From c5de5f6c9f9fc30721bac6a109a86cb02152f086 Mon Sep 17 00:00:00 2001 From: Ryan Malloy Date: Thu, 28 Mar 2024 18:45:55 +0000 Subject: [PATCH] generate key, use variables --- main.tf | 191 ++++++++++++++++++++++++++++++-------------------------- 1 file changed, 102 insertions(+), 89 deletions(-) diff --git a/main.tf b/main.tf index 784f35a..9bac68e 100644 --- a/main.tf +++ b/main.tf @@ -1,90 +1,103 @@ -resource "aws_vpc" "sgtm_vpc" { - cidr_block = "10.123.0.0/16" - enable_dns_hostnames = true - enable_dns_support = true - - tags = { - name = "dev" - } -} - -resource "aws_subnet" "sptm_public_subnet" { - vpc_id = aws_vpc.sgtm_vpc.id - cidr_block = "10.123.1.0/24" - map_public_ip_on_launch = true - availability_zone = "us-east-1a" - - tags = { - name = "dev-public" - } -} - -resource "aws_internet_gateway" "sgtm_internet_gateway" { - vpc_id = aws_vpc.sgtm_vpc.id - - tags = { - name = "dev-igw" - } -} - -resource "aws_route_table" "sgtm_public_rt" { - vpc_id = aws_vpc.sgtm_vpc.id - - tags = { - name = "dev_public_rt" - } -} - -resource "aws_route" "default_route" { - route_table_id = aws_route_table.sgtm_public_rt.id - destination_cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.sgtm_internet_gateway.id -} - -resource "aws_route_table_association" "sgtm_public_assoc" { - subnet_id = aws_subnet.sptm_public_subnet.id - route_table_id = aws_route_table.sgtm_public_rt.id -} - -resource "aws_security_group" "sgtm_sg" { - name = "dev-sg" - description = "dev security group" - vpc_id = aws_vpc.sgtm_vpc.id - - ingress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["172.59.221.135/32"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} - -resource "aws_key_pair" "sgtm_auth" { - key_name = "sgtmkey" - public_key = file("~/.ssh/sgtmkey.pub") -} - -resource "aws_instance" "dev_node" { - instance_type = "t2.micro" - ami = data.aws_ami.server_ami.id - key_name = aws_key_pair.sgtm_auth.id - vpc_security_group_ids = [aws_security_group.sgtm_sg.id] - subnet_id = aws_subnet.sptm_public_subnet.id - user_data = file ("userdata.tpl") - - root_block_device { - volume_size = 10 - } - - tags = { - name = "dev-node" - } - + + +resource "aws_vpc" "sgtm_vpc" { + cidr_block = "10.123.0.0/16" + enable_dns_hostnames = true + enable_dns_support = true + + tags = { + name = "dev" + } +} + +resource "aws_subnet" "sptm_public_subnet" { + vpc_id = aws_vpc.sgtm_vpc.id + cidr_block = "10.123.1.0/24" + map_public_ip_on_launch = true + availability_zone = "us-east-1a" + + tags = { + name = "dev-public" + } +} + +resource "aws_internet_gateway" "sgtm_internet_gateway" { + vpc_id = aws_vpc.sgtm_vpc.id + + tags = { + name = "dev-igw" + } +} + +resource "aws_route_table" "sgtm_public_rt" { + vpc_id = aws_vpc.sgtm_vpc.id + + tags = { + name = "dev_public_rt" + } +} + +resource "aws_route" "default_route" { + route_table_id = aws_route_table.sgtm_public_rt.id + destination_cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.sgtm_internet_gateway.id +} + +resource "aws_route_table_association" "sgtm_public_assoc" { + subnet_id = aws_subnet.sptm_public_subnet.id + route_table_id = aws_route_table.sgtm_public_rt.id +} + +resource "aws_security_group" "sgtm_sg" { + name = "dev-sg" + description = "dev security group" + vpc_id = aws_vpc.sgtm_vpc.id + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["172.59.221.135/32"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "tls_private_key" "key" { + algorithm = var.tls_key_algorithm +} + +resource "aws_key_pair" "sgtm_auth" { + key_name = "${var.name_prefix}-key-${var.name_suffix}" + public_key = tls_private_key.key.public_key_openssh + + provisioner "local-exec" { + command = < key.pem + chmod 0600 key.pem +EOF + } +} + +resource "aws_instance" "dev_node" { + instance_type = "t2.micro" + ami = data.aws_ami.server_ami.id + key_name = aws_key_pair.sgtm_auth.id + vpc_security_group_ids = [aws_security_group.sgtm_sg.id] + subnet_id = aws_subnet.sptm_public_subnet.id + user_data = file ("userdata.tpl") + + root_block_device { + volume_size = 10 + } + + tags = { + name = "dev-node" + } + } \ No newline at end of file