Dev (#8)

* Refactor and add private and public subnet. Add NAT condition * Add rds module, improve vpc and sg name in instances modules * Types of variables changes
filatov0120 · Feb 14, 2024 · c80957d · c80957d
1 parent 1dbd5d6
commit c80957d
Show file tree

Hide file tree

Showing 31 changed files with 871 additions and 152 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,34 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
diff --git a/aws_ebs/main.tf b/aws_ebs/main.tf
@@ -2,5 +2,17 @@ resource "aws_ebs_volume" "this" {
   availability_zone = var.azs
   size              = var.size
   type              = var.type
-  tags              = var.common_tags
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}-${var.instance_name}-ebs"
+    Project     = var.project_name
+    Environment = var.env
+    Terraform   = true
+  }
+}
+
+resource "aws_volume_attachment" "ebs_att" {
+  device_name = var.device_path
+  volume_id   = aws_ebs_volume.this.id
+  instance_id = var.instance_id
 }
diff --git a/aws_ebs/outputs.tf b/aws_ebs/outputs.tf
@@ -1,4 +1,4 @@
 output "storage_id" {
-    description = "Storege ID"
-    value = aws_ebs_volume.this.id
+  description = "Storege ID"
+  value       = aws_ebs_volume.this.id
 }
diff --git a/aws_ebs/variables.tf b/aws_ebs/variables.tf
@@ -1,28 +1,42 @@
 variable "azs" {
-    description = "Availability Zones list"
-    default     = ""  
+  description = "Availability Zones list"
+  type        = string
+}
+
+variable "env" {
+  description = "Name of env"
+  type        = string
+}
+
+variable "project_name" {
+  description = "Name of project"
+  type        = string
+  validation {
+    condition     = length(var.project_name) > 3
+    error_message = "The project_name value must be set and more than 3 symbols."
+  }
+}
+
+variable "instance_name" {
+  description = "Name of project"
+  type        = string
 }
 
 variable "type" {
-  description = "Type of storage"  
+  description = "Type of storage"
 }
 
 variable "size" {
-    description = "Storage size"
+  description = "Storage size"
+  type        = string
 }
 
-variable "proj_name" {
-  description = "Name of project"
+variable "instance_id" {
+  description = "Instance id for attach volume"
   type        = string
-  default     = ""
 }
 
-variable "common_tags" {
-  description = "Common tags to apply resourses"
-  type        = map(any)
-  default = {
-    Name        = ""
-    Project     = ""
-    Environment = ""
-  }
-}
+variable "device_path" {
+  description = "Device path"
+  type        = string
+}
diff --git a/aws_instance/data.tf b/aws_instance/data.tf
diff --git a/aws_instance/main.tf b/aws_instance/main.tf
@@ -16,16 +16,22 @@ resource "aws_instance" "this" {
     volume_type = var.root_volume_type
   }
 
-  tags = merge(var.instance_tags, {
-    Name = var.instance_name
-  })
+  tags = {
+    Name        = "${var.project_name}-${var.env}-${var.instance_name}"
+    Project     = var.project_name,
+    Environment = var.env
+    Terraform   = true
+  }
 }
 
 resource "aws_eip" "this" {
   instance = aws_instance.this.id
   domain   = "vpc"
 
-  tags = merge(var.instance_tags, {
-    Name = "${var.instance_name}-EIP"
-  })
+  tags = {
+    Name        = "${var.instance_name}-EIP"
+    Project     = var.project_name,
+    Environment = var.env
+    Terraform   = true
+  }
 }
diff --git a/aws_instance/outputs.tf b/aws_instance/outputs.tf
@@ -8,11 +8,6 @@ output "instance_public_ip" {
   value       = aws_instance.this.public_ip
 }
 
-output "instance_public_url" {
-  description = "Public URL address of EC2 instance"
-  value       = aws_instance.this.public_dns
-}
-
 output "elastic_ip" {
   description = "Elastic IP for instance"
   value       = aws_eip.this.public_ip

diff --git a/aws_instance/sg.tf b/aws_instance/sg.tf
@@ -1,7 +1,14 @@
 resource "aws_security_group" "this" {
-  name        = "${var.instance_name}-sg"
-  description = "Security Group for instance"
-  vpc_id      = var.vpc_id
+  # description = "Security Group for instance"
+  name   = "${var.project_name}-${var.env}-${var.instance_name}"
+  vpc_id = var.vpc_id
+
+  tags = {
+    Name        = "${var.project_name}-${var.env}-sg"
+    Project     = var.project_name,
+    Environment = var.env
+    Terraform   = true
+  }
 }
 
 resource "aws_security_group_rule" "access_tcp_from_internet" {

diff --git a/aws_instance/variables.tf b/aws_instance/variables.tf
@@ -1,11 +1,10 @@
 variable "region" {
-  default = ""
+  default = "eu-central-1"
 }
 
 variable "azs" {
-  type        = string
   description = "Availability Zones list"
-  default     = ""
+  type        = string
 }
 
 variable "ssh_key" {
@@ -21,13 +20,15 @@ variable "ami" {
 variable "instance_name" {
   description = "My instance's name"
   type        = string
-  default     = ""
 }
 
 variable "instance_type" {
   description = "My instance's type"
   type        = string
-  default     = ""
+  validation {
+    condition     = length(var.instance_type) > 0
+    error_message = "The project_name value must be."
+  }
 }
 
 variable "root_block_size" {
@@ -39,7 +40,7 @@ variable "root_block_size" {
 variable "root_volume_type" {
   description = "Storage type"
   type        = string
-  default     = "gp2"
+  default     = "gp3"
 }
 
 variable "instance_profile" {
@@ -49,10 +50,12 @@ variable "instance_profile" {
 
 variable "vpc_id" {
   description = "VPC for instance"
+  type        = string
 }
 
 variable "cidr_vpc" {
   description = "VPC_cidr_block"
+  type        = string
 }
 
 variable "subnet_id" {
@@ -61,55 +64,47 @@ variable "subnet_id" {
 
 variable "allow_tcp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "allow_udp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "start_tcp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "end_tcp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "start_udp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "end_udp_ports" {
   description = "List of ports to open for server"
-  type        = list(any)
-  default     = []
+  type        = list(string)
 }
 
 variable "project_name" {
   description = "Project name"
-  default     = ""
+  validation {
+    condition     = length(var.project_name) > 3
+    error_message = "The project_name value must be set and more than 3 symbols."
+  }
 }
 
-variable "user_data" {
-  description = "User data for instance"
+variable "env" {
+  description = "env"
+  type        = string
 }
 
-variable "instance_tags" {
-  description = "Common tags to apply resourses"
-  type        = map(any)
-  default = {
-    Name        = ""
-    Project     = ""
-    Environment = ""
-  }
+variable "user_data" {
+  description = "User data for instance"
 }
diff --git a/aws_instance_without_eip/data.tf b/aws_instance_without_eip/data.tf
diff --git a/aws_instance_without_eip/main.tf b/aws_instance_without_eip/main.tf
@@ -5,13 +5,21 @@ resource "aws_instance" "this" {
   vpc_security_group_ids = [aws_security_group.this.id]
   subnet_id              = var.subnet_id
   key_name               = var.ssh_key
+  user_data              = var.user_data
+
+  lifecycle {
+    ignore_changes = [user_data]
+  }
 
   root_block_device {
     volume_size = var.root_block_size
     volume_type = var.root_volume_type
   }
 
-  tags = merge(var.instance_tags, {
-    Name = var.instance_name
-  })
-}
+  tags = {
+    Name        = "${var.project_name}-${var.env}-${var.instance_name}"
+    Project     = var.project_name,
+    Environment = var.env
+    Terraform   = true
+  }
+}
diff --git a/aws_instance_without_eip/sg.tf b/aws_instance_without_eip/sg.tf
@@ -1,7 +1,7 @@
 resource "aws_security_group" "this" {
-  name        = "${var.instance_name}-sg"
-  description = "Security Group for instance"
-  vpc_id      = var.vpc_id
+  # description = "Security Group for instance"
+  name   = "${var.project_name}-${var.env}-${var.instance_name}"
+  vpc_id = var.vpc_id
 }
 
 resource "aws_security_group_rule" "access_tcp_from_internet" {