Add main.tf
This commit is contained in:
commit
009cf03c78
|
@ -0,0 +1,118 @@
|
|||
# Create the VPC
|
||||
resource "aws_vpc" "vpc" {
|
||||
cidr_block = var.vpc_cidr
|
||||
enable_dns_hostnames = true
|
||||
}
|
||||
|
||||
# Define the public subnet
|
||||
resource "aws_subnet" "public-subnet" {
|
||||
vpc_id = aws_vpc.vpc.id
|
||||
cidr_block = var.public_subnet_cidr
|
||||
}
|
||||
|
||||
# Define the internet gateway
|
||||
resource "aws_internet_gateway" "gw" {
|
||||
vpc_id = aws_vpc.vpc.id
|
||||
}
|
||||
|
||||
# Define the public route table
|
||||
resource "aws_route_table" "public-rt" {
|
||||
vpc_id = aws_vpc.vpc.id
|
||||
route {
|
||||
cidr_block = "0.0.0.0/0"
|
||||
gateway_id = aws_internet_gateway.gw.id
|
||||
}
|
||||
}
|
||||
|
||||
# Assign the public route table to the public subnet
|
||||
resource "aws_route_table_association" "public-rt-association" {
|
||||
subnet_id = aws_subnet.public-subnet.id
|
||||
route_table_id = aws_route_table.public-rt.id
|
||||
}
|
||||
|
||||
|
||||
# Bootstrapping PowerShell Script
|
||||
data "template_file" "windows-userdata" {
|
||||
template = <<EOF
|
||||
<powershell>
|
||||
# Rename Machine
|
||||
Rename-Computer -NewName "${var.windows_instance_name}" -Force;
|
||||
|
||||
# Install IIS
|
||||
Install-WindowsFeature -name Web-Server -IncludeManagementTools;
|
||||
|
||||
# Restart machine
|
||||
shutdown -r -t 10;
|
||||
</powershell>
|
||||
EOF
|
||||
}
|
||||
|
||||
# Create EC2 Instance
|
||||
resource "aws_instance" "windows-server" {
|
||||
ami = data.aws_ami.windows-2019.id
|
||||
instance_type = var.windows_instance_type
|
||||
subnet_id = aws_subnet.public-subnet.id
|
||||
vpc_security_group_ids = [aws_security_group.aws-windows-sg.id]
|
||||
associate_public_ip_address = var.windows_associate_public_ip_address
|
||||
source_dest_check = false
|
||||
key_name = aws_key_pair.key_pair.key_name
|
||||
user_data = data.template_file.windows-userdata.rendered
|
||||
|
||||
# root disk
|
||||
root_block_device {
|
||||
volume_size = var.windows_root_volume_size
|
||||
volume_type = var.windows_root_volume_type
|
||||
delete_on_termination = true
|
||||
encrypted = true
|
||||
}
|
||||
|
||||
# extra disk
|
||||
ebs_block_device {
|
||||
device_name = "/dev/xvda"
|
||||
volume_size = var.windows_data_volume_size
|
||||
volume_type = var.windows_data_volume_type
|
||||
encrypted = true
|
||||
delete_on_termination = true
|
||||
}
|
||||
}
|
||||
|
||||
# Create Elastic IP for the EC2 instance
|
||||
resource "aws_eip" "windows-eip" {
|
||||
vpc = true
|
||||
}
|
||||
|
||||
# Associate Elastic IP to Windows Server
|
||||
resource "aws_eip_association" "windows-eip-association" {
|
||||
instance_id = aws_instance.windows-server.id
|
||||
allocation_id = aws_eip.windows-eip.id
|
||||
}
|
||||
|
||||
# Define the security group for the Windows server
|
||||
resource "aws_security_group" "aws-windows-sg" {
|
||||
name = "${lower(var.app_name)}-${var.app_environment}-windows-sg"
|
||||
description = "Allow incoming connections"
|
||||
vpc_id = aws_vpc.vpc.id
|
||||
|
||||
ingress {
|
||||
from_port = 80
|
||||
to_port = 80
|
||||
protocol = "tcp"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
description = "Allow incoming HTTP connections"
|
||||
}
|
||||
|
||||
ingress {
|
||||
from_port = 3389
|
||||
to_port = 3389
|
||||
protocol = "tcp"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
description = "Allow incoming RDP connections"
|
||||
}
|
||||
|
||||
egress {
|
||||
from_port = 0
|
||||
to_port = 0
|
||||
protocol = "-1"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue