp"
  from_port         = 80
  to_port           = 80
}

resource "aws_security_group_rule" "lb-1" {
  security_group_id = aws_security_group.lb.id
  type              = "ingress"
  ipv6_cidr_blocks  = ["::/0"]
  protocol          = "tcp"
  from_port         = 80
  to_port           = 80

}

resource "aws_security_group_rule" "lb-2" {
  security_group_id = aws_security_group.lb.id
  type              = "ingress"
  cidr_blocks       = ["0.0.0.0/0"]
  protocol          = "tcp"
  from_port         = 443
  to_port           = 443
}

resource "aws_security_group_rule" "lb-3" {
  security_group_id = aws_security_group.lb.id
  type              = "ingress"
  ipv6_cidr_blocks  = ["::/0"]
  protocol          = "tcp"
  from_port         = 443
  to_port           = 443
}

resource "aws_security_group_rule" "lb-4" {
  security_group_id = aws_security_group.lb.id
  type              = "egress"
  cidr_blocks       = ["0.0.0.0/0"]
  protocol          = "all"
  from_port         = 0
  to_port           = 0
}

data "aws_acm_certificate" "oauthexample" {
  domain   = "pauldejean.com"
  statuses = ["ISSUED"]
}

resource "aws_lb" "oauthexample" {
  name               = "oauthexample"
  internal           = false
  load_balancer_type = "application"
  security_groups    = [aws_security_group.lb.id]
  subnets            = [aws_subnet.lb.id, aws_subnet.lb_other_subnet.id]
}
	resource "aws_route_table_association" "lb" {
	subnet_id = aws_subnet.lb.id
	route_table_id = aws_route_table.public.id
	}

	resource "aws_subnet" "lb_other_subnet" {
	vpc_id = aws_vpc.vpc.id
	cidr_block = "10.0.200.0/24"
	availability_zone = "us-east-1b"
	tags = {
	Name = "oauthexample_lb_othersubnet"
	}
	}

	resource "aws_route_table_association" "lb_other_subnet" {
	subnet_id = aws_subnet.lb_other_subnet.id
	route_table_id = aws_route_table.public.id
	}

	resource "aws_lb_target_group" "prometheus" {
	name = "prometheus"
	port = 80
	protocol = "HTTP"
	vpc_id = aws_vpc.vpc.id
	}

	resource "aws_lb_target_group_attachment" "prometheus" {
	target_group_arn = aws_lb_target_group.prometheus.arn
	target_id = aws_instance.prom.id
	port = 80
	}

	resource "aws_security_group" "lb" {
	name = "oauthexample-lb"
	description = "oauthexample sg for app elbs"
	vpc_id = aws_vpc.vpc.id
	}

	resource "aws_security_group_rule" "lb" {
	security_group_id = aws_security_group.lb.id
	type = "ingress"
	cidr_blocks = ["0.0.0.0/0"]
	protocol = "tcp"
	from_port = 80
	to_port = 80
	}

	resource "aws_security_group_rule" "lb-1" {
	security_group_id = aws_security_group.lb.id
	type = "ingress"
	ipv6_cidr_blocks = ["::/0"]
	protocol = "tcp"
	from_port = 80
	to_port = 80

	}

	resource "aws_security_group_rule" "lb-2" {
	security_group_id = aws_security_group.lb.id
	type = "ingress"
	cidr_blocks = ["0.0.0.0/0"]
	protocol = "tcp"
	from_port = 443
	to_port = 443
	}

	resource "aws_security_group_rule" "lb-3" {
	security_group_id = aws_security_group.lb.id
	type = "ingress"
	ipv6_cidr_blocks = ["::/0"]
	protocol = "tcp"
	from_port = 443
	to_port = 443
	}

	resource "aws_security_group_rule" "lb-4" {
	security_group_id = aws_security_group.lb.id
	type = "egress"
	cidr_blocks = ["0.0.0.0/0"]
	protocol = "all"
	from_port = 0
	to_port = 0
	}

	data "aws_acm_certificate" "oauthexample" {
	domain = "pauldejean.com"
	statuses = ["ISSUED"]
	}

	resource "aws_lb" "oauthexample" {
	name = "oauthexample"
	internal = false
	load_balancer_type = "application"
	security_groups = [aws_security_group.lb.id]
	subnets = [aws_subnet.lb.id, aws_subnet.lb_other_subnet.id]
	}