github.com/outbrain/consul@v1.4.5/terraform/aws/consul.tf (about) 1 resource "aws_instance" "server" { 2 ami = "${lookup(var.ami, "${var.region}-${var.platform}")}" 3 instance_type = "${var.instance_type}" 4 key_name = "${var.key_name}" 5 count = "${var.servers}" 6 security_groups = ["${aws_security_group.consul.id}"] 7 subnet_id = "${lookup(var.subnets, count.index % var.servers)}" 8 9 connection { 10 user = "${lookup(var.user, var.platform)}" 11 private_key = "${file("${var.key_path}")}" 12 } 13 14 #Instance tags 15 tags { 16 Name = "${var.tagName}-${count.index}" 17 ConsulRole = "Server" 18 } 19 20 provisioner "file" { 21 source = "${path.module}/../shared/scripts/${lookup(var.service_conf, var.platform)}" 22 destination = "/tmp/${lookup(var.service_conf_dest, var.platform)}" 23 } 24 25 provisioner "remote-exec" { 26 inline = [ 27 "echo ${var.servers} > /tmp/consul-server-count", 28 "echo ${aws_instance.server.0.private_ip} > /tmp/consul-server-addr", 29 ] 30 } 31 32 provisioner "remote-exec" { 33 scripts = [ 34 "${path.module}/../shared/scripts/install.sh", 35 "${path.module}/../shared/scripts/service.sh", 36 "${path.module}/../shared/scripts/ip_tables.sh", 37 ] 38 } 39 } 40 41 resource "aws_security_group" "consul" { 42 name = "consul_${var.platform}" 43 description = "Consul internal traffic + maintenance." 44 vpc_id = "${var.vpc_id}" 45 46 // These are for internal traffic 47 ingress { 48 from_port = 0 49 to_port = 65535 50 protocol = "tcp" 51 self = true 52 } 53 54 ingress { 55 from_port = 0 56 to_port = 65535 57 protocol = "udp" 58 self = true 59 } 60 61 // These are for maintenance 62 ingress { 63 from_port = 22 64 to_port = 22 65 protocol = "tcp" 66 cidr_blocks = ["0.0.0.0/0"] 67 } 68 69 // This is for outbound internet access 70 egress { 71 from_port = 0 72 to_port = 0 73 protocol = "-1" 74 cidr_blocks = ["0.0.0.0/0"] 75 } 76 }