cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Marek_228998
Historic F5 Account

Problem this snippet solves:

Terraform template - AWS VPC

Code :

resource "aws_vpc" "main" {
    cidr_block = "10.0.0.0/16"
    enable_dns_support = true
    enable_dns_hostnames = true
    tags {
        Name = "main"
    }
}

resource "aws_subnet" "management" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.0.0/24"

    tags {
        Name = "management-subnet"
    }
}

resource "aws_subnet" "external" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.1.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"
 
    tags {
        Name = "external-subnet"
    }
}

resource "aws_subnet" "internal" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.2.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"

    tags {
        Name = "internal-subnet"
    }
}

resource "aws_subnet" "ha" {
    vpc_id = "${aws_vpc.main.id}"
    cidr_block = "10.0.3.0/24"
    availability_zone = "${aws_subnet.management.availability_zone}"

    tags {
        Name = "ha-subnet"
    }
}

resource "aws_internet_gateway" "gw" {
    vpc_id = "${aws_vpc.main.id}"

    tags {
        Name = "internet-gateway"
    }
}

resource "aws_route_table" "management" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "management route table"
    }
}

resource "aws_route_table" "external" {
    vpc_id = "${aws_vpc.main.id}"
    route {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.gw.id}"
    }
    tags {
        Name = "external route table"
    }
}

resource "aws_route_table" "internal" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "internal route table"
    }
}

resource "aws_route_table" "ha" {
    vpc_id = "${aws_vpc.main.id}"
    tags {
        Name = "ha route table"
    }
}

resource "aws_route" "management-def" {
    route_table_id = "${aws_route_table.management.id}"
    destination_cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.gw.id}"
}

#resource "aws_route" "external-def" {
#    route_table_id = "${aws_route_table.external.id}"
#    destination_cidr_block = "0.0.0.0/0"
#    gateway_id = "${aws_internet_gateway.gw.id}"
#}

resource "aws_route_table_association" "management" {
    subnet_id = "${aws_subnet.management.id}"
    route_table_id = "${aws_route_table.management.id}"
}

resource "aws_route_table_association" "external" {
    subnet_id = "${aws_subnet.external.id}"
    route_table_id = "${aws_route_table.external.id}"
}

resource "aws_route_table_association" "internal" {
    subnet_id = "${aws_subnet.internal.id}"
    route_table_id = "${aws_route_table.internal.id}"
}

resource "aws_route_table_association" "ha" {
    subnet_id = "${aws_subnet.ha.id}"
    route_table_id = "${aws_route_table.ha.id}"
}

resource "aws_security_group" "allow_all" {
  name = "allow_all"
  description = "Allow all inbound traffic"
  vpc_id = "${aws_vpc.main.id}"

  ingress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
      from_port = 0
      to_port = 0
      protocol = "-1"
      cidr_blocks = ["0.0.0.0/0"]
  }
}
Version history
Last update:
‎29-Sep-2016 01:01
Updated by:
Contributors