Paste P2063

shared.tf
ActivePublic
Actions

Authored by amckinley on Jun 30 2017, 3:53 PM.

Tags

None

Referenced Files

	F5026880: shared.tf
	Jun 30 2017, 3:53 PM

Subscribers

None

	# create the apc
	resource "aws_vpc" "private-cluster" {
	cidr_block = "172.32.0.0/16"

	tags {
	Name = "private-cluster"
	}
	}

	# allow everything for testing
	resource "aws_security_group" "allow-all" {
	name = "allow_all"
	description = "Allow all inbound traffic"
	vpc_id = "${aws_vpc.private-cluster.id}"

	ingress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}

	egress {
	from_port = 0
	to_port = 0
	protocol = "-1"
	cidr_blocks = ["0.0.0.0/0"]
	}
	}

	# shared igw
	resource "aws_internet_gateway" "vpc-igw" {
	vpc_id = "${aws_vpc.private-cluster.id}"
	}

	# shared nat gateway
	resource "aws_eip" "nat-eip" {
	vpc = true
	}

	resource "aws_nat_gateway" "us-east-1a-nat" {
	allocation_id = "${aws_eip.nat-eip.id}"
	subnet_id = "${aws_subnet.public-us-east-1a.id}"
	depends_on = ["aws_internet_gateway.vpc-igw"]
	}


	# shared route table by all public subnets
	resource "aws_route_table" "us-east-1-public" {
	vpc_id = "${aws_vpc.private-cluster.id}"

	route {
	cidr_block = "0.0.0.0/0"
	gateway_id = "${aws_internet_gateway.vpc-igw.id}"
	}

	tags {
	Name = "public-subnet-routing-table"
	}
	}

	# public subnets, one per AZ
	resource "aws_subnet" "public-us-east-1a" {
	vpc_id = "${aws_vpc.private-cluster.id}"
	cidr_block = "172.32.1.0/24"
	map_public_ip_on_launch = true
	availability_zone = "us-east-1a"

	tags {
	Name = "public-us-east-1a"
	}
	}

	resource "aws_subnet" "public-us-east-1b" {
	vpc_id = "${aws_vpc.private-cluster.id}"
	cidr_block = "172.32.2.0/24"
	map_public_ip_on_launch = true
	availability_zone = "us-east-1b"

	tags {
	Name = "public-us-east-1b"
	}
	}

	# attach public subnets to routing table
	resource "aws_route_table_association" "us-east-1a-public" {
	subnet_id = "${aws_subnet.public-us-east-1a.id}"
	route_table_id = "${aws_route_table.us-east-1-public.id}"
	}

	resource "aws_route_table_association" "us-east-1b-public" {
	subnet_id = "${aws_subnet.public-us-east-1b.id}"
	route_table_id = "${aws_route_table.us-east-1-public.id}"
	}

Event Timeline

amckinley created this paste.Jun 30 2017, 3:53 PM

amckinley mentioned this in T12856: Evaluate various "infrastructure-as-code" products.Jun 30 2017, 7:58 PM

shared.tfActivePublicActions

Event Timeline

shared.tf
ActivePublic
Actions