テラフォームでAWS構築
テラフォームでAWSを構築していきたいと思います。条件としては以下のようになります
条件
- VPC:新規で作成
- ゾーン:ap-northeast-1a
- サブネット:10.0.2.0/24
- エラスティックIP:自動取得
- セキュリティー:22番、80番、443番許可
- OS:AmazonLinux2
- CPU:インテル系
- インスタンス:t2.micro
- EBS:30GB
となります
main.cf
# 変数定義
variable "aws_access_key" {}
variable "aws_secret_key" {}
variable "aws_region" {}
variable "aws_vpc_cidr" {}
variable "aws_vpc_tags_name" {}
# Provider
provider "aws" {
version = "4.5.0"
access_key = var.aws_access_key
secret_key = var.aws_secret_key
region = var.aws_region
}
# VPC の作成
resource "aws_vpc" "main" {
cidr_block = var.aws_vpc_cidr
instance_tenancy = "default"
enable_dns_support = "true"
enable_dns_hostnames = "true"
tags = {
Name = var.aws_vpc_tags_name
}
}
# subnetの作成
resource "aws_subnet" "public_1a" {
# 先程作成したVPCを参照し、そのVPC内にSubnetを立てる
vpc_id = "${aws_vpc.main.id}"
# Subnetを作成するAZ
availability_zone = "ap-northeast-1a"
cidr_block = "10.0.2.0/24"
tags = {
Name = "terraform-subnet"
}
}
#ゲートウェイの作成
resource "aws_internet_gateway" "main" {
vpc_id = "${aws_vpc.main.id}"
tags = {
Name = "terraform-gateway"
}
}
# ルートテーブル
resource "aws_route_table" "public" {
vpc_id = "${aws_vpc.main.id}"
tags = {
Name = "terraform-public"
}
}
# ルート
resource "aws_route" "public" {
destination_cidr_block = "0.0.0.0/0"
route_table_id = "${aws_route_table.public.id}"
gateway_id = "${aws_internet_gateway.main.id}"
}
resource "aws_route_table_association" "public_1a" {
subnet_id = "${aws_subnet.public_1a.id}"
route_table_id = "${aws_route_table.public.id}"
}
# Security Group作成
resource "aws_security_group" "handson_ec2_sg" {
name = "terraform-handson-ec2-sg"
description = "For EC2 Linux"
vpc_id = aws_vpc.main.id
tags = {
Name = "terraform-handson-ec2-sg"
}
# アウトバウンドルール
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group_rule" "inbound_http" {
type = "ingress"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = [
"0.0.0.0/0"
]
# ここでweb_serverセキュリティグループに紐付け
security_group_id = "${aws_security_group.handson_ec2_sg.id}"
}
# 443
resource "aws_security_group_rule" "inbound_https" {
type = "ingress"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = [
"0.0.0.0/0"
]
# ここでweb_serverセキュリティグループに紐付け
security_group_id = "${aws_security_group.handson_ec2_sg.id}"
}
# 22番
resource "aws_security_group_rule" "inbound_ssh" {
type = "ingress"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = [
"0.0.0.0/0"
]
# ここでweb_serverセキュリティグループに紐付け
security_group_id = "${aws_security_group.handson_ec2_sg.id}"
}
ec2.tf
# EC2の作成
# ---------------------------
# EC2
# ---------------------------
# Amazon Linux 2 の最新版AMIを取得
data "aws_ssm_parameter" "amzn2_latest_ami" {
name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-kernel-5.10-hvm-x86_64-gp2"
#name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-kernel-5.10-hvm-2.0.20220912.1-arm64-gp2"
}
# EC2作成
resource "aws_instance" "handson_ec2"{
ami = data.aws_ssm_parameter.amzn2_latest_ami.value
instance_type = "t2.micro"
#availability_zone = ap-northeast-1a
vpc_security_group_ids = [aws_security_group.handson_ec2_sg.id]
subnet_id = aws_subnet.public_1a.id
associate_public_ip_address = "true"
key_name = "terraform"
#EBSのデフォルトの8GBを変更
root_block_device {
volume_type = "gp2"
volume_size = 30
}
tags = {
Name = "terraform-handson-ec2"
}
}
#エラスティックIPの設定
resource "aws_eip" "public_ip" {
instance = aws_instance.handson_ec2.id
vpc = true
tags = {
Name = "terraform-public_ip"
}
}
個人支援・寄付について
サイトラボでは個人支援・寄付を受けております。ご協力いただける方はお願いいたします。当サイトではビットコインで受け付けております。
- ビットコイン:3LHnADwZwUbic2L45EnVJEykiG6KfbqrwS