# private subnet
resource "aws_subnet" "example-customer-private-1a" {
  vpc_id     = "${aws_vpc.private-cluster.id}"

  cidr_block = "172.32.3.0/24"
  map_public_ip_on_launch = false
  availability_zone = "us-east-1a"

  tags {
    Name         = "example-customer-private-us-east-1a"
    customer     = "example-customer"
  }
}

# test instance
resource "aws_instance" "terraform-test" {
  ami           = "ami-9a562df2"
  instance_type = "t2.micro"
  subnet_id     = "${aws_subnet.example-customer-private-1a.id}"
  key_name      = "terraform-test"
  vpc_security_group_ids = ["${aws_security_group.allow-all.id}"]
  availability_zone = "us-east-1a"

  timeouts {
    create = "60m"
    delete = "2h"
  }

  tags {
    Name   = "example-customer-phab"
  }
}

# for each of the private ranges, create a "private" route table.
resource "aws_route_table" "example-customer-private-rt" {
  vpc_id = "${aws_vpc.private-cluster.id}"
  tags {
    Name = "example-customer-private-route"
  }
}

# routing table for private subnet
resource "aws_route" "private_nat_gateway_route" {
  route_table_id = "${aws_route_table.example-customer-private-rt.id}"
  destination_cidr_block = "0.0.0.0/0"
  nat_gateway_id = "${aws_nat_gateway.us-east-1a-nat.id}"
}

# attach routing table to subnet
resource "aws_route_table_association" "example-customer-private-rt-assoc" {
  subnet_id = "${aws_subnet.example-customer-private-1a.id}"
  route_table_id = "${aws_route_table.example-customer-private-rt.id}"
}

# elb for ssh
resource "aws_elb" "ssh-elb" {
  name = "terraform-example-elb"

  subnets         = ["${aws_subnet.public-us-east-1a.id}"]
  security_groups = ["${aws_security_group.allow-all.id}"]
  instances       = ["${aws_instance.terraform-test.id}"]
  # availability_zones = ["us-east-1a"]

  listener {
    instance_port     = 22
    instance_protocol = "tcp"
    lb_port           = 22
    lb_protocol       = "tcp"
  }

  health_check {
     healthy_threshold   = 2
     unhealthy_threshold = 2
     timeout             = 2
     interval            = 5
     target              = "TCP:22"
  }

  # The range for the idle timeout is from 1 to 3,600 seconds.
  # idle_timeout = 60
}

# alb for http and notifications
resource "aws_alb" "example-customer-alb" {
  name            = "example-customer-alb"

  internal        = false
  subnets         = [
    "${aws_subnet.public-us-east-1a.id}",
    "${aws_subnet.public-us-east-1b.id}"]
  security_groups = ["${aws_security_group.allow-all.id}"]
}

resource "aws_alb_target_group" "test" {
  name     = "example-customer-web-alb"
  port     = 80
  protocol = "HTTP"
  vpc_id   = "${aws_vpc.private-cluster.id}"
}

resource "aws_alb_listener" "front_end" {
  load_balancer_arn = "${aws_alb.example-customer-alb.id}"
  port              = "80"
  protocol          = "HTTP"

  default_action {
    target_group_arn = "${aws_alb_target_group.test.id}"
    type             = "forward"
  }
}

# attach the test instance to the target group
resource "aws_alb_target_group_attachment" "test" {
  target_group_arn = "${aws_alb_target_group.test.arn}"
  target_id        = "${aws_instance.terraform-test.id}"
  port             = 80
}


# s3 route