terraform code (network)

Terraform

terraform code (network)

KK_Ryong 2023. 8. 31. 12:13

#VPC 생성------------------------------
resource "aws_vpc" "projent-stg-vpc" {
  cidr_block           = "10.0.0.0/16"
  instance_tenancy     = "default"
  enable_dns_support   = true
  enable_dns_hostnames = true
  tags = {
    Name = "projent-stg-vpc"
  }
  lifecycle {
        #create_before_destroy = true
        #prevent_destroy = true  #삭제 방지 (오류로 떨어짐)
        #ignore_changes = all   #업데이트 방지
  }
}
#internet_gateway생성------------------------------
resource "aws_internet_gateway" "projent-stg-igw" {
  vpc_id = "${aws_vpc.projent-stg-vpc.id}"
  tags = {
    Name = "projent-stg-igw"
  }
}

data "aws_availability_zones" "available" {
  state = "available"
  exclude_names = ["ap-northeast-2d", "ap-northeast-2b"]
}

#Subnet 생성------------------------------
resource "aws_subnet" "projent-stg-subnet-public-ap-northeast-2a" {
  vpc_id                  = aws_vpc.projent-stg-vpc.id
  count                   = length(data.aws_availability_zones.available.names)
  cidr_block              = "10.0.${0 + count.index}.0/24"
  map_public_ip_on_launch = true
  availability_zone       = data.aws_availability_zones.available.names[count.index]
  tags = {
    Name = "projent-stg-subnet-public-ap-northeast-2"
  }
}

resource "aws_subnet" "projent-stg-subnet-private-ap-northeast-2a" {
  vpc_id                  = aws_vpc.projent-stg-vpc.id
  count                   = length(data.aws_availability_zones.available.names)
  cidr_block              = "10.0.${10 + count.index}.0/24"
  map_public_ip_on_launch = false
  availability_zone       = data.aws_availability_zones.available.names[count.index]
  tags = {
    Name = "projent-stg-subnet-private-ap-northeast-2"
  }
}
#NatGatewey생성------------------------------
resource "aws_eip" "projent-stg-public-nat-eip" {
  vpc   = true

  lifecycle {
    create_before_destroy = true
  }
  tags = {
    Name = "projent-stg-public-nat"
  }
}
resource "aws_nat_gateway" "projent-stg-public-nat" {
  allocation_id = aws_eip.projent-stg-public-nat-eip.id
  # Private subnet이 아니라 public subnet을 연결하셔야 합니다.
  subnet_id = aws_subnet.projent-stg-subnet-public-ap-northeast-2a[0].id

  tags = {
    Name = "projent-stg-public-nat"
  }
}

#Routing Table생성------------------------------
resource "aws_route_table" "projent-stg-rtb-public" {
  vpc_id = aws_vpc.projent-stg-vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.projent-stg-igw.id
  }
  tags = {
    Name = "projent-stg-rtb-public"
  }
  lifecycle {
        #create_before_destroy = true
        #prevent_destroy = true  #삭제 방지 (오류로 떨어짐)
        #ignore_changes = all   #업데이트 방지
  }
}
resource "aws_route_table" "projent-stg-rtb-private" {
  vpc_id = aws_vpc.projent-stg-vpc.id
  route {
    cidr_block = "0.0.0.0/0"
    nat_gateway_id = aws_nat_gateway.projent-stg-public-nat.id
  }
  tags = {
    Name = "projent-stg-rtb-private"
  }
  lifecycle {
        #create_before_destroy = true
        #prevent_destroy = true  #삭제 방지 (오류로 떨어짐)
        #ignore_changes = all   #업데이트 방지
    }
}

#라우터 테이블에 서브넷 연결------------------------------
resource "aws_route_table_association" "projent-stg-rtb-public" {
  count          = length(aws_subnet.projent-stg-subnet-public-ap-northeast-2a)
  route_table_id = aws_route_table.projent-stg-rtb-public.id
  subnet_id      = aws_subnet.projent-stg-subnet-public-ap-northeast-2a[count.index].id

}
resource "aws_route_table_association" "projent-stg-rtb-private" {
  count          = length(aws_subnet.projent-stg-subnet-private-ap-northeast-2a)
  route_table_id = aws_route_table.projent-stg-rtb-private.id
  subnet_id      = aws_subnet.projent-stg-subnet-private-ap-northeast-2a[count.index].id
}