For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Terraform template - AWS VPC

Problem this snippet solves:

Terraform template - AWS VPC

Code :

resource "aws_vpc" "main" {
    cidr_block = "10.0.0.0/16"
    enable_dns_support = true
    enable_dns_hostnames = true
    tags {
        Name = "main"
    }
}

resource "aws_subnet" "management" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.0.0/24"

    tags {
        Name = "management-subnet"
    }
}

resource "aws_subnet" "external" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.1.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"
 
    tags {
        Name = "external-subnet"
    }
}

resource "aws_subnet" "internal" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.2.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"

    tags {
        Name = "internal-subnet"
    }
}

resource "aws_subnet" "ha" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.3.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"

    tags {
        Name = "ha-subnet"
    }
}

resource "aws_internet_gateway" "gw" {
    vpc_id = "${aws_vpc.main.id}"

    tags {
        Name = "internet-gateway"
    }
}

resource "aws_route_table" "management" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "management route table"
    }
}

resource "aws_route_table" "external" {
    vpc_id = "${aws_vpc.main.id}"
    route {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.gw.id}"
    }
    tags {
        Name = "external route table"
    }
}

resource "aws_route_table" "internal" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "internal route table"
    }
}

resource "aws_route_table" "ha" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "ha route table"
    }
}

resource "aws_route" "management-def" {
    route_table_id = "${aws_route_table.management.id}"
    destination_cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.gw.id}"
}

#resource "aws_route" "external-def" {
#    route_table_id = "${aws_route_table.external.id}"
#    destination_cidr_block = "0.0.0.0/0"
#    gateway_id = "${aws_internet_gateway.gw.id}"
#}

resource "aws_route_table_association" "management" {
    subnet_id = "${aws_subnet.management.id}"
    route_table_id = "${aws_route_table.management.id}"
}

resource "aws_route_table_association" "external" {
    subnet_id = "${aws_subnet.external.id}"
    route_table_id = "${aws_route_table.external.id}"
}

resource "aws_route_table_association" "internal" {
    subnet_id = "${aws_subnet.internal.id}"
    route_table_id = "${aws_route_table.internal.id}"
}

resource "aws_route_table_association" "ha" {
    subnet_id = "${aws_subnet.ha.id}"
    route_table_id = "${aws_route_table.ha.id}"
}

resource "aws_security_group" "allow_all" {
  name = "allow_all"
  description = "Allow all inbound traffic"
  vpc_id = "${aws_vpc.main.id}"

  ingress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["0.0.0.0/0"]
  }
}
Published Sep 29, 2016
Version 1.0
aws
cloud
devops
terraform
No CommentsBe the first to comment