techiescamp · techiescamp · Oct 25, 2023 · Aug 23, 2023 · Aug 28, 2023 · Sep 30, 2023
diff --git a/environments/dev/ec2/main.tf b/environments/dev/ec2/main.tf
@@ -2,6 +2,15 @@ provider "aws" {
   region = var.region
 }
 
+module "iam-policy" {
+  source                      = "../../../modules/iam-policy"
+  iam_policy_json_file        = var.iam_policy_json_file
+  owner                       = var.owner
+  environment                 = var.environment
+  cost_center                 = var.cost_center
+  application                 = var.application
+}
+
 module "ec2" {
   source             = "../../../modules/ec2"
   region             = var.region
@@ -10,23 +19,22 @@ module "ec2" {
   key_name           = var.key_name
   instance_count     = var.instance_count
   subnet_ids         = var.subnet_ids
-  name               = var.name
+  associate_public_ip_address = var.associate_public_ip_address
+  attach_instance_profile     = var.attach_instance_profile
+  iam_role                    = module.iam-policy.iam_role
+  security_group_ids          = module.security-group.security_group_ids
+  attach_eip                  = var.attach_eip
+  storage_size                = var.storage_size
   environment        = var.environment
   owner              = var.owner
   cost_center        = var.cost_center
   application        = var.application
-  security_group_ids = module.security-group.security_group_ids
+
 }
 
 module "security-group" {
   source      = "../../../modules/security-group"
   region      = var.region
-  tags        = var.tags
-  name        = var.name
-  environment = var.environment
-  owner       = var.owner
-  cost_center = var.cost_center
-  application = var.application
   vpc_id      = var.vpc_id
 
   ingress_cidr_from_port     = var.ingress_cidr_from_port
@@ -49,5 +57,11 @@ module "security-group" {
   egress_sg_protocol         = var.egress_sg_protocol
   egress_security_group_ids  = var.egress_security_group_ids
   create_egress_sg           = var.create_egress_sg
+
+  environment = var.environment
+  owner       = var.owner
+  cost_center = var.cost_center
+  application = var.application
 }
 
+
diff --git a/environments/dev/ec2/outputs.tf b/environments/dev/ec2/outputs.tf
@@ -13,3 +13,7 @@ output "instance_public_ip" {
   value       = module.ec2.instance_public_ip
 }
 
+output "instance_eip" {
+  description = "EIP attach to the ec2 instance"
+  value       = module.ec2.instance_eip
+}
diff --git a/environments/dev/ec2/variables.tf b/environments/dev/ec2/variables.tf
@@ -33,17 +33,37 @@ variable "vpc_id" {
   description = "VPC ID for the security group"
 }
 
+variable "associate_public_ip_address" {
+  type        = bool
+  description = "Enable or disable public ip address"
+}
+
+variable "attach_instance_profile" {
+  type        = bool
+  description = "Attach instance profile or not"
+}
+
+variable "iam_policy_json_file" {
+  type        = string
+  description = "Name of the json file"
+}
+
+variable "attach_eip" {
+  type        = bool
+  description = "Attach eip or not"
+}
+
+variable "storage_size" {
+  type        = number
+  description = "Storage size of the instance"
+}
+
 variable "tags" {
   default     = {}
   type        = map(string)
   description = "Extra tags to attach to the security group resources"
 }
 
-variable "name" {
-  type        = string
-  description = "The name of the resources"
-}
-
 variable "environment" {
   type        = string
   description = "The environment name for the resources"
@@ -163,3 +183,9 @@ variable "create_egress_sg" {
   type        = bool
   description = "Enable or disable Security Groups egress rules."
 }
+
+variable "iam_role" {
+  default     = null
+  description = "IAM role for the instance"
+  type        = string
+}
diff --git a/environments/dev/iam-policies/ec2.json b/environments/dev/iam-policies/ec2.json
@@ -0,0 +1,10 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": "*",
+            "Resource": "*"
+        }
+    ]
+}
diff --git a/environments/dev/vpc/main.tf b/environments/dev/vpc/main.tf
@@ -2,27 +2,91 @@ terraform {
   backend "s3" {}
 }
 provider "aws" {
-  region = "us-west-2"
+  region = var.region
 }
 
 module "vpc" {
-  source                        = "../../../modules/vpc"
-  region                        = var.region
-  vpc_cidr_block                = var.vpc_cidr_block
-  instance_tenancy              = var.instance_tenancy
-  enable_dns_support            = var.enable_dns_support
-  enable_dns_hostnames          = var.enable_dns_hostnames
-  domain                        = var.domain
-  create_nat_gateway            = var.create_nat_gateway
-  destination_cidr_block        = var.destination_cidr_block
-  map_public_ip_on_launch       = var.map_public_ip_on_launch
-  public_subnet_cidr_blocks     = var.public_subnet_cidr_blocks
-  app_subnet_cidr_blocks        = var.app_subnet_cidr_blocks
-  db_subnet_cidr_blocks         = var.db_subnet_cidr_blocks
-  management_subnet_cidr_blocks = var.management_subnet_cidr_blocks
-  availability_zones            = var.availability_zones
-  owner                         = var.owner
-  environment                   = var.environment
-  cost_center                   = var.cost_center
-  application                   = var.application
+  source                             = "../../../modules/vpc"
+  region                             = var.region
+  vpc_cidr_block                     = var.vpc_cidr_block
+  instance_tenancy                   = var.instance_tenancy
+  enable_dns_support                 = var.enable_dns_support
+  enable_dns_hostnames               = var.enable_dns_hostnames
+  domain                             = var.domain
+  create_nat_gateway                 = var.create_nat_gateway
+  destination_cidr_block             = var.destination_cidr_block
+  map_public_ip_on_launch            = var.map_public_ip_on_launch
+  public_subnet_cidr_blocks          = var.public_subnet_cidr_blocks
+  app_subnet_cidr_blocks             = var.app_subnet_cidr_blocks
+  db_subnet_cidr_blocks              = var.db_subnet_cidr_blocks
+  management_subnet_cidr_blocks      = var.management_subnet_cidr_blocks
+  platform_subnet_cidr_blocks        = var.platform_subnet_cidr_blocks
+  availability_zones                 = var.availability_zones
+  create_s3_endpoint                 = var.create_s3_endpoint
+  create_secrets_manager_endpoint    = var.create_secrets_manager_endpoint
+  create_cloudwatch_logs_endpoint    = var.create_cloudwatch_logs_endpoint
+  ingress_public_nacl_rule_no        = var.ingress_public_nacl_rule_no
+  ingress_public_nacl_action         = var.ingress_public_nacl_action
+  ingress_public_nacl_from_port      = var.ingress_public_nacl_from_port
+  ingress_public_nacl_to_port        = var.ingress_public_nacl_to_port
+  ingress_public_nacl_protocol       = var.ingress_public_nacl_protocol
+  ingress_public_nacl_cidr_block     = var.ingress_public_nacl_cidr_block
+  egress_public_nacl_rule_no         = var.egress_public_nacl_rule_no
+  egress_public_nacl_action          = var.egress_public_nacl_action
+  egress_public_nacl_from_port       = var.egress_public_nacl_from_port
+  egress_public_nacl_to_port         = var.egress_public_nacl_to_port
+  egress_public_nacl_protocol        = var.egress_public_nacl_protocol
+  egress_public_nacl_cidr_block      = var.egress_public_nacl_cidr_block
+  ingress_app_nacl_rule_no           = var.ingress_app_nacl_rule_no
+  ingress_app_nacl_action            = var.ingress_app_nacl_action
+  ingress_app_nacl_from_port         = var.ingress_app_nacl_from_port
+  ingress_app_nacl_to_port           = var.ingress_app_nacl_to_port
+  ingress_app_nacl_protocol          = var.ingress_app_nacl_protocol
+  ingress_app_nacl_cidr_block        = var.ingress_app_nacl_cidr_block
+  egress_app_nacl_rule_no            = var.egress_app_nacl_rule_no
+  egress_app_nacl_action             = var.egress_app_nacl_action
+  egress_app_nacl_from_port          = var.egress_app_nacl_from_port
+  egress_app_nacl_to_port            = var.egress_app_nacl_to_port
+  egress_app_nacl_protocol           = var.egress_app_nacl_protocol
+  egress_app_nacl_cidr_block         = var.egress_app_nacl_cidr_block
+  ingress_db_nacl_rule_no            = var.ingress_db_nacl_rule_no
+  ingress_db_nacl_action             = var.ingress_db_nacl_action
+  ingress_db_nacl_from_port          = var.ingress_db_nacl_from_port
+  ingress_db_nacl_to_port            = var.ingress_db_nacl_to_port
+  ingress_db_nacl_protocol           = var.ingress_db_nacl_protocol
+  ingress_db_nacl_cidr_block         = var.ingress_db_nacl_cidr_block
+  egress_db_nacl_rule_no             = var.egress_db_nacl_rule_no
+  egress_db_nacl_action              = var.egress_db_nacl_action
+  egress_db_nacl_from_port           = var.egress_db_nacl_from_port
+  egress_db_nacl_to_port             = var.egress_db_nacl_to_port
+  egress_db_nacl_protocol            = var.egress_db_nacl_protocol
+  egress_db_nacl_cidr_block          = var.egress_db_nacl_cidr_block
+  ingress_management_nacl_rule_no    = var.ingress_management_nacl_rule_no
+  ingress_management_nacl_action     = var.ingress_management_nacl_action
+  ingress_management_nacl_from_port  = var.ingress_management_nacl_from_port
+  ingress_management_nacl_to_port    = var.ingress_management_nacl_to_port
+  ingress_management_nacl_protocol   = var.ingress_management_nacl_protocol
+  ingress_management_nacl_cidr_block = var.ingress_management_nacl_cidr_block
+  egress_management_nacl_rule_no     = var.egress_management_nacl_rule_no
+  egress_management_nacl_action      = var.egress_management_nacl_action
+  egress_management_nacl_from_port   = var.egress_management_nacl_from_port
+  egress_management_nacl_to_port     = var.egress_management_nacl_to_port
+  egress_management_nacl_protocol    = var.egress_management_nacl_protocol
+  egress_management_nacl_cidr_block  = var.egress_management_nacl_cidr_block
+  ingress_platform_nacl_rule_no      = var.ingress_platform_nacl_rule_no
+  ingress_platform_nacl_action       = var.ingress_platform_nacl_action
+  ingress_platform_nacl_from_port    = var.ingress_platform_nacl_from_port
+  ingress_platform_nacl_to_port      = var.ingress_platform_nacl_to_port
+  ingress_platform_nacl_protocol     = var.ingress_platform_nacl_protocol
+  ingress_platform_nacl_cidr_block   = var.ingress_platform_nacl_cidr_block
+  egress_platform_nacl_rule_no       = var.egress_platform_nacl_rule_no
+  egress_platform_nacl_action        = var.egress_platform_nacl_action
+  egress_platform_nacl_from_port     = var.egress_platform_nacl_from_port
+  egress_platform_nacl_to_port       = var.egress_platform_nacl_to_port
+  egress_platform_nacl_protocol      = var.egress_platform_nacl_protocol
+  egress_platform_nacl_cidr_block    = var.egress_platform_nacl_cidr_block
+  owner                              = var.owner
+  environment                        = var.environment
+  cost_center                        = var.cost_center
+  application                        = var.application
 }