Last active
September 27, 2018 09:42
-
-
Save knakayama/9725c970de4563c764ac06c7f341efb2 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "name" { | |
| default = "test" | |
| } | |
| variable "region" { | |
| default = "ap-northeast-1" | |
| } | |
| variable "vpc_cidr" { | |
| default = "172.16.0.0/16" | |
| } | |
| variable "azs" { | |
| default = "ap-northeast-1a,ap-northeast-1c" | |
| } | |
| variable "public_subnets" { | |
| default = "172.16.0.0/24" | |
| } | |
| variable "private_subnets" { | |
| default = "172.16.1.0/24,172.16.2.0/24" | |
| } | |
| variable "web_instance_type" { | |
| default = "t2.micro" | |
| } | |
| variable "web_instance_ami_id" { | |
| default = "ami-383c1956" | |
| } | |
| provider "aws" { | |
| region = "${var.region}" | |
| } | |
| resource "aws_key_pair" "site_key" { | |
| key_name = "${var.name}" | |
| public_key = "${file("site_key.pub")}" | |
| } | |
| resource "aws_vpc" "vpc" { | |
| cidr_block = "${var.vpc_cidr}" | |
| enable_dns_support = true | |
| enable_dns_hostnames = true | |
| } | |
| resource "aws_internet_gateway" "public" { | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| } | |
| resource "aws_subnet" "public" { | |
| count = "${length(split(",", var.public_subnets))}" | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| cidr_block = "${element(split(",", var.public_subnets), count.index)}" | |
| availability_zone = "${element(split(",", var.azs), count.index)}" | |
| map_public_ip_on_launch = true | |
| } | |
| resource "aws_subnet" "private" { | |
| count = "${length(split(",", var.private_subnets))}" | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| cidr_block = "${element(split(",", var.private_subnets), count.index)}" | |
| availability_zone = "${element(split(",", var.azs), count.index)}" | |
| } | |
| resource "aws_route_table" "public" { | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| route { | |
| cidr_block = "0.0.0.0/0" | |
| gateway_id = "${aws_internet_gateway.public.id}" | |
| } | |
| } | |
| resource "aws_route_table_association" "public" { | |
| subnet_id = "${aws_subnet.public.id}" | |
| route_table_id = "${aws_route_table.public.id}" | |
| } | |
| resource "aws_network_acl" "acl" { | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| subnet_ids = ["${aws_subnet.public.id}"] | |
| ingress { | |
| protocol = "-1" | |
| rule_no = 100 | |
| action = "allow" | |
| cidr_block = "0.0.0.0/0" | |
| from_port = 0 | |
| to_port = 0 | |
| } | |
| egress { | |
| protocol = "-1" | |
| rule_no = 100 | |
| action = "allow" | |
| cidr_block = "0.0.0.0/0" | |
| from_port = 0 | |
| to_port = 0 | |
| } | |
| } | |
| resource "aws_security_group" "web" { | |
| name = "${var.name}-web" | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| description = "Web SG" | |
| ingress { | |
| from_port = 22 | |
| to_port = 22 | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| ingress { | |
| from_port = 80 | |
| to_port = 80 | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| ingress { | |
| from_port = 443 | |
| to_port = 443 | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| egress { | |
| from_port = 0 | |
| to_port = 0 | |
| protocol = "-1" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| } | |
| resource "aws_security_group" "rds" { | |
| name = "${var.name}-rds" | |
| vpc_id = "${aws_vpc.vpc.id}" | |
| description = "RDS SG" | |
| ingress { | |
| from_port = 3306 | |
| to_port = 3306 | |
| protocol = "tcp" | |
| security_groups = ["${aws_security_group.web.id}"] | |
| } | |
| egress { | |
| from_port = 0 | |
| to_port = 0 | |
| protocol = "-1" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| } | |
| resource "aws_instance" "web" { | |
| ami = "${var.web_instance_ami_id}" | |
| instance_type = "${var.web_instance_type}" | |
| vpc_security_group_ids = ["${aws_security_group.web.id}"] | |
| subnet_id = "${aws_subnet.public.id}" | |
| key_name = "${aws_key_pair.site_key.key_name}" | |
| associate_public_ip_address = true | |
| root_block_device { | |
| volume_type = "gp2" | |
| volume_size = 8 | |
| } | |
| user_data = <<EOT | |
| #cloud-config | |
| repo_update: true | |
| repo_upgrade: all | |
| timezone: "Asia/Tokyo" | |
| packages: | |
| - mysql | |
| EOT | |
| } | |
| resource "aws_db_parameter_group" "rds" { | |
| name = "rds-pg" | |
| family = "mysql5.7" | |
| description = "RDS Parameter Group" | |
| parameter { | |
| name = "character_set_server" | |
| value = "utf8" | |
| } | |
| parameter { | |
| name = "character_set_client" | |
| value = "utf8" | |
| } | |
| } | |
| resource "aws_db_subnet_group" "rds" { | |
| name = "rds-subnet-group" | |
| subnet_ids = ["${aws_subnet.private.*.id}"] | |
| description = "RDS Subnet Group" | |
| } | |
| resource "aws_db_instance" "rds" { | |
| identifier = "${var.name}-rds" | |
| name = "rds" | |
| engine = "mysql" | |
| engine_version = "5.7.11" | |
| instance_class = "db.t2.micro" | |
| allocated_storage = "8" | |
| storage_type = "gp2" | |
| multi_az = false | |
| username = "master_username" | |
| password = "master_password" | |
| backup_retention_period = 1 | |
| backup_window = "04:30-05:00" | |
| auto_minor_version_upgrade = true | |
| vpc_security_group_ids = ["${aws_security_group.rds.id}"] | |
| db_subnet_group_name = "${aws_db_subnet_group.rds.name}" | |
| parameter_group_name = "${aws_db_parameter_group.rds.id}" | |
| maintenance_window = "Tue:04:00-Tue:04:30" | |
| publicly_accessible = false | |
| } | |
| output "web_public_ip" { | |
| value = "${aws_instance.web.public_ip}" | |
| } | |
| output "rds_endpoint" { | |
| value = "${aws_db_instance.rds.endpoint}" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment