tsailiming · March 13, 2016 16:06 · pedrodparkes · Jul 12, 2016
diff --git a/bootstrap_emr.tf b/bootstrap_emr.tf
 // EMR is not supported by terraform yet
 // https://github.com/hashicorp/terraform/issues/2098

 // This script will bootstrap the necessary VPC and related configs first.
 provider "aws" {
    #access_key = "ACCESS_KEY_HERE"
    #secret_key = "SECRET_KEY_HERE"
    region = "ap-southeast-1"
 }

 resource "aws_vpc" "main_vpc" {
    cidr_block = "10.3.0.0/16"
    enable_dns_support = true
    enable_dns_hostnames = true
 }

 resource "aws_internet_gateway" "main_gw" {
    vpc_id = "${aws_vpc.main_vpc.id}"
 }

 resource "aws_subnet" "emr_subnet" {
    vpc_id = "${aws_vpc.main_vpc.id}"
    cidr_block = "10.3.1.0/24"
 }

 resource "aws_route" "r" {
    route_table_id = "${aws_vpc.main_vpc.main_route_table_id}"
    destination_cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.main_gw.id}"
 }

 resource "aws_route_table_association" "a" {
    subnet_id = "${aws_subnet.emr_subnet.id}"
    route_table_id = "${aws_vpc.main_vpc.main_route_table_id}"
 }

 resource "aws_vpc_endpoint" "private-s3" {
    vpc_id = "${aws_vpc.main_vpc.id}"
    route_table_ids = ["${aws_vpc.main_vpc.main_route_table_id}"]
    service_name = "com.amazonaws.ap-southeast-1.s3"
 }

 resource "aws_security_group" "allow_ssh" {
    name = "allow_ssh"
    vpc_id = "${aws_vpc.main_vpc.id}"
    ingress {
        from_port = 22
        to_port = 22
        protocol = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
    }  
    egress { // Add back default engress rule 
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]
    }
 }
	// EMR is not supported by terraform yet
	// https://github.com/hashicorp/terraform/issues/2098

	// This script will bootstrap the necessary VPC and related configs first.
	provider "aws" {
	#access_key = "ACCESS_KEY_HERE"
	#secret_key = "SECRET_KEY_HERE"
	region = "ap-southeast-1"
	}

	resource "aws_vpc" "main_vpc" {
	cidr_block = "10.3.0.0/16"
	enable_dns_support = true
	enable_dns_hostnames = true
	}

	resource "aws_internet_gateway" "main_gw" {
	vpc_id = "${aws_vpc.main_vpc.id}"
	}

	resource "aws_subnet" "emr_subnet" {
	vpc_id = "${aws_vpc.main_vpc.id}"
	cidr_block = "10.3.1.0/24"
	}

	resource "aws_route" "r" {
	route_table_id = "${aws_vpc.main_vpc.main_route_table_id}"
	destination_cidr_block = "0.0.0.0/0"
	gateway_id = "${aws_internet_gateway.main_gw.id}"
	}

	resource "aws_route_table_association" "a" {
	subnet_id = "${aws_subnet.emr_subnet.id}"
	route_table_id = "${aws_vpc.main_vpc.main_route_table_id}"
	}

	resource "aws_vpc_endpoint" "private-s3" {
	vpc_id = "${aws_vpc.main_vpc.id}"
	route_table_ids = ["${aws_vpc.main_vpc.main_route_table_id}"]
	service_name = "com.amazonaws.ap-southeast-1.s3"
	}

	resource "aws_security_group" "allow_ssh" {
	name = "allow_ssh"
	vpc_id = "${aws_vpc.main_vpc.id}"
	ingress {
	from_port = 22
	to_port = 22
	protocol = "tcp"
	cidr_blocks = ["0.0.0.0/0"]
	}
	egress { // Add back default engress rule
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}
	}