diff --git a/windows-ad/main.tf b/windows-ad/main.tf new file mode 100644 index 0000000..3883336 --- /dev/null +++ b/windows-ad/main.tf @@ -0,0 +1,72 @@ +resource "aws_key_pair" "key" { + key_name = "my-key" # Replace with your key name + public_key = file("~/.ssh/my-key.pub") # Replace with the path to your public key +} + +resource "aws_security_group" "ad_sg" { + name = "ad_security_group" + description = "Allow RDP and necessary AD ports" + + ingress { + from_port = 3389 + to_port = 3389 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + # Required ports for Active Directory + ingress { + from_port = 135 + to_port = 135 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 389 + to_port = 389 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 445 + to_port = 445 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 1024 + to_port = 65535 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_instance" "windows_ad_server" { + ami = "ami-0d8f6eb4f641ef691" # Change to a Windows Server AMI in your region + instance_type = "t3.medium" + key_name = aws_key_pair.key.key_name + vpc_security_group_ids = [aws_security_group.ad_sg.id] + associate_public_ip_address = true + + user_data = file("userdata.ps1") # Loads the PowerShell script to initialize AD + + # Wait until instance status is ready before proceeding + provisioner "local-exec" { + command = "echo 'Instance is booting and configuration script is being executed'" + } +} + +output "instance_id" { + value = aws_instance.windows_ad_server.id +} + +output "instance_ip" { + value = aws_instance.windows_ad_server.public_ip +} \ No newline at end of file