Created
June 14, 2020 21:07
-
-
Save rohitg00/b3ddad1589e28768f22d876f9fe7eafd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Describing Provider | |
provider "aws" { | |
region = "ap-south-1" | |
profile = "rg" | |
} | |
//Creating Variable for AMI_ID | |
variable "ami_id" { | |
type = string | |
default = "ami-0447a12f28fddb066" | |
} | |
//Creating Variable for AMI_Type | |
variable "ami_type" { | |
type = string | |
default = "t2.micro" | |
} | |
//Creating Key | |
resource "tls_private_key" "tls_key" { | |
algorithm = "RSA" | |
} | |
//Generating Key-Value Pair | |
resource "aws_key_pair" "generated_key" { | |
key_name = "rg-env-key" | |
public_key = "${tls_private_key.tls_key.public_key_openssh}" | |
depends_on = [ | |
tls_private_key.tls_key | |
] | |
} | |
//Saving Private Key PEM File | |
resource "local_file" "key-file" { | |
content = "${tls_private_key.tls_key.private_key_pem}" | |
filename = "rg-env-key.pem" | |
depends_on = [ | |
tls_private_key.tls_key | |
] | |
} | |
//Creating Security Group | |
resource "aws_security_group" "web-SG" { | |
name = "web-env-SG" | |
description = "Web Environment Security Group" | |
//Adding Rules to Security Group | |
ingress { | |
description = "SSH Rule" | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
ingress { | |
description = "HTTP Rule" | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
} | |
//Creating a S3 Bucket | |
resource "aws_s3_bucket" "web-bucket" { | |
bucket = "web-static-data-bucket" | |
acl = "public-read" | |
} | |
//Putting Objects in S3 Bucket | |
resource "aws_s3_bucket_object" "web-object1" { | |
bucket = "${aws_s3_bucket.web-bucket.bucket}" | |
key = "ias1.png" | |
source = "ias1.png" | |
acl = "public-read" | |
} | |
//Putting Objects in S3 Bucket | |
resource "aws_s3_bucket_object" "web-object2" { | |
bucket = "${aws_s3_bucket.web-bucket.bucket}" | |
key = "ias2.png" | |
source = "ias2.png" | |
acl = "public-read" | |
} | |
//Putting Objects in S3 Bucket | |
resource "aws_s3_bucket_object" "web-object3" { | |
bucket = "${aws_s3_bucket.web-bucket.bucket}" | |
key = "ias3.png" | |
source = "ias3.png" | |
acl = "public-read" | |
} | |
//Creating CloutFront with S3 Bucket Origin | |
resource "aws_cloudfront_distribution" "s3-web-distribution" { | |
origin { | |
domain_name = "${aws_s3_bucket.web-bucket.bucket_regional_domain_name}" | |
origin_id = "${aws_s3_bucket.web-bucket.id}" | |
} | |
enabled = true | |
is_ipv6_enabled = true | |
comment = "S3 Web Distribution" | |
default_cache_behavior { | |
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] | |
cached_methods = ["GET", "HEAD"] | |
target_origin_id = "${aws_s3_bucket.web-bucket.id}" | |
forwarded_values { | |
query_string = false | |
cookies { | |
forward = "none" | |
} | |
} | |
viewer_protocol_policy = "allow-all" | |
min_ttl = 0 | |
default_ttl = 3600 | |
max_ttl = 86400 | |
} | |
restrictions { | |
geo_restriction { | |
restriction_type = "whitelist" | |
locations = ["IN"] | |
} | |
} | |
tags = { | |
Name = "Web-CF-Distribution" | |
Environment = "Production" | |
} | |
viewer_certificate { | |
cloudfront_default_certificate = true | |
} | |
depends_on = [ | |
aws_s3_bucket.web-bucket | |
] | |
} | |
//Launching EC2 Instance | |
resource "aws_instance" "web" { | |
ami = "${var.ami_id}" | |
instance_type = "${var.ami_type}" | |
key_name = "${aws_key_pair.generated_key.key_name}" | |
security_groups = ["${aws_security_group.web-SG.name}","default"] | |
//Labelling the Instance | |
tags = { | |
Name = "Web-Env" | |
env = "Production" | |
} | |
//Put CloudFront URLs in our Website Code | |
provisioner "local-exec" { | |
command = "sed -i 's/CF_URL_Here/${aws_cloudfront_distribution.s3-web-distribution.domain_name}/g' webapp.html" | |
} | |
//Copy our Wesite Code i.e. HTML File in Instance | |
provisioner "file" { | |
connection { | |
agent = false | |
type = "ssh" | |
user = "ec2-user" | |
private_key = "${tls_private_key.tls_key.private_key_pem}" | |
host = "${aws_instance.web.public_ip}" | |
} | |
source = "webapp.html" | |
destination = "/home/ec2-user/webapp.html" | |
} | |
//Executing Commands to initiate WebServer in Instance Over SSH | |
provisioner "remote-exec" { | |
connection { | |
agent = "false" | |
type = "ssh" | |
user = "ec2-user" | |
private_key = "${tls_private_key.tls_key.private_key_pem}" | |
host = "${aws_instance.web.public_ip}" | |
} | |
inline = [ | |
"sudo yum install httpd -y", | |
"sudo systemctl start httpd", | |
"sudo systemctl enable httpd", | |
] | |
} | |
//Storing Key and IP in Local Files | |
provisioner "local-exec" { | |
command = "echo ${aws_instance.web.public_ip} > public-ip.txt" | |
} | |
depends_on = [ | |
aws_security_group.web-SG, | |
aws_key_pair.generated_key | |
] | |
} | |
//Creating EBS Volume | |
resource "aws_ebs_volume" "web-vol" { | |
availability_zone = "${aws_instance.web.availability_zone}" | |
size = 1 | |
tags = { | |
Name = "ebs-vol" | |
} | |
} | |
//Attaching EBS Volume to a Instance | |
resource "aws_volume_attachment" "ebs_att" { | |
device_name = "/dev/sdh" | |
volume_id = "${aws_ebs_volume.web-vol.id}" | |
instance_id = "${aws_instance.web.id}" | |
force_detach = true | |
//Format and Mount EBS Volume then Copy our WebSite Code in Webserver Document Root | |
provisioner "remote-exec" { | |
connection { | |
agent = "false" | |
type = "ssh" | |
user = "ec2-user" | |
private_key = "${tls_private_key.tls_key.private_key_pem}" | |
host = "${aws_instance.web.public_ip}" | |
} | |
inline = [ | |
"sudo mkfs.ext4 /dev/xvdh", | |
"sudo mount /dev/xvdh /var/www/html/", | |
"sudo cp /home/ec2-user/webapp.html /var/www/html/" | |
] | |
} | |
depends_on = [ | |
aws_instance.web, | |
aws_ebs_volume.web-vol | |
] | |
} | |
//Creating EBS Snapshot | |
resource "aws_ebs_snapshot" "ebs_snapshot" { | |
volume_id = "${aws_ebs_volume.web-vol.id}" | |
description = "Snapshot of our EBS volume" | |
tags = { | |
env = "Production" | |
} | |
depends_on = [ | |
aws_volume_attachment.ebs_att | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment