/
main.tf
127 lines (103 loc) · 3.21 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.9.0"
}
}
cloud {
organization = "kushtrimh"
workspaces {
name = "tomorr"
}
}
}
provider "aws" {}
# VPC
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = "${var.name}-vpc"
cidr = "10.0.0.0/16"
azs = var.availability_zones
private_subnets = var.private_subnets
public_subnets = var.public_subnets
enable_nat_gateway = true
single_nat_gateway = true
tags = {
environment = var.environment
}
}
# Bastion host
module "bastion_host" {
source = "./modules/aws-bastion-host"
name = var.name
private_key_name = var.private_key_name
vpc_id = module.vpc.vpc_id
public_subnets = module.vpc.public_subnets
bastion_ami = var.bastion_ami
}
# Database
module "database" {
source = "./modules/aws-rds"
name = var.name
db_name = var.rds_name
username = var.rds_username
password = var.rds_password
parameter_group_name = var.rds_parameter_group_name
vpc_id = module.vpc.vpc_id
port = var.rds_port
ingress_cidr_blocks = concat(module.vpc.private_subnets_cidr_blocks, module.vpc.public_subnets_cidr_blocks)
private_subnets = module.vpc.private_subnets
}
# Cache
module "redis_cache" {
source = "./modules/aws-elasticache"
name = var.name
vpc_id = module.vpc.vpc_id
parameter_group_name = var.cache_parameter_group_name
port = var.cache_port
private_subnets = module.vpc.private_subnets
ingress_cidr_blocks = concat(module.vpc.private_subnets_cidr_blocks, module.vpc.public_subnets_cidr_blocks)
}
# Message queue
module "rabbit_mq" {
source = "./modules/aws-rabbitmq"
name = var.name
vpc_id = module.vpc.vpc_id
port = var.mq_port
username = var.mq_username
password = var.mq_password
private_subnets = module.vpc.private_subnets
ingress_cidr_blocks = concat(module.vpc.private_subnets_cidr_blocks, module.vpc.public_subnets_cidr_blocks)
}
# Load balancer
module "loadbalancer" {
source = "./modules/aws-load-balancer"
name = var.name
vpc_id = module.vpc.vpc_id
instance_port = var.instance_port
subnets = module.vpc.public_subnets
environment = var.environment
}
# ECR
module "ecr" {
source = "./modules/aws-ecr"
name = var.ecr_name
}
# ECS
module "application_ecs" {
source = "./modules/aws-ecs"
name = var.name
vpc_id = module.vpc.vpc_id
private_subnets = module.vpc.private_subnets
private_key_name = var.private_key_name
application_ami = var.application_ami
alb_target_group_arn = module.loadbalancer.alb_target_group_arn
container_name = var.name
container_port = var.instance_port
task_definition_image = "${module.ecr.arn}/${var.name}"
bastion_host_security_group_id = module.bastion_host.security_group_id
load_balancer_security_group_id = module.loadbalancer.security_group_id
s3_env_bucket = var.s3_env_bucket
container_logs_region = var.container_logs_region
}