alexjurkiewicz · October 26, 2020 06:38
diff --git a/main.tf b/main.tf
 locals {
  name = "pr15755"
 }

 variable aws_region {
  type    = string
  default = "ap-southeast-2"
 }
 provider aws {
  region = var.aws_region
 }

 # Base VPC
 data aws_availability_zones available {}
 module "vpc" {
  source     = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=master"
  name       = local.name
  cidr_block = "10.0.0.0/16"
 }
 module "dynamic_subnets" {
  source              = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=master"
  name                = local.name
  availability_zones  = data.aws_availability_zones.available.names
  vpc_id              = module.vpc.vpc_id
  igw_id              = module.vpc.igw_id
  nat_gateway_enabled = false
  cidr_block          = "10.0.0.0/16"
 }

 # Shared ALB
 resource aws_lb default {
  name            = local.name
  security_groups = [aws_security_group.default.id]
  subnets         = module.dynamic_subnets.public_subnet_ids

  tags = {
    "elasticbeanstalk:shared-elb-environment-count" = "0"
  }

  # NOTE: Elastic Beanstalk modifies these, so ignore unexpected changes.
  lifecycle {
    ignore_changes = [
      security_groups,
      tags["elasticbeanstalk:shared-elb-environment-count"],
    ]
  }
 }

 resource aws_lb_listener default {
  load_balancer_arn = aws_lb.default.arn
  port              = "80"
  protocol          = "HTTP"

  default_action {
    type = "fixed-response"
    fixed_response {
      content_type = "text/plain"
      message_body = local.name
      status_code  = "404"
    }
  }
 }

 resource aws_security_group default {
  name   = local.name
  vpc_id = module.vpc.vpc_id

  ingress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
 }

 # Elastic Beanstalk
 data aws_elastic_beanstalk_solution_stack php72 {
  most_recent = true
  name_regex  = "^64bit Amazon Linux (.*) running PHP 7.2$"
 }
 resource aws_elastic_beanstalk_application default {
  name = local.name
 }

 locals {
  eb_settings = toset([
    # Generic required settings
    { namespace = "aws:ec2:vpc", name = "VPCId", value = module.vpc.vpc_id },
    { namespace = "aws:ec2:vpc", name = "Subnets", value = join(",", module.dynamic_subnets.public_subnet_ids) },
    { namespace = "aws:autoscaling:launchconfiguration", name = "IamInstanceProfile", value = "aws-elasticbeanstalk-ec2-role"}, # XXX this might have to be created first
    # Enable shared load balancer
    { namespace = "aws:elasticbeanstalk:environment", name = "LoadBalancerType", value = "application" },
    { namespace = "aws:elasticbeanstalk:environment", name = "LoadBalancerIsShared", value = "true" },
    { namespace = "aws:elbv2:loadbalancer", name = "SharedLoadBalancer", value = aws_lb.default.arn },
    # Set up custom rule for load balancer to redirect requests our domain to this environment
    { namespace = "aws:elbv2:listenerrule:SharedAlbRedirect", name = "HostHeaders", value = "www.example.com" },
    { namespace = "aws:elbv2:listener:80", name = "Rules", value = "SharedAlbRedirect" },
  ])
 }
 resource aws_elastic_beanstalk_environment main {
  name                = local.name
  application         = aws_elastic_beanstalk_application.default.name
  solution_stack_name = data.aws_elastic_beanstalk_solution_stack.php72.name

  dynamic setting {
    for_each = local.eb_settings
    content {
      namespace = setting.value.namespace
      name      = setting.value.name
      value     = setting.value.value
    }
  }
 }
	locals {
	name = "pr15755"
	}

	variable aws_region {
	type = string
	default = "ap-southeast-2"
	}
	provider aws {
	region = var.aws_region
	}

	# Base VPC
	data aws_availability_zones available {}
	module "vpc" {
	source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=master"
	name = local.name
	cidr_block = "10.0.0.0/16"
	}
	module "dynamic_subnets" {
	source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=master"
	name = local.name
	availability_zones = data.aws_availability_zones.available.names
	vpc_id = module.vpc.vpc_id
	igw_id = module.vpc.igw_id
	nat_gateway_enabled = false
	cidr_block = "10.0.0.0/16"
	}

	# Shared ALB
	resource aws_lb default {
	name = local.name
	security_groups = [aws_security_group.default.id]
	subnets = module.dynamic_subnets.public_subnet_ids

	tags = {
	"elasticbeanstalk:shared-elb-environment-count" = "0"
	}

	# NOTE: Elastic Beanstalk modifies these, so ignore unexpected changes.
	lifecycle {
	ignore_changes = [
	security_groups,
	tags["elasticbeanstalk:shared-elb-environment-count"],
	]
	}
	}

	resource aws_lb_listener default {
	load_balancer_arn = aws_lb.default.arn
	port = "80"
	protocol = "HTTP"

	default_action {
	type = "fixed-response"
	fixed_response {
	content_type = "text/plain"
	message_body = local.name
	status_code = "404"
	}
	}
	}

	resource aws_security_group default {
	name = local.name
	vpc_id = module.vpc.vpc_id

	ingress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}

	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}
	}

	# Elastic Beanstalk
	data aws_elastic_beanstalk_solution_stack php72 {
	most_recent = true
	name_regex = "^64bit Amazon Linux (.*) running PHP 7.2$"
	}
	resource aws_elastic_beanstalk_application default {
	name = local.name
	}

	locals {
	eb_settings = toset([
	# Generic required settings
	{ namespace = "aws:ec2:vpc", name = "VPCId", value = module.vpc.vpc_id },
	{ namespace = "aws:ec2:vpc", name = "Subnets", value = join(",", module.dynamic_subnets.public_subnet_ids) },
	{ namespace = "aws:autoscaling:launchconfiguration", name = "IamInstanceProfile", value = "aws-elasticbeanstalk-ec2-role"}, # XXX this might have to be created first
	# Enable shared load balancer
	{ namespace = "aws:elasticbeanstalk:environment", name = "LoadBalancerType", value = "application" },
	{ namespace = "aws:elasticbeanstalk:environment", name = "LoadBalancerIsShared", value = "true" },
	{ namespace = "aws:elbv2:loadbalancer", name = "SharedLoadBalancer", value = aws_lb.default.arn },
	# Set up custom rule for load balancer to redirect requests our domain to this environment
	{ namespace = "aws:elbv2:listenerrule:SharedAlbRedirect", name = "HostHeaders", value = "www.example.com" },
	{ namespace = "aws:elbv2:listener:80", name = "Rules", value = "SharedAlbRedirect" },
	])
	}
	resource aws_elastic_beanstalk_environment main {
	name = local.name
	application = aws_elastic_beanstalk_application.default.name
	solution_stack_name = data.aws_elastic_beanstalk_solution_stack.php72.name

	dynamic setting {
	for_each = local.eb_settings
	content {
	namespace = setting.value.namespace
	name = setting.value.name
	value = setting.value.value
	}
	}
	}