web/git
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aa9810d0a8b06fef0a86ff5aa4ed900ca847fd6b
git/terraform/network.tf

52 lines
1.3 KiB
HCL
Raw Blame History

locals {
# The IP block for the VPC.
vpc_cidr = "10.0.0.0/16"
}
data "aws_availability_zones" "all" {}
# The main VPC.
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = "Main"
cidr = local.vpc_cidr
azs = [data.aws_availability_zones.all.names[0]]
private_subnets = [cidrsubnet(local.vpc_cidr, 8, 0)]
public_subnets = [cidrsubnet(local.vpc_cidr, 8, 4)]
private_subnet_tags = { SubnetOf = "Main", SubnetType = "Private" }
public_subnet_tags = { SubnetOf = "Main", SubnetType = "Public" }
map_public_ip_on_launch = true
enable_dns_hostnames = true
enable_dns_support = true
}
# Only allow HTTP(s) and SSH traffic. Allow full access to internet.
resource "aws_security_group" "public_access" {
vpc_id = module.vpc.vpc_id
}
resource "aws_vpc_security_group_ingress_rule" "ingress" {
for_each = toset(["80", "443", "22", "2222", "81", "8080", "4321", "1234"])
security_group_id = aws_security_group.public_access.id
from_port = each.value
to_port = each.value
ip_protocol = "tcp"
cidr_ipv4 = "0.0.0.0/0"
}
resource "aws_vpc_security_group_egress_rule" "egress" {
for_each = toset(["-1"])
security_group_id = aws_security_group.public_access.id
from_port = each.value
to_port = each.value
ip_protocol = "-1"
cidr_ipv4 = "0.0.0.0/0"
}
Reference in New Issue View Git Blame Copy Permalink