Lab5: Terraform Variables (Input) - OT-TRAINING/TerraformAWS GitHub Wiki
Terraform Variables (Input)
In this lab, we will try to make our code more generic to enhance re-usability.
We will take the code previously used in Lab and will use variable instead of static values.
Variable can be defined in the code as
variable "cidr-vpc" {
default = "10.0.0.0/16"
}
resource "aws_vpc" "main" {
cidr_block = var.cidr-vpc
instance_tenancy = "default"
tags = {
Name = vpc1
}
}
provider "aws" {
region = var.region
}
# create VPC
resource "aws_vpc" "main" {
cidr_block = var.cidr-vpc
instance_tenancy = "default"
tags = {
Name = var.tags
}
}
# create public subnet
resource "aws_subnet" "main" {
count = length(var.az_map)
vpc_id = aws_vpc.main.id
cidr_block = lookup(var.az_map[count.index], "cidr")
availability_zone = lookup(var.az_map[count.index], "az")
map_public_ip_on_launch = true
tags = {
Name = lookup(var.az_map[count.index], "name")
}
}
# create IGW
resource "aws_internet_gateway" "main" {
vpc_id = aws_vpc.main.id
tags = {
Name = "${var.tags}_igw"
}
}
# Public Route Table
resource "aws_route_table" "main" {
vpc_id = aws_vpc.main.id
route {
cidr_block = var.cidr-rt
gateway_id = aws_internet_gateway.main.id
}
}
# Associate the Route Table with the public Subnet
resource "aws_route_table_association" "main" {
count = length(aws_subnet.main)
subnet_id = element(aws_subnet.main.*.id , count.index )
# subnet_id = aws_subnet.main[0].id
route_table_id = aws_route_table.main.id
}
# create ec-2
resource "aws_instance" "main" {
count = var.count-ec2
ami = var.ami
instance_type = var.instance
subnet_id = element( aws_subnet.main.*.id , count.index )
vpc_security_group_ids = [aws_security_group.main.id]
tags = {
Name = "${var.tags}_instance[count.index]"
}
}
# Create the Security Group
resource "aws_security_group" "main" {
vpc_id = aws_vpc.main.id
name = "main Security Group"
# allow ingress of port 22
ingress {
cidr_blocks = ["0.0.0.0/0"]
from_port = var.port1
to_port = var.port1
protocol = var.protocol
}
ingress {
cidr_blocks = ["0.0.0.0/0"]
from_port = var.port2
to_port = var.port2
protocol = var.protocol
}
# allow egress of all ports
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "test-SG"
}
}
resource "aws_lb" "test" {
name = var.lb-name
internal = false
load_balancer_type = "application"
security_groups = [aws_security_group.main.id]
subnets = aws_subnet.main.*.id
}
resource "aws_lb_target_group" "test" {
name = "tf-test-lb-tg"
port = 80
protocol = "HTTP"
vpc_id = aws_vpc.main.id
}
resource "aws_lb_listener" "redirect" {
load_balancer_arn = aws_lb.test.arn
port = "80"
protocol = "HTTP"
default_action {
type = "redirect"
redirect {
port = "443"
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
}
resource "aws_lb_target_group_attachment" "test" {
count = length(aws_instance.main)
target_group_arn = aws_lb_target_group.test.arn
target_id = aws_instance.main[count.index].id
port = 80
}
variable "tags" {
type= string
default = "test"
}
variable "cidr-vpc" {
default = "10.0.0.0/16"
}
variable "count-ec2"{
default = "2"
}
variable "az_map" {
type = list
default = [
{
name = "us-east-2a"
az = "us-east-2a"
cidr = "10.0.1.0/24"
},
{
name = "us-east-2b"
az = "us-east-2b"
cidr = "10.0.2.0/24"
},
{
name = "us-east-2c"
az = "us-east-2c"
cidr = "10.0.3.0/24"
}
]
}
variable "cidr-rt" {
default = "0.0.0.0/0"
}
variable "ami"{
default = "ami-08962a4068733a2b6"
}
variable "instance" {
default = "t2.micro"
}
variable "region" {
default = "us-east-2"
}
variable "port1"{
default = "22"
}
variable "port2"{
default = "80"
}
variable "protocol"{
default = "tcp"
}
variable "lb-name"{
default = "test-lb"
}