github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/examples/aws-elb/main.tf (about) 1 # Specify the provider and access details 2 provider "aws" { 3 region = "${var.aws_region}" 4 } 5 6 resource "aws_vpc" "default" { 7 cidr_block = "10.0.0.0/16" 8 enable_dns_hostnames = true 9 10 tags { 11 Name = "tf_test" 12 } 13 } 14 15 resource "aws_subnet" "tf_test_subnet" { 16 vpc_id = "${aws_vpc.default.id}" 17 cidr_block = "10.0.0.0/24" 18 map_public_ip_on_launch = true 19 20 tags { 21 Name = "tf_test_subnet" 22 } 23 } 24 25 resource "aws_internet_gateway" "gw" { 26 vpc_id = "${aws_vpc.default.id}" 27 28 tags { 29 Name = "tf_test_ig" 30 } 31 } 32 33 resource "aws_route_table" "r" { 34 vpc_id = "${aws_vpc.default.id}" 35 36 route { 37 cidr_block = "0.0.0.0/0" 38 gateway_id = "${aws_internet_gateway.gw.id}" 39 } 40 41 tags { 42 Name = "aws_route_table" 43 } 44 } 45 46 resource "aws_route_table_association" "a" { 47 subnet_id = "${aws_subnet.tf_test_subnet.id}" 48 route_table_id = "${aws_route_table.r.id}" 49 } 50 51 # Our default security group to access 52 # the instances over SSH and HTTP 53 resource "aws_security_group" "default" { 54 name = "instance_sg" 55 description = "Used in the terraform" 56 vpc_id = "${aws_vpc.default.id}" 57 58 # SSH access from anywhere 59 ingress { 60 from_port = 22 61 to_port = 22 62 protocol = "tcp" 63 cidr_blocks = ["0.0.0.0/0"] 64 } 65 66 # HTTP access from anywhere 67 ingress { 68 from_port = 80 69 to_port = 80 70 protocol = "tcp" 71 cidr_blocks = ["0.0.0.0/0"] 72 } 73 74 # outbound internet access 75 egress { 76 from_port = 0 77 to_port = 0 78 protocol = "-1" 79 cidr_blocks = ["0.0.0.0/0"] 80 } 81 } 82 83 # Our elb security group to access 84 # the ELB over HTTP 85 resource "aws_security_group" "elb" { 86 name = "elb_sg" 87 description = "Used in the terraform" 88 89 vpc_id = "${aws_vpc.default.id}" 90 91 # HTTP access from anywhere 92 ingress { 93 from_port = 80 94 to_port = 80 95 protocol = "tcp" 96 cidr_blocks = ["0.0.0.0/0"] 97 } 98 99 # outbound internet access 100 egress { 101 from_port = 0 102 to_port = 0 103 protocol = "-1" 104 cidr_blocks = ["0.0.0.0/0"] 105 } 106 107 # ensure the VPC has an Internet gateway or this step will fail 108 depends_on = ["aws_internet_gateway.gw"] 109 } 110 111 resource "aws_elb" "web" { 112 name = "example-elb" 113 114 # The same availability zone as our instance 115 subnets = ["${aws_subnet.tf_test_subnet.id}"] 116 117 security_groups = ["${aws_security_group.elb.id}"] 118 119 listener { 120 instance_port = 80 121 instance_protocol = "http" 122 lb_port = 80 123 lb_protocol = "http" 124 } 125 126 health_check { 127 healthy_threshold = 2 128 unhealthy_threshold = 2 129 timeout = 3 130 target = "HTTP:80/" 131 interval = 30 132 } 133 134 # The instance is registered automatically 135 136 instances = ["${aws_instance.web.id}"] 137 cross_zone_load_balancing = true 138 idle_timeout = 400 139 connection_draining = true 140 connection_draining_timeout = 400 141 } 142 143 resource "aws_lb_cookie_stickiness_policy" "default" { 144 name = "lbpolicy" 145 load_balancer = "${aws_elb.web.id}" 146 lb_port = 80 147 cookie_expiration_period = 600 148 } 149 150 resource "aws_instance" "web" { 151 instance_type = "t2.micro" 152 153 # Lookup the correct AMI based on the region 154 # we specified 155 ami = "${lookup(var.aws_amis, var.aws_region)}" 156 157 # The name of our SSH keypair you've created and downloaded 158 # from the AWS console. 159 # 160 # https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#KeyPairs: 161 # 162 key_name = "${var.key_name}" 163 164 # Our Security group to allow HTTP and SSH access 165 vpc_security_group_ids = ["${aws_security_group.default.id}"] 166 subnet_id = "${aws_subnet.tf_test_subnet.id}" 167 user_data = "${file("userdata.sh")}" 168 169 #Instance tags 170 171 tags { 172 Name = "elb-example" 173 } 174 }