tkuchiki · July 17, 2017 00:04
diff --git a/autoscaling.tf b/autoscaling.tf
 resource "aws_launch_configuration" "test" {
    name = "test"
    image_id = "${var.ami}"
    instance_type = "t2.micro"
    associate_public_ip_address = true
    security_groups = ["${aws_security_group.internal.id}"]
 }

 resource "aws_autoscaling_group" "test" {
    name                      = "test"
    availability_zones        = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
    min_size                  = 0
    max_size                  = 0
    desired_capacity          = 0
    health_check_grace_period = 600
    health_check_type         = "ELB"
    launch_configuration      = "${aws_launch_configuration.test.name}"
    load_balancers            = ["${aws_elb.test.name}"]
    vpc_zone_identifier       = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
    termination_policies      = ["Default"]
 }

 resource "aws_autoscaling_policy" "increase" {
    name                    = "increase"
    adjustment_type         = "ChangeInCapacity"
    autoscaling_group_name  = "${aws_autoscaling_group.test.name}"
    policy_type             = "StepScaling"
    metric_aggregation_type = "Average"
    step_adjustment {
        scaling_adjustment = 1
        metric_interval_lower_bound = 0
    }
 }

 resource "aws_cloudwatch_metric_alarm" "increase" {
    alarm_name          = "increase"
    comparison_operator = "GreaterThanOrEqualToThreshold"
    evaluation_periods  = "5"
    metric_name         = "CPUUtilization"
    namespace           = "AWS/EC2"
    period              = "60"
    statistic           = "Average"
    threshold           = "50"
    dimensions {
        AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
    }
    alarm_description = "This metric monitor ec2 cpu utilization"
    alarm_actions = ["${aws_autoscaling_policy.increase.arn}"]

 }

 resource "aws_autoscaling_policy" "increase_emergency" {
    name                    = "increase-emergency"
    adjustment_type         = "ChangeInCapacity"
    autoscaling_group_name  = "${aws_autoscaling_group.test.name}"
    policy_type             = "StepScaling"
    metric_aggregation_type = "Average"
    step_adjustment {
        scaling_adjustment = 1
        metric_interval_lower_bound = 0
    }
 }

 resource "aws_cloudwatch_metric_alarm" "increase_emergency" {
    alarm_name          = "increase-emergency"
    comparison_operator = "GreaterThanOrEqualToThreshold"
    evaluation_periods  = "1"
    metric_name         = "CPUUtilization"
    namespace           = "AWS/EC2"
    period              = "60"
    statistic           = "Average"
    threshold           = "90"
    dimensions {
        AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
    }
    alarm_description = "This metric monitor ec2 cpu utilization"
    alarm_actions = ["${aws_autoscaling_policy.increase_emergency.arn}"]

 }

 resource "aws_autoscaling_policy" "decrease" {
    name                    = "decrease"
    adjustment_type         = "ChangeInCapacity"
    autoscaling_group_name  = "${aws_autoscaling_group.test.name}"
    policy_type             = "StepScaling"
    metric_aggregation_type = "Average"
    step_adjustment {
        scaling_adjustment = -1
        metric_interval_upper_bound = 0
    }
 }

 resource "aws_cloudwatch_metric_alarm" "decrease" {
    alarm_name          = "decrease"
    comparison_operator = "LessThanOrEqualToThreshold"
    evaluation_periods  = "1"
    metric_name         = "CPUUtilization"
    namespace           = "AWS/EC2"
    period              = "3600"
    statistic           = "Maximum"
    threshold           = "25"
    dimensions {
        AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
    }
    alarm_description = "This metric monitor ec2 cpu utilization"
    alarm_actions = ["${aws_autoscaling_policy.decrease.arn}"]

 }

 #resource "aws_autoscaling_schedule" "test" {
 #    scheduled_action_name = "test"
 #    min_size = 0
 #    max_size = 1
 #    desired_capacity = 0
 #    start_time = "2016-12-11T18:00:00Z"
 #    end_time = "2016-12-12T06:00:00Z"
 #    autoscaling_group_name = "${aws_autoscaling_group.test.name}"
 #}
diff --git a/data.tf b/data.tf
 data "aws_availability_zones" "available" {}
diff --git a/elasticache_redis.tf b/elasticache_redis.tf
 resource "aws_elasticache_subnet_group" "main" {
    name        = "main-subnet-group"
    description = "main-subnet-group"
    subnet_ids  = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
 }

 resource "aws_elasticache_parameter_group" "main" {
    name = "main-parameter-group"
    family = "redis2.8"
 }

 resource "aws_elasticache_replication_group" "main" {
  replication_group_id          = "cache"
  replication_group_description = "main replication group"
  node_type                     = "cache.m3.medium"
  number_cache_clusters         = 2
  port                          = 6379
  parameter_group_name          = "${aws_elasticache_parameter_group.main.name}"
  availability_zones            = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
  automatic_failover_enabled    = true
  snapshot_retention_limit      = 35
 }
diff --git a/elb.tf b/elb.tf
 resource "aws_elb" "test" {
    name                        = "test-elb"
    subnets                     = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
    security_groups             = ["${aws_security_group.internal.id}"]
    cross_zone_load_balancing   = true
    idle_timeout                = 60
    connection_draining         = true
    connection_draining_timeout = 300
    internal                    = false

    listener {
        instance_port      = 80
        instance_protocol  = "http"
        lb_port            = 80
        lb_protocol        = "http"
        ssl_certificate_id = ""
    }

    listener {
        instance_port      = 80
        instance_protocol  = "http"
        lb_port            = 443
        lb_protocol        = "https"
        ssl_certificate_id = "arn:aws:acm:ap-northeast-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
    }

    health_check {
        healthy_threshold   = 10
        unhealthy_threshold = 2
        interval            = 30
        target              = "HTTP:80/index.html"
        timeout             = 5
    }

    tags {
        "is_test" = "true"
    }
 }
diff --git a/iam_policy.json b/iam_policy.json
 {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:AddRoleToInstanceProfile",
                "iam:CreateInstanceProfile",
                "iam:CreateRole",
                "iam:ListInstanceProfiles",
                "iam:GetInstanceProfile",
                "iam:RemoveRoleFromInstanceProfile",
                "iam:DeleteInstanceProfile",
                "iam:GetRole",
                "iam:PassRole",
                "iam:UpdateAssumeRolePolicy",
                "iam:PutRolePolicy",
                "iam:GetRolePolicy"
            ],
            "Resource": "*"
        }
    ]
 }
diff --git a/rds.tf b/rds.tf
 #resource "aws_db_subnet_group" "test" {
 #    name = "test-subnet-group"
 #    subnet_ids  = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
 #    tags {
 #        Name = "test-subnet-group"
 #    }
 #}
 #
 #resource "aws_rds_cluster" "test_db_cluster" {
 #    cluster_identifier      = "test-db"
 #     availability_zones      = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
 #    database_name           = "foobar"
 #    master_username         = "foobar"
 #    master_password         = "hogehoge"
 #    backup_retention_period = 35
 #    preferred_backup_window = "07:00-09:00"
 #    skip_final_snapshot     = true
 #    snapshot_identifier     = "manually-test-db-20160926-1124"
 #    db_subnet_group_name    = "${aws_db_subnet_group.test.name}"
 #    vpc_security_group_ids  = ["${aws_security_group.internal.id}"]
 #}
 #
 #resource "aws_rds_cluster_instance" "test_db" {
 #    cluster_identifier        = "${aws_rds_cluster.test_db_cluster.id}"
 #    identifier                = "test-db"
 #    instance_class            = "db.r3.large"
 #    publicly_accessible       = false
 #    db_subnet_group_name    = "${aws_db_subnet_group.test.name}"
 #    # writer
 #    promotion_tier            = 0
 #    #monitoring_interval       = 1
 #    #monitoring_role_arn       = ""
 #
 #}
 #
 #resource "aws_rds_cluster_instance" "test_db_rr" {
 #    cluster_identifier        = "${aws_rds_cluster.test_db_cluster.id}"
 #    identifier                = "test-db-rr"
 #    instance_class            = "db.r3.large"
 #    publicly_accessible       = false
 #    db_subnet_group_name      = "test-db-subnet"
 #    promotion_tier            = 15
 #    #monitoring_interval       = 1
 #    #monitoring_role_arn       = ""
 #}
diff --git a/sg.tf b/sg.tf
 resource "aws_security_group" "internal" {
    name        = "internal"
    description = "internal"
    vpc_id      = "${aws_vpc.main.id}"

    ingress {
        from_port       = 0
        to_port         = 0
        protocol        = "-1"
        cidr_blocks     = ["${aws_vpc.main.cidr_block}"]
    }


    egress {
        from_port       = 0
        to_port         = 0
        protocol        = "-1"
        cidr_blocks     = ["0.0.0.0/0"]
    }

    tags {
        "Name" = "internal"
    }
 }
diff --git a/subnet.tf b/subnet.tf
 resource "aws_subnet" "az_a" {
    vpc_id                  = "${aws_vpc.main.id}"
    cidr_block              = "10.1.1.0/24"
    availability_zone       = "${data.aws_availability_zones.available.names[0]}"
    map_public_ip_on_launch = true

    tags {
        "Name" = "az-a"
    }
 }

 resource "aws_subnet" "az_c" {
    vpc_id                  = "${aws_vpc.main.id}"
    cidr_block              = "10.1.2.0/24"
    availability_zone       = "${data.aws_availability_zones.available.names[1]}"
    map_public_ip_on_launch = true

    tags {
        "Name" = "az-c"
    }
 }
diff --git a/var.tf b/var.tf
 variable "ami" {
    type = "string"
    default = "ami-xxxxxxxx"
 }
diff --git a/vpc.tf b/vpc.tf
 resource "aws_vpc" "main" {
    cidr_block           = "10.1.0.0/16"
    enable_dns_hostnames = false
    enable_dns_support   = true
    instance_tenancy     = "default"

    tags {
        "Name" = "main-vpc"
    }
 }
	resource "aws_launch_configuration" "test" {
	name = "test"
	image_id = "${var.ami}"
	instance_type = "t2.micro"
	associate_public_ip_address = true
	security_groups = ["${aws_security_group.internal.id}"]
	}

	resource "aws_autoscaling_group" "test" {
	name = "test"
	availability_zones = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
	min_size = 0
	max_size = 0
	desired_capacity = 0
	health_check_grace_period = 600
	health_check_type = "ELB"
	launch_configuration = "${aws_launch_configuration.test.name}"
	load_balancers = ["${aws_elb.test.name}"]
	vpc_zone_identifier = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
	termination_policies = ["Default"]
	}

	resource "aws_autoscaling_policy" "increase" {
	name = "increase"
	adjustment_type = "ChangeInCapacity"
	autoscaling_group_name = "${aws_autoscaling_group.test.name}"
	policy_type = "StepScaling"
	metric_aggregation_type = "Average"
	step_adjustment {
	scaling_adjustment = 1
	metric_interval_lower_bound = 0
	}
	}

	resource "aws_cloudwatch_metric_alarm" "increase" {
	alarm_name = "increase"
	comparison_operator = "GreaterThanOrEqualToThreshold"
	evaluation_periods = "5"
	metric_name = "CPUUtilization"
	namespace = "AWS/EC2"
	period = "60"
	statistic = "Average"
	threshold = "50"
	dimensions {
	AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
	}
	alarm_description = "This metric monitor ec2 cpu utilization"
	alarm_actions = ["${aws_autoscaling_policy.increase.arn}"]

	}

	resource "aws_autoscaling_policy" "increase_emergency" {
	name = "increase-emergency"
	adjustment_type = "ChangeInCapacity"
	autoscaling_group_name = "${aws_autoscaling_group.test.name}"
	policy_type = "StepScaling"
	metric_aggregation_type = "Average"
	step_adjustment {
	scaling_adjustment = 1
	metric_interval_lower_bound = 0
	}
	}

	resource "aws_cloudwatch_metric_alarm" "increase_emergency" {
	alarm_name = "increase-emergency"
	comparison_operator = "GreaterThanOrEqualToThreshold"
	evaluation_periods = "1"
	metric_name = "CPUUtilization"
	namespace = "AWS/EC2"
	period = "60"
	statistic = "Average"
	threshold = "90"
	dimensions {
	AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
	}
	alarm_description = "This metric monitor ec2 cpu utilization"
	alarm_actions = ["${aws_autoscaling_policy.increase_emergency.arn}"]

	}

	resource "aws_autoscaling_policy" "decrease" {
	name = "decrease"
	adjustment_type = "ChangeInCapacity"
	autoscaling_group_name = "${aws_autoscaling_group.test.name}"
	policy_type = "StepScaling"
	metric_aggregation_type = "Average"
	step_adjustment {
	scaling_adjustment = -1
	metric_interval_upper_bound = 0
	}
	}

	resource "aws_cloudwatch_metric_alarm" "decrease" {
	alarm_name = "decrease"
	comparison_operator = "LessThanOrEqualToThreshold"
	evaluation_periods = "1"
	metric_name = "CPUUtilization"
	namespace = "AWS/EC2"
	period = "3600"
	statistic = "Maximum"
	threshold = "25"
	dimensions {
	AutoScalingGroupName = "${aws_autoscaling_group.test.name}"
	}
	alarm_description = "This metric monitor ec2 cpu utilization"
	alarm_actions = ["${aws_autoscaling_policy.decrease.arn}"]

	}

	#resource "aws_autoscaling_schedule" "test" {
	# scheduled_action_name = "test"
	# min_size = 0
	# max_size = 1
	# desired_capacity = 0
	# start_time = "2016-12-11T18:00:00Z"
	# end_time = "2016-12-12T06:00:00Z"
	# autoscaling_group_name = "${aws_autoscaling_group.test.name}"
	#}
	resource "aws_elasticache_subnet_group" "main" {
	name = "main-subnet-group"
	description = "main-subnet-group"
	subnet_ids = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
	}

	resource "aws_elasticache_parameter_group" "main" {
	name = "main-parameter-group"
	family = "redis2.8"
	}

	resource "aws_elasticache_replication_group" "main" {
	replication_group_id = "cache"
	replication_group_description = "main replication group"
	node_type = "cache.m3.medium"
	number_cache_clusters = 2
	port = 6379
	parameter_group_name = "${aws_elasticache_parameter_group.main.name}"
	availability_zones = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
	automatic_failover_enabled = true
	snapshot_retention_limit = 35
	}
	resource "aws_elb" "test" {
	name = "test-elb"
	subnets = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
	security_groups = ["${aws_security_group.internal.id}"]
	cross_zone_load_balancing = true
	idle_timeout = 60
	connection_draining = true
	connection_draining_timeout = 300
	internal = false

	listener {
	instance_port = 80
	instance_protocol = "http"
	lb_port = 80
	lb_protocol = "http"
	ssl_certificate_id = ""
	}

	listener {
	instance_port = 80
	instance_protocol = "http"
	lb_port = 443
	lb_protocol = "https"
	ssl_certificate_id = "arn:aws:acm:ap-northeast-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
	}

	health_check {
	healthy_threshold = 10
	unhealthy_threshold = 2
	interval = 30
	target = "HTTP:80/index.html"
	timeout = 5
	}

	tags {
	"is_test" = "true"
	}
	}
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": [
	"iam:AddRoleToInstanceProfile",
	"iam:CreateInstanceProfile",
	"iam:CreateRole",
	"iam:ListInstanceProfiles",
	"iam:GetInstanceProfile",
	"iam:RemoveRoleFromInstanceProfile",
	"iam:DeleteInstanceProfile",
	"iam:GetRole",
	"iam:PassRole",
	"iam:UpdateAssumeRolePolicy",
	"iam:PutRolePolicy",
	"iam:GetRolePolicy"
	],
	"Resource": "*"
	}
	]
	}
	#resource "aws_db_subnet_group" "test" {
	# name = "test-subnet-group"
	# subnet_ids = ["${aws_subnet.az_a.id}", "${aws_subnet.az_c.id}"]
	# tags {
	# Name = "test-subnet-group"
	# }
	#}
	#
	#resource "aws_rds_cluster" "test_db_cluster" {
	# cluster_identifier = "test-db"
	# availability_zones = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}"]
	# database_name = "foobar"
	# master_username = "foobar"
	# master_password = "hogehoge"
	# backup_retention_period = 35
	# preferred_backup_window = "07:00-09:00"
	# skip_final_snapshot = true
	# snapshot_identifier = "manually-test-db-20160926-1124"
	# db_subnet_group_name = "${aws_db_subnet_group.test.name}"
	# vpc_security_group_ids = ["${aws_security_group.internal.id}"]
	#}
	#
	#resource "aws_rds_cluster_instance" "test_db" {
	# cluster_identifier = "${aws_rds_cluster.test_db_cluster.id}"
	# identifier = "test-db"
	# instance_class = "db.r3.large"
	# publicly_accessible = false
	# db_subnet_group_name = "${aws_db_subnet_group.test.name}"
	# # writer
	# promotion_tier = 0
	# #monitoring_interval = 1
	# #monitoring_role_arn = ""
	#
	#}
	#
	#resource "aws_rds_cluster_instance" "test_db_rr" {
	# cluster_identifier = "${aws_rds_cluster.test_db_cluster.id}"
	# identifier = "test-db-rr"
	# instance_class = "db.r3.large"
	# publicly_accessible = false
	# db_subnet_group_name = "test-db-subnet"
	# promotion_tier = 15
	# #monitoring_interval = 1
	# #monitoring_role_arn = ""
	#}
	resource "aws_security_group" "internal" {
	name = "internal"
	description = "internal"
	vpc_id = "${aws_vpc.main.id}"

	ingress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["${aws_vpc.main.cidr_block}"]
	}


	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}

	tags {
	"Name" = "internal"
	}
	}
	resource "aws_subnet" "az_a" {
	vpc_id = "${aws_vpc.main.id}"
	cidr_block = "10.1.1.0/24"
	availability_zone = "${data.aws_availability_zones.available.names[0]}"
	map_public_ip_on_launch = true

	tags {
	"Name" = "az-a"
	}
	}

	resource "aws_subnet" "az_c" {
	vpc_id = "${aws_vpc.main.id}"
	cidr_block = "10.1.2.0/24"
	availability_zone = "${data.aws_availability_zones.available.names[1]}"
	map_public_ip_on_launch = true

	tags {
	"Name" = "az-c"
	}
	}
	resource "aws_vpc" "main" {
	cidr_block = "10.1.0.0/16"
	enable_dns_hostnames = false
	enable_dns_support = true
	instance_tenancy = "default"

	tags {
	"Name" = "main-vpc"
	}
	}