Last active
November 2, 2016 11:51
-
-
Save rofr/c481c45aaf78dcce4c2c07c25997c374 to your computer and use it in GitHub Desktop.
Amazon VPC, security group and SSH access
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- partial output of terraform show | |
public_dns = ec2-52-91-147-187.compute-1.amazonaws.com | |
public_ip = 52.91.147.187 | |
root_block_device.# = 1 | |
root_block_device.0.delete_on_termination = true | |
root_block_device.0.iops = 100 | |
root_block_device.0.volume_size = 10 | |
root_block_device.0.volume_type = gp2 | |
security_groups.# = 0 | |
source_dest_check = true | |
subnet_id = subnet-37c7080b | |
tags.% = 1 | |
tags.sshUser = ec2-user | |
tenancy = default | |
vpc_security_group_ids.# = 1 | |
vpc_security_group_ids.814676736 = sg-e8d21295 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "aws_vpc" "main" { | |
cidr_block = "10.0.0.0/16" | |
enable_dns_hostnames = true | |
tags { | |
Name = "My VPC" | |
} | |
} | |
resource "aws_subnet" "main" { | |
vpc_id = "${aws_vpc.main.id}" | |
cidr_block = "10.0.1.0/24" | |
tags { | |
Name = "Main" | |
} | |
} | |
resource "aws_security_group" "main" { | |
name = "main" | |
description = "Allow inbound ssh, http" | |
vpc_id = "${aws_vpc.main.id}" | |
ingress { | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
ingress { | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
resource "aws_instance" "my_instance" { | |
ami = "${var.ami}" | |
instance_type = "t2.medium" | |
key_name = "${var.key_name}" | |
subnet_id = "${aws_subnet.main.id}" | |
associate_public_ip_address = true | |
vpc_security_group_ids = ["${aws_security_group.main.id}"] | |
tags { | |
sshUser = "ec2-user" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I can't connect with ssh to the public ip of the instance... so probably something wrong with the security group config. What's the difference between security_groups and vpc_security_group_ids ?