adamenger · February 24, 2016 20:38
diff --git a/staging.tf b/staging.tf
 /*
  Staging VPC
  This terraform plan describes the entire staging VPC. It is intended to be used to bring up and connect all of the staging infrastructure.
  This plan does not include the actual staging environments, this is the infrastructure that lies beneath the environments.
 */

 provider "aws" {
    region = "us-east-1"
 }

 # The actual VPC instance
 resource "aws_vpc" "staging" {
    cidr_block = "10.0.0.0/16"
    tags {
      Name = "staging"
    }
 }

 # The internet GW, used for accessing the internet
 resource "aws_internet_gateway" "staging-gw" {
    vpc_id = "${aws_vpc.staging.id}"
    tags {
        Name = "staging-gateway"
    }
 }

 /*
  Private Network
  This network is where most of our instances will live. This subnet uses the NAT instance as a destination for egress traffic.
 */

 resource "aws_subnet" "private" {
    vpc_id = "${aws_vpc.staging.id}"
    cidr_block = "10.0.0.0/24"
    availability_zone = "us-east-1a"
    tags {
        Name = "Staging Private"
    }
 }

 resource "aws_route_table" "private" {
    vpc_id = "${aws_vpc.staging.id}"
    route {
        cidr_block = "0.0.0.0/0"
        network_interface_id = "${aws_nat_gateway.gw.network_interface_id}"
    }
    tags {
        Name = "Staging Private"
    }
 }

 resource "aws_route_table_association" "staging-private" {
    subnet_id = "${aws_subnet.private.id}"
    route_table_id = "${aws_route_table.private.id}"
 }

 # Set the main route for the VPC
 resource "aws_main_route_table_association" "main" {
    vpc_id = "${aws_vpc.staging.id}"
    route_table_id = "${aws_route_table.private.id}"
 }

 /*
  Public Network
  This network is where the load balancers and NAT instances live. This subnet uses the AWS Internet Gateway for egress traffic.
  Anything you need to reach from the outside internet goes here.
 */

 # Public subnet where internet accessible resources live
 # For instance, our NAT instance lives here.
 resource "aws_subnet" "public" {
    vpc_id = "${aws_vpc.staging.id}"
    cidr_block = "10.0.10.0/24"
    availability_zone = "us-east-1a"
    tags {
        Name = "Staging Public"
    }
 }

 resource "aws_route_table" "public" {
    vpc_id = "${aws_vpc.staging.id}"
    route {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.staging-gw.id}"
    }
    tags {
        Name = "Staging Public"
    }
 }

 resource "aws_route_table_association" "staging-public" {
    subnet_id = "${aws_subnet.public.id}"
    route_table_id = "${aws_route_table.public.id}"
 }

 /*
  Staging Managed NAT Instance
  This is the instance we will be using to transport our private subnet communications to the public internet.
 */

 # This is the public IP we will associate to the NAT instance
 resource "aws_eip" "stg-nat" {
    vpc = true
 }

 resource "aws_nat_gateway" "gw" {
    allocation_id = "${aws_eip.stg-nat.id}"
    subnet_id = "${aws_subnet.public.id}"
    depends_on = ["aws_internet_gateway.staging-gw"]
 }
	/*
	Staging VPC
	This terraform plan describes the entire staging VPC. It is intended to be used to bring up and connect all of the staging infrastructure.
	This plan does not include the actual staging environments, this is the infrastructure that lies beneath the environments.
	*/

	provider "aws" {
	region = "us-east-1"
	}

	# The actual VPC instance
	resource "aws_vpc" "staging" {
	cidr_block = "10.0.0.0/16"
	tags {
	Name = "staging"
	}
	}

	# The internet GW, used for accessing the internet
	resource "aws_internet_gateway" "staging-gw" {
	vpc_id = "${aws_vpc.staging.id}"
	tags {
	Name = "staging-gateway"
	}
	}

	/*
	Private Network
	This network is where most of our instances will live. This subnet uses the NAT instance as a destination for egress traffic.
	*/

	resource "aws_subnet" "private" {
	vpc_id = "${aws_vpc.staging.id}"
	cidr_block = "10.0.0.0/24"
	availability_zone = "us-east-1a"
	tags {
	Name = "Staging Private"
	}
	}

	resource "aws_route_table" "private" {
	vpc_id = "${aws_vpc.staging.id}"
	route {
	cidr_block = "0.0.0.0/0"
	network_interface_id = "${aws_nat_gateway.gw.network_interface_id}"
	}
	tags {
	Name = "Staging Private"
	}
	}

	resource "aws_route_table_association" "staging-private" {
	subnet_id = "${aws_subnet.private.id}"
	route_table_id = "${aws_route_table.private.id}"
	}

	# Set the main route for the VPC
	resource "aws_main_route_table_association" "main" {
	vpc_id = "${aws_vpc.staging.id}"
	route_table_id = "${aws_route_table.private.id}"
	}

	/*
	Public Network
	This network is where the load balancers and NAT instances live. This subnet uses the AWS Internet Gateway for egress traffic.
	Anything you need to reach from the outside internet goes here.
	*/

	# Public subnet where internet accessible resources live
	# For instance, our NAT instance lives here.
	resource "aws_subnet" "public" {
	vpc_id = "${aws_vpc.staging.id}"
	cidr_block = "10.0.10.0/24"
	availability_zone = "us-east-1a"
	tags {
	Name = "Staging Public"
	}
	}

	resource "aws_route_table" "public" {
	vpc_id = "${aws_vpc.staging.id}"
	route {
	cidr_block = "0.0.0.0/0"
	gateway_id = "${aws_internet_gateway.staging-gw.id}"
	}
	tags {
	Name = "Staging Public"
	}
	}

	resource "aws_route_table_association" "staging-public" {
	subnet_id = "${aws_subnet.public.id}"
	route_table_id = "${aws_route_table.public.id}"
	}

	/*
	Staging Managed NAT Instance
	This is the instance we will be using to transport our private subnet communications to the public internet.
	*/

	# This is the public IP we will associate to the NAT instance
	resource "aws_eip" "stg-nat" {
	vpc = true
	}

	resource "aws_nat_gateway" "gw" {
	allocation_id = "${aws_eip.stg-nat.id}"
	subnet_id = "${aws_subnet.public.id}"
	depends_on = ["aws_internet_gateway.staging-gw"]
	}