100daysofdevops
/ kms_ebs.tf
Created
March 5, 2019 16:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "us-west-2" | |
| } | |
| resource "aws_ebs_volume" "my-test-kms-ebs" { | |
| availability_zone = "us-west-2a" | |
| size = 10 | |
| type = "gp2" | |
| encrypted = true | |
| kms_key_id = "${var.kms_key}" |
100daysofdevops
/ terraform_kms.tf
Created
March 4, 2019 23:28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_kms_key" "my-kms-key" { | |
| description = "My KMS Keys for Data Encryption" | |
| enable_key_rotation = true | |
| tags { | |
| Name = "my-kms-keys" | |
| } | |
| policy = <<EOF | |
| { |
100daysofdevops
/ ansible_apache_playbook.yml
Created
March 4, 2019 00:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - hosts: all | |
| sudo: yes | |
| tasks: | |
| - name: Installing Latest version of Apache | |
| yum: pkg=httpd state=latest | |
| - name: (Enable it on System Boot) | |
| service: name=httpd enabled=yes |
100daysofdevops
/ terraform_plan_rds
Created
March 3, 2019 20:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ terraform plan | |
| Refreshing Terraform state in-memory prior to plan... | |
| The refreshed state will be used to calculate this plan, but will not be | |
| persisted to local or remote state storage. | |
| aws_kms_key.rds-key: Refreshing state... (ID: 9731dd04-5859-430b-aa92-c27c517ecb10) | |
| data.aws_kms_secret.rds: Refreshing state... | |
| data.aws_availability_zones.available: Refreshing state... | |
| aws_kms_alias.rds-kms-alias: Refreshing state... (ID: alias/rds-kms-key) |
100daysofdevops
/ kms_rds_password.tf
Created
March 3, 2019 20:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| data "aws_kms_secret" "rds-secret" { | |
| "secret" { | |
| name = "master_password" | |
| payload = "payload value here" | |
| } | |
| } | |
| resource "aws_db_instance" "my_test_mysql" { | |
| allocated_storage = 20 | |
| storage_type = "gp2" |
100daysofdevops
/ kms_keys.tf
Created
March 3, 2019 20:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_kms_key" "rds-key" { | |
| description = "key to encrypt rds password" | |
| tags { | |
| Name = "my-rds-kms-key" | |
| } | |
| } | |
| resource "aws_kms_alias" "rds-kms-alias" { | |
| target_key_id = "${aws_kms_key.rds-key.id}" | |
| name = "alias/rds-kms-key" |
100daysofdevops
/ rds_mysql.tf
Last active
December 22, 2019 10:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_db_instance" "my_test_mysql" { | |
| allocated_storage = 20 | |
| storage_type = "gp2" | |
| engine = "mysql" | |
| engine_version = "5.7" | |
| instance_class = "${var.db_instance}" | |
| name = "myrdstestmysql" | |
| username = "admin" | |
| password = "admin123" | |
| parameter_group_name = "default.mysql5.7" |
100daysofdevops
/ mysql_rds_port.tf
Created
March 3, 2019 19:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_security_group" "rds-sg" { | |
| name = "my-rds-sg" | |
| vpc_id = "${var.vpc_id}" | |
| } | |
| # Ingress Security Port 3306 | |
| resource "aws_security_group_rule" "mysql_inbound_access" { | |
| from_port = 3306 | |
| protocol = "tcp" |
100daysofdevops
/ rds_db_subnet.tf
Created
March 3, 2019 19:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_db_subnet_group" "rds-private-subnet" { | |
| name = "rds-private-subnet-group" | |
| subnet_ids = ["${var.rds_subnet1}","${var.rds_subnet2}"] | |
| } |
100daysofdevops
/ packer_build
Created
March 3, 2019 03:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ packer build firsttemplate.packer | |
| amazon-ebs output will be in this color. | |
| ==> amazon-ebs: Prevalidating AMI Name: centos-packer-example-1.0 | |
| amazon-ebs: Found Image ID: ami-01ed306a12b7d1c96 | |
| ==> amazon-ebs: Creating temporary keypair: packer_5c7b46cd-f58f-c1e6-161e-d7a4ecc53127 | |
| ==> amazon-ebs: Creating temporary security group for this instance: packer_5c7b46e8-8b46-6e0c-39cd-d396e00a437c | |
| ==> amazon-ebs: Authorizing access to port 22 from 0.0.0.0/0 in the temporary security group... | |
| ==> amazon-ebs: Launching a source AWS instance... | |
| ==> amazon-ebs: Adding tags to source instance |