commit 009cf03c78711873c2966ff895022f913cbc7f7e Author: Ryan Malloy Date: Mon Nov 11 07:55:08 2024 +0000 Add main.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..9b10930 --- /dev/null +++ b/main.tf @@ -0,0 +1,118 @@ +# Create the VPC +resource "aws_vpc" "vpc" { + cidr_block = var.vpc_cidr + enable_dns_hostnames = true +} + +# Define the public subnet +resource "aws_subnet" "public-subnet" { + vpc_id = aws_vpc.vpc.id + cidr_block = var.public_subnet_cidr +} + +# Define the internet gateway +resource "aws_internet_gateway" "gw" { + vpc_id = aws_vpc.vpc.id +} + +# Define the public route table +resource "aws_route_table" "public-rt" { + vpc_id = aws_vpc.vpc.id + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.gw.id + } +} + +# Assign the public route table to the public subnet +resource "aws_route_table_association" "public-rt-association" { + subnet_id = aws_subnet.public-subnet.id + route_table_id = aws_route_table.public-rt.id +} + + +# Bootstrapping PowerShell Script +data "template_file" "windows-userdata" { + template = < +# Rename Machine +Rename-Computer -NewName "${var.windows_instance_name}" -Force; + +# Install IIS +Install-WindowsFeature -name Web-Server -IncludeManagementTools; + +# Restart machine +shutdown -r -t 10; + +EOF +} + +# Create EC2 Instance +resource "aws_instance" "windows-server" { + ami = data.aws_ami.windows-2019.id + instance_type = var.windows_instance_type + subnet_id = aws_subnet.public-subnet.id + vpc_security_group_ids = [aws_security_group.aws-windows-sg.id] + associate_public_ip_address = var.windows_associate_public_ip_address + source_dest_check = false + key_name = aws_key_pair.key_pair.key_name + user_data = data.template_file.windows-userdata.rendered + + # root disk + root_block_device { + volume_size = var.windows_root_volume_size + volume_type = var.windows_root_volume_type + delete_on_termination = true + encrypted = true + } + + # extra disk + ebs_block_device { + device_name = "/dev/xvda" + volume_size = var.windows_data_volume_size + volume_type = var.windows_data_volume_type + encrypted = true + delete_on_termination = true + } +} + +# Create Elastic IP for the EC2 instance +resource "aws_eip" "windows-eip" { + vpc = true +} + +# Associate Elastic IP to Windows Server +resource "aws_eip_association" "windows-eip-association" { + instance_id = aws_instance.windows-server.id + allocation_id = aws_eip.windows-eip.id +} + +# Define the security group for the Windows server +resource "aws_security_group" "aws-windows-sg" { + name = "${lower(var.app_name)}-${var.app_environment}-windows-sg" + description = "Allow incoming connections" + vpc_id = aws_vpc.vpc.id + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + description = "Allow incoming HTTP connections" + } + + ingress { + from_port = 3389 + to_port = 3389 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + description = "Allow incoming RDP connections" + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} \ No newline at end of file