swade1987/gist:19bf39814af77d9a7f1df1e221f8c24f

## gistfile1.txt
resource "aws_security_group" "gocd_agent_elb" {
    name = "gocd-agent-elb-sg"
    description = "Security group for the gocd agent ELBs"
    vpc_id = "${var.vpc_id}"

    tags {
        Name = "gocd agent (ELB)"
    }

    # HTTP - SSL (SERVER TO AGENT)

    ingress {
        from_port = 8153
        to_port = 8153
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    # HTTPS - SSL (SERVER TO AGENT)
    ingress {
        from_port = 8154
        to_port = 8154
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    egress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }
}

resource "aws_security_group" "gocd_agent" {
    name = "gocd-agent-sg"
    description = "Security group for gocd agent instances"
    vpc_id = "${var.vpc_id}"

    tags {
        Name = "gocd agent security group"
    }

    # SSH
    ingress {
        from_port = 22
        to_port = 22
        protocol = "tcp"
        cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }

    # HTTP - SSL (SERVER TO AGENT)
    ingress {
        from_port = 8153
        to_port = 8153
        protocol = "tcp"
        security_groups = ["${aws_elb.gocd_agent_elb.source_security_group_id}"]
    }

    # HTTPS - SSL (SERVER TO AGENT)
    ingress {
        from_port = 8154
        to_port = 8154
        protocol = "tcp"
        security_groups = ["${aws_elb.gocd_agent_elb.source_security_group_id}"]
    }

    egress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["${var.ingress_cidr_blocks}"]
    }
}

resource "aws_iam_role" "gocd_agent" {
    name = "gocdAgent"
    assume_role_policy = "${file("${path.module}/policies/assume-role-policy.json")}"
}

resource "aws_iam_role_policy" "gocd_agent" {
    name = "gocdAgent"
    role = "${aws_iam_role.gocd_agent.id}"
    policy = "${file("${path.module}/policies/gocd-agent-policy.json")}"
}

resource "aws_iam_instance_profile" "gocd_agent" {
    name = "gocdAgent"
    roles = ["${aws_iam_role.gocd_agent.name}"]
}

resource "template_file" "init" {
    template = "${file("${path.module}/user_data.sh")}"
    vars {
        gocd_server = "${var.server_dns}"
        default_region = "${var.default_region}"
    }
}

resource "aws_elb" "gocd_elb" {
  name = "gocd-agent-elb"
  subnets = ["${split(",", var.public_subnets)}"]
  security_groups = ["${aws_security_group.gocd_agent_elb.id}"]
  cross_zone_load_balancing = true
  connection_draining = true

  listener {
    instance_port      = 8153
    instance_protocol  = "tcp"
    lb_port            = 8153
    lb_protocol        = "tcp"
  }

  listener {
    instance_port      = 8154
    instance_protocol  = "tcp"
    lb_port            = 8154
    lb_protocol        = "tcp"
  }

  health_check {
    healthy_threshold   = 2
    unhealthy_threshold = 2
    interval            = 10
    target              = "TCP:8153"
    timeout             = 5
  }
}

resource "aws_launch_configuration" "gocd_agent" {
    lifecycle {create_before_destroy = true}
    user_data = "${template_file.init.rendered}"

    image_id = "${var.ami}"
    instance_type = "${var.instance_type}"
    iam_instance_profile = "${aws_iam_instance_profile.gocd_agent.id}"

    name_prefix = "gocd-agent-launch-configuration"

    security_groups = ["${aws_security_group.gocd_agent.id}"]
    associate_public_ip_address = false
    ebs_optimized = false
    key_name = "${var.key_name}"
}

resource "aws_autoscaling_group" "gocd_agent" {
    lifecycle { create_before_destroy = true }

    name = "gocd-agent-autoscaling-group"
    launch_configuration = "${aws_launch_configuration.gocd_agent.id}"

    max_size = "${var.number_of_instances}"
    min_size = "${var.minimum_number_of_instances}"
    desired_capacity = "${var.number_of_instances}"
    wait_for_elb_capacity = "${var.number_of_instances}"
    default_cooldown = 30
    health_check_grace_period = "900"
    health_check_type = "EC2"

    load_balancers = ["${aws_elb.gocd_elb.name}"]
    vpc_zone_identifier = ["${split(",", var.public_subnets)}"]

    tag {
        key = "Name"
        value = "gocd-agent"
        propagate_at_launch = true
    }

    tag {
        key = "role"
        value = "gocd-agent"
        propagate_at_launch = true
    }
}
	resource "aws_security_group" "gocd_agent_elb" {
	name = "gocd-agent-elb-sg"
	description = "Security group for the gocd agent ELBs"
	vpc_id = "${var.vpc_id}"

	tags {
	Name = "gocd agent (ELB)"
	}

	# HTTP - SSL (SERVER TO AGENT)

	ingress {
	from_port = 8153
	to_port = 8153
	protocol = "tcp"
	cidr_blocks = ["${var.ingress_cidr_blocks}"]
	}

	# HTTPS - SSL (SERVER TO AGENT)
	ingress {
	from_port = 8154
	to_port = 8154
	protocol = "tcp"
	cidr_blocks = ["${var.ingress_cidr_blocks}"]
	}

	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["${var.ingress_cidr_blocks}"]
	}
	}

	resource "aws_security_group" "gocd_agent" {
	name = "gocd-agent-sg"
	description = "Security group for gocd agent instances"
	vpc_id = "${var.vpc_id}"

	tags {
	Name = "gocd agent security group"
	}

	# SSH
	ingress {
	from_port = 22
	to_port = 22
	protocol = "tcp"
	cidr_blocks = ["${var.ingress_cidr_blocks}"]
	}

	# HTTP - SSL (SERVER TO AGENT)
	ingress {
	from_port = 8153
	to_port = 8153
	protocol = "tcp"
	security_groups = ["${aws_elb.gocd_agent_elb.source_security_group_id}"]
	}

	# HTTPS - SSL (SERVER TO AGENT)
	ingress {
	from_port = 8154
	to_port = 8154
	protocol = "tcp"
	security_groups = ["${aws_elb.gocd_agent_elb.source_security_group_id}"]
	}

	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["${var.ingress_cidr_blocks}"]
	}
	}

	resource "aws_iam_role" "gocd_agent" {
	name = "gocdAgent"
	assume_role_policy = "${file("${path.module}/policies/assume-role-policy.json")}"
	}

	resource "aws_iam_role_policy" "gocd_agent" {
	name = "gocdAgent"
	role = "${aws_iam_role.gocd_agent.id}"
	policy = "${file("${path.module}/policies/gocd-agent-policy.json")}"
	}

	resource "aws_iam_instance_profile" "gocd_agent" {
	name = "gocdAgent"
	roles = ["${aws_iam_role.gocd_agent.name}"]
	}

	resource "template_file" "init" {
	template = "${file("${path.module}/user_data.sh")}"
	vars {
	gocd_server = "${var.server_dns}"
	default_region = "${var.default_region}"
	}
	}

	resource "aws_elb" "gocd_elb" {
	name = "gocd-agent-elb"
	subnets = ["${split(",", var.public_subnets)}"]
	security_groups = ["${aws_security_group.gocd_agent_elb.id}"]
	cross_zone_load_balancing = true
	connection_draining = true

	listener {
	instance_port = 8153
	instance_protocol = "tcp"
	lb_port = 8153
	lb_protocol = "tcp"
	}

	listener {
	instance_port = 8154
	instance_protocol = "tcp"
	lb_port = 8154
	lb_protocol = "tcp"
	}

	health_check {
	healthy_threshold = 2
	unhealthy_threshold = 2
	interval = 10
	target = "TCP:8153"
	timeout = 5
	}
	}

	resource "aws_launch_configuration" "gocd_agent" {
	lifecycle {create_before_destroy = true}
	user_data = "${template_file.init.rendered}"

	image_id = "${var.ami}"
	instance_type = "${var.instance_type}"
	iam_instance_profile = "${aws_iam_instance_profile.gocd_agent.id}"

	name_prefix = "gocd-agent-launch-configuration"

	security_groups = ["${aws_security_group.gocd_agent.id}"]
	associate_public_ip_address = false
	ebs_optimized = false
	key_name = "${var.key_name}"
	}

	resource "aws_autoscaling_group" "gocd_agent" {
	lifecycle { create_before_destroy = true }

	name = "gocd-agent-autoscaling-group"
	launch_configuration = "${aws_launch_configuration.gocd_agent.id}"

	max_size = "${var.number_of_instances}"
	min_size = "${var.minimum_number_of_instances}"
	desired_capacity = "${var.number_of_instances}"
	wait_for_elb_capacity = "${var.number_of_instances}"
	default_cooldown = 30
	health_check_grace_period = "900"
	health_check_type = "EC2"

	load_balancers = ["${aws_elb.gocd_elb.name}"]
	vpc_zone_identifier = ["${split(",", var.public_subnets)}"]

	tag {
	key = "Name"
	value = "gocd-agent"
	propagate_at_launch = true
	}

	tag {
	key = "role"
	value = "gocd-agent"
	propagate_at_launch = true
	}
	}