Merge pull request #3 from Aswin-Vijayan/TEC-56

[TEC-56][Add] - New branch

Author: techiescamp

.gitignore

@@ -5,7 +5,7 @@
 *.tfstate
 *.tfstate.*
 .terraform.lock.hcl
-
+.terraform
 # Crash log files
 crash.log
 
@@ -28,3 +28,4 @@ override.tf.json
 
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
+.DS_Store

README.md

@@ -6,12 +6,14 @@ Terraform AWS Cloud examples for beginners
 terraform init \
     -backend-config="key=dev/vpc.tfstate" \
     -backend-config="bucket=dcube-terraform-state" \
-    -backend-config="region=us-west-2" 
+    -backend-config="region=us-west-2" \
+    -backend-config="dynamodb_table=terraform-state-lock"
 
-terraform destory \
+terraform destroy \
     -backend-config="key=dev/vpc.tfstate" \
     -backend-config="bucket=dcube-terraform-state" \
-    -backend-config="region=us-west-2" 
+    -backend-config="region=us-west-2" \
+    -backend-config="dynamodb_table=terraform-state-lock"
 
 
 ## Requirements

environments/dev/lb-asg/main.tf

@@ -0,0 +1,16 @@
+provider "aws" {
+  region = var.region
+}
+
+module "lb-asg" {
+  source        = "../../../modules/lb-asg"
+  region        = var.region
+  owner         = var.owner
+  cost_center   = var.cost_center
+  subnets       = var.subnets
+  ami_id        = var.ami_id
+  instance_type = var.instance_type
+  key_name      = var.key_name
+  environment   = var.environment
+  vpc_id        = var.vpc_id
+}

environments/dev/lb-asg/variables.tf

@@ -0,0 +1,51 @@
+variable "tags" {
+  default     = {}
+  type        = map(string)
+  description = "Extra tags to attach to the lb-asg resources"
+}
+
+variable "region" {
+  type        = string
+  description = "Region of the lb-asg"
+}
+
+variable "ami_id" {
+  description = "The ID of the Amazon Machine Image (AMI) to use for the EC2 instances."
+}
+
+variable "instance_type" {
+  description = "The type of EC2 instance to use for the ASG."
+}
+
+variable "key_name" {
+  description = "The name of the EC2 key pair to use for the instances."
+}
+
+variable "environment" {
+  description = "The environment name for the resources."
+}
+
+variable "vpc_id" {
+  description = "The ID of the VPC to use for the resources."
+}
+
+variable "subnets" {
+  description = "A list of subnet IDs to use for the resources."
+  type        = list(string)
+}
+
+variable "iam_role_arn" {
+  description = "ARN of the existing IAM role"
+  type        = string
+  default     = null
+}
+
+variable "owner" {
+  type        = string
+  description = "Name of owner this lb-asg is meant to house"
+}
+
+variable "cost_center" {
+  type        = string
+  description = "Name of cost-center for this lb-asg"
+}

environments/dev/rds/main.tf

@@ -0,0 +1,17 @@
+provider "aws" {
+  region = var.region
+}
+
+module "rds" {
+  source            = "../../../modules/rds"
+  region            = var.region
+  owner             = var.owner
+  cost_center       = var.cost_center
+  environment       = var.environment
+  db_username       = var.db_username
+  manage_master_user_password = var.manage_master_user_password
+  db_password       = var.db_password
+  db_name           = var.db_name
+  db_instance_class = var.db_instance_class
+  parameter_name    = var.parameter_name
+}

environments/dev/rds/variables.tf

@@ -0,0 +1,60 @@
+variable "tags" {
+  default     = {}
+  type        = map(string)
+  description = "Extra tags to attach to the RDS resources"
+}
+
+variable "update_rds_endpoint" {
+  type    = bool
+  default = true
+}
+
+variable "region" {
+  type        = string
+  description = "Region of the rds"
+}
+
+variable "environment" {
+  description = "The environment name for the resources."
+}
+
+variable "owner" {
+  type        = string
+  description = "Name of the owner for this RDS"
+}
+
+variable "cost_center" {
+  type        = string
+  description = "Name of cost-center for this RDS"
+}
+
+variable "db_username" {
+  description = "The username for the RDS database"
+  type    = string
+}
+
+variable "manage_master_user_password" {
+  description = "To enable master user password or not"
+  type    = bool
+  default = false
+}
+
+variable "db_password" {
+  description = "Password for RDS"
+  type    = string
+}
+
+variable "db_name" {
+  description = "The identifier for the RDS instance"
+  type    = string
+}
+
+variable "db_instance_class" {
+  description = "The RDS instance class"
+  type    = string
+}
+
+variable "parameter_name" {
+  description = "The RDS instance class"
+  type    = string
+}

environments/dev/vpc/main.tf

@@ -6,14 +6,15 @@ provider "aws" {
 }
 
 module "vpc" {
-  source                    = "../../../modules/vpc"
-  name                      = "eks-vpc"
-  region                    = "us-west-2"
-  project                   = "EKS Demo"
-  environment               = "dev"
-  vpc_cidr_block            = "10.0.0.0/16"
-  public_subnet_cidr_blocks = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
-  app_subnet_cidr_blocks    = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
-  db_subnet_cidr_blocks     = ["10.0.7.0/24", "10.0.8.0/24", "10.0.9.0/24"]
-  availability_zones        = ["us-west-2a", "us-west-2b", "us-west-2c"]
+  source                        = "../../../modules/vpc"
+  name                          = "eks-vpc"
+  region                        = "us-west-2"
+  project                       = "EKS Demo"
+  environment                   = "dev"
+  vpc_cidr_block                = "10.0.0.0/16"
+  public_subnet_cidr_blocks     = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
+  app_subnet_cidr_blocks        = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
+  db_subnet_cidr_blocks         = ["10.0.7.0/24", "10.0.8.0/24", "10.0.9.0/24"]
+  management_subnet_cidr_blocks = ["10.0.10.0/24", "10.0.11.0/24", "10.0.12.0/24"]
+  availability_zones            = ["us-west-2a", "us-west-2b", "us-west-2c"]
 }

environments/test/vpc/main.tf

@@ -16,17 +16,17 @@ resource "aws_iam_role" "eks_cluster" {
 
   assume_role_policy = jsonencode(
     {
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = "sts:AssumeRole"
-        Effect = "Allow"
-        Principal = {
-          Service = "eks.amazonaws.com"
+      Version = "2012-10-17"
+      Statement = [
+        {
+          Action = "sts:AssumeRole"
+          Effect = "Allow"
+          Principal = {
+            Service = "eks.amazonaws.com"
+          }
         }
-      }
-    ]
-  }
+      ]
+    }
   )
 }
 
@@ -36,8 +36,8 @@ resource "aws_iam_role_policy_attachment" "AmazonEKSClusterPolicy" {
 }
 
 resource "aws_iam_role_policy_attachment" "AmazonEC2ContainerRegistryReadOnly-EKS" {
- policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
- role    = aws_iam_role.eks_cluster.name
+  policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
+  role       = aws_iam_role.eks_cluster.name
 }
 
 
@@ -46,17 +46,17 @@ resource "aws_iam_role" "eks_node_group" {
 
   assume_role_policy = jsonencode(
     {
-    Version = "2012-10-17"
-    Statement = [
-      {
-        Action = "sts:AssumeRole"
-        Effect = "Allow"
-        Principal = {
-          Service = "ec2.amazonaws.com"
+      Version = "2012-10-17"
+      Statement = [
+        {
+          Action = "sts:AssumeRole"
+          Effect = "Allow"
+          Principal = {
+            Service = "ec2.amazonaws.com"
+          }
         }
-      }
-    ]
-  }
+      ]
+    }
   )
 }
 
@@ -65,20 +65,20 @@ resource "aws_iam_role_policy_attachment" "AmazonEKSWorkerNodePolicy" {
   role       = aws_iam_role.eks_node_group.name
 }
 
- resource "aws_iam_role_policy_attachment" "AmazonEKS_CNI_Policy" {
+resource "aws_iam_role_policy_attachment" "AmazonEKS_CNI_Policy" {
   policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
-  role    = aws_iam_role.eks_node_group.name
- }
- 
- resource "aws_iam_role_policy_attachment" "EC2InstanceProfileForImageBuilderECRContainerBuilds" {
+  role       = aws_iam_role.eks_node_group.name
+}
+
+resource "aws_iam_role_policy_attachment" "EC2InstanceProfileForImageBuilderECRContainerBuilds" {
   policy_arn = "arn:aws:iam::aws:policy/EC2InstanceProfileForImageBuilderECRContainerBuilds"
-  role    = aws_iam_role.eks_node_group.name
- }
- 
- resource "aws_iam_role_policy_attachment" "AmazonEC2ContainerRegistryReadOnly" {
+  role       = aws_iam_role.eks_node_group.name
+}
+
+resource "aws_iam_role_policy_attachment" "AmazonEC2ContainerRegistryReadOnly" {
   policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
-  role    = aws_iam_role.eks_node_group.name
- }
+  role       = aws_iam_role.eks_node_group.name
+}
 
 resource "aws_security_group" "eks_control_plane_sg" {
   name_prefix = "eks-control-plane-sg"
@@ -119,31 +119,31 @@ resource "aws_security_group" "worker_nodes_sg" {
 }
 
 resource "aws_eks_node_group" "ondemand_group" {
-  cluster_name = aws_eks_cluster.eks_cluster.name
+  cluster_name    = aws_eks_cluster.eks_cluster.name
   node_group_name = "ondemand-group"
   node_role_arn   = aws_iam_role.eks_node_group.arn
   subnet_ids      = [var.subnet_id_1, var.subnet_id_2]
   scaling_config {
     desired_size = 2
-    max_size = 2
-    min_size = 2
+    max_size     = 2
+    min_size     = 2
   }
   instance_types = ["t2.medium"]
-  capacity_type = "ON_DEMAND"
+  capacity_type  = "ON_DEMAND"
 }
 
 resource "aws_eks_node_group" "spot_group" {
-  cluster_name = aws_eks_cluster.eks_cluster.name
+  cluster_name    = aws_eks_cluster.eks_cluster.name
   node_role_arn   = aws_iam_role.eks_node_group.arn
   subnet_ids      = [var.subnet_id_1, var.subnet_id_2]
   node_group_name = "spot-group"
   scaling_config {
     desired_size = 2
-    max_size = 2
-    min_size = 2
+    max_size     = 2
+    min_size     = 2
   }
   instance_types = ["t2.medium"]
-  capacity_type = "SPOT"
+  capacity_type  = "SPOT"
 
   depends_on = [
     aws_iam_role_policy_attachment.AmazonEKSWorkerNodePolicy,
@@ -152,7 +152,7 @@ resource "aws_eks_node_group" "spot_group" {
   ]
 
   remote_access {
-    ec2_ssh_key = var.key-name
+    ec2_ssh_key               = var.key-name
     source_security_group_ids = [aws_security_group.worker_nodes_sg.id]
   }
 }

environments/test/vpc/variables.tf

@@ -8,22 +8,22 @@ variable "cluster_name" {
 }
 
 variable "subnet_id_1" {
- type = string
- default = "subnet-058a7514ba8adbb07"
+  type    = string
+  default = "subnet-058a7514ba8adbb07"
 }
 
 variable "ami_id" {
   type    = string
   default = "ami-0735c191cf914754d"
 }
- 
+
 variable "subnet_id_2" {
- type = string
- default = "subnet-0dbcd1ac168414927"
+  type    = string
+  default = "subnet-0dbcd1ac168414927"
 }
 
 variable "vpc_id" {
-  type        = string
+  type    = string
   default = "vpc-0a5ca4a92c2e10163"
 }