-
Notifications
You must be signed in to change notification settings - Fork 3
/
vpc.tf
144 lines (115 loc) · 3.72 KB
/
vpc.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# Create VPC
resource "aws_vpc" "PythonAPP" {
cidr_block = var.vpc_cidr
enable_dns_hostnames = var.enable_dns_hostnames
enable_dns_support = var.enable_dns_support
tags = {
Name = format("%s-VPC", var.name)
}
}
# Create Public subnet
resource "aws_subnet" "public_subnet1" {
vpc_id = aws_vpc.PythonAPP.id
cidr_block = "192.168.1.0/24"
availability_zone = "us-east-1a"
map_public_ip_on_launch = true
tags = {
Name = format("%s-Public-Subnet-1", var.name)
}
}
resource "aws_subnet" "public_subnet2" {
vpc_id = aws_vpc.PythonAPP.id
cidr_block = "192.168.3.0/24"
availability_zone = "us-east-1b"
map_public_ip_on_launch = true
tags = {
Name = format("%s-Public-Subnet-2", var.name)
}
}
# Create Private subnet
resource "aws_subnet" "private_subnet1" {
vpc_id = aws_vpc.PythonAPP.id
cidr_block = "192.168.2.0/24"
availability_zone = "us-east-1a"
map_public_ip_on_launch = false
tags = {
Name = format("%s-Private-Subnet-1", var.name)
}
}
resource "aws_subnet" "private_subnet2" {
vpc_id = aws_vpc.PythonAPP.id
cidr_block = "192.168.4.0/24"
availability_zone = "us-east-1b"
map_public_ip_on_launch = false
tags = {
Name = format("%s-Private-Subnet-2", var.name)
}
}
# Create Internet gateway
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.PythonAPP.id
tags = {
Name = format("%s-IGW", var.name)
}
}
# Create Elastic IP
resource "aws_eip" "nat_eip" {
vpc = true
depends_on = [aws_internet_gateway.igw]
tags = {
Name = format("%s-EIP", var.name)
}
}
# create NAT gateway
resource "aws_nat_gateway" "natgw" {
allocation_id = aws_eip.nat_eip.id
subnet_id = aws_subnet.public_subnet1.id
depends_on = [aws_internet_gateway.igw]
tags = {
Name = format("%s-NAT", var.name)
}
}
# create route table association
resource "aws_route_table" "private-rtb" {
vpc_id = aws_vpc.PythonAPP.id
tags = {
Name = format("%s-Private-Route-Table", var.name)
}
}
# create route for the private route table and attatch a nat gateway to it
resource "aws_route" "private-rtb-route" {
route_table_id = aws_route_table.private-rtb.id
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_nat_gateway.natgw.id
}
# associate private subnets to the private route table
resource "aws_route_table_association" "private-subnets1-assoc" {
subnet_id = aws_subnet.private_subnet1.id
route_table_id = aws_route_table.private-rtb.id
}
resource "aws_route_table_association" "private-subnets2-assoc" {
subnet_id = aws_subnet.private_subnet2.id
route_table_id = aws_route_table.private-rtb.id
}
# create route table for the public subnets
resource "aws_route_table" "public-rtb" {
vpc_id = aws_vpc.PythonAPP.id
tags = {
Name = format("%s-Public-Route-Table", var.name)
}
}
# create route for the public route table and attach the internet gateway
resource "aws_route" "public-rtb-route" {
route_table_id = aws_route_table.public-rtb.id
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
# associate all public subnets to the public route table
resource "aws_route_table_association" "public-subnets1-assoc" {
subnet_id = aws_subnet.public_subnet1.id
route_table_id = aws_route_table.public-rtb.id
}
resource "aws_route_table_association" "public-subnets2-assoc" {
subnet_id = aws_subnet.public_subnet2.id
route_table_id = aws_route_table.public-rtb.id
}