diff --git a/README.md b/README.md index fef3eeb..519397d 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,8 @@ # assingment01 +- 과제 1 진행을 위한 테라폼 코드 입니다. +- [참고 코드_링크](https://github.com/Seong-dong/team_prj_terraform) + - 본인이 약 3년전 terraform 학습을 위해 작성했던 코드 참고. + - ChatGPT에 대하여 인지하 못하던 시기에 생성한 자료 입니다. +- 백엔드로는 테라폼클라우드 백엔드가 적용되어 있습니다. + - terraform state pull > terraform.tfstate \ No newline at end of file diff --git a/assignments-1.png b/assignments-1.png new file mode 100644 index 0000000..ee8d120 Binary files /dev/null and b/assignments-1.png differ diff --git a/assignments.sh b/assignments.sh new file mode 100644 index 0000000..51e4543 --- /dev/null +++ b/assignments.sh @@ -0,0 +1,21 @@ +#!/bin/bash +set -e + +# Update and install docker +apt update -y +apt install -y docker.io + +# Enable & start Docker +systemctl enable docker +systemctl start docker + +# Wait for docker daemon to be ready +tries=0 +while ! docker info >/dev/null 2>&1; do + tries=$((tries+1)) + echo "Waiting for Docker... ($tries)" + sleep 30 +done + +# Run the helloworld container +docker run -d --name hello -p 80:8080 testcontainers/helloworld:1.2.0 \ No newline at end of file diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..3863909 --- /dev/null +++ b/main.tf @@ -0,0 +1,368 @@ +/* + Provider Information + Used default accounts +*/ +provider "aws" { + region = "ap-northeast-2" # 리전별 프로바이더 설정 필요. +} + +// Local Vaiables +locals { + region = "ap-northeast-2" + common_tags = { + project = "icurfer-demo" + owner = "icurfer" + } + cidr = { + vpc = "10.3.0.0/16" + zone_a = "10.3.1.0/24" + zone_c = "10.3.3.0/24" + zone_a_private = "10.3.2.0/24" + zone_c_private = "10.3.4.0/24" + } + udp_port = { + dns_port = 53 + } + any_protocol = "-1" + tcp_protocol = "tcp" + icmp_protocol = "icmp" + all_ips = ["0.0.0.0/0"] + admin_ip = ["140.245.71.192/32"] + + node_group_scaling_config = { + desired_size = 2 + max_size = 4 + min_size = 1 + } + +} + +// GET 계정정보 +data "aws_caller_identity" "this" {} + +################################## +### Create Infra - Network ### +################################## + +// vpc 생성 +module "vpc" { + source = "./modules/vpc" + tag_name = "${local.common_tags.project}" + cidr_block = "10.3.0.0/16" + +} + +// Ingernet gateway +module "igw" { + source = "./modules/igw" + + vpc_id = module.vpc.vpc_id + + tag_name = "${local.common_tags.project}" + + depends_on = [ + module.vpc + ] +} + +// Create Public Subnet +module "subnet_ext" { + source = "./modules/vpc-subnet" + + // set variables, ./modules/vpc-subnet/valiables.tf + vpc_id = module.vpc.vpc_id + subnet-az-list = { + "zone-a" = { + name = "${local.region}a" + cidr = local.cidr.zone_a + } + "zone-c" = { + name = "${local.region}c" + cidr = local.cidr.zone_c + } + } + public_ip_on = true + + tag_name = "${local.common_tags.project}" + + depends_on = [ + module.vpc + ] +} + +// Create private외부통신을 위한 nat +module "ngw" { + source = "./modules/nat-gateway" + subnet_id = module.subnet_ext.subnet.zone-a.id + # subnet_id = module.subnet_public.subnet.zone-a.id + + tag_name = "${local.common_tags.project}" + + depends_on = [ + module.subnet_ext + ] +} + +// Create public route +module "route_public" { + source = "./modules/route-table" + vpc_id = module.vpc.vpc_id + tag_name = "${local.common_tags.project}-ext" + +} + +# // 라우팅 테이블에 룰 추가 +module "route_add" { + source = "./modules/route-add" + route_id = module.route_public.route_id + igw_id = module.igw.igw_id + gw_type = "igw" + destination_cidr = "0.0.0.0/0" +} + +# //서브넷 - 라우팅테이블 +module "route_association" { + source = "./modules/route-association" + route_table_id = module.route_public.route_id + + association_count = 2 + subnet_ids = [module.subnet_ext.subnet.zone-a.id, module.subnet_ext.subnet.zone-c.id] +} + +// Create Private Subnet +module "subnet_int" { + source = "./modules/vpc-subnet" + + // set variables, ./modules/vpc-subnet/valiables.tf + vpc_id = module.vpc.vpc_id + subnet-az-list = { + "zone-a" = { + name = "${local.region}a" + cidr = local.cidr.zone_a_private + } + "zone-c" = { + name = "${local.region}c" + cidr = local.cidr.zone_c_private + } + } + public_ip_on = false + + tag_name = "${local.common_tags.project}" + + depends_on = [ + module.vpc + ] +} + +// Create private route +module "route_private" { + source = "./modules/route-table" + tag_name = "${local.common_tags.project}-int" + vpc_id = module.vpc.vpc_id + +} +module "route_add_nat" { + source = "./modules/route-add" + route_id = module.route_private.route_id + nat_id = module.ngw.nat_id + gw_type = "nat" + destination_cidr = "0.0.0.0/0" +} + +module "route_association_nat" { + source = "./modules/route-association" + route_table_id = module.route_private.route_id + + association_count = 2 + subnet_ids = [module.subnet_int.subnet.zone-a.id, module.subnet_int.subnet.zone-c.id] +} + +################################## +### Create Infra - Bastion ### +################################## +module "bastion" { + source = "./modules/ec2" + ami_name = "ami-010be25c3775061c9" //ubuntu 22.04 LTS + instance_type = "t2.micro" + tag_name = "bastion" + public_ip_associate = true + key_name = "icurfer-demo" + public_subnet = module.subnet_ext.subnet.zone-a.id + private_subnet = module.subnet_int.subnet.zone-a.id + sg_list = [module.bastion_sg.sg_id] + user_data_file = null + # user_data_file = "${path.module}/assignments.sh" + + depends_on = [ + module.bastion_sg + ] +} + +module "bastion_sg" { + source = "./modules/sg" + sg_name = "${local.common_tags.project}-bastion-sg" + vpc_id = module.vpc.vpc_id + +} +module "bastion_sg_ingress" { + source = "./modules/sg-rule-add" + type = "ingress" + rules = { + "ssh" = { + from_port = "22" + to_port = "22" + protocol = "tcp" + cidr_blocks = "140.245.71.192/32" + } + } + + security_group_id = module.bastion_sg.sg_id + + tag_name = "${local.common_tags.project}" +} + +module "bastion_sg_egress" { + source = "./modules/sg-rule-add" + type = "egress" + rules = { + "ssh" = { + from_port = "-1" + to_port = "-1" + protocol = "-1" + cidr_blocks = "0.0.0.0/0" + } + } + + security_group_id = module.bastion_sg.sg_id + + tag_name = "${local.common_tags.project}" +} +################################## +### Create Infra - Web_Svr ### +################################## +module "web_svr" { + source = "./modules/ec2" + ami_name = "ami-010be25c3775061c9" //ubuntu 22.04 LTS + instance_type = "t2.micro" + tag_name = "web" + public_ip_associate = false + key_name = "icurfer-demo" + public_subnet = module.subnet_ext.subnet.zone-a.id + private_subnet = module.subnet_int.subnet.zone-a.id + sg_list = [module.web_sg.sg_id] + # user_data_file = null + user_data_file = "${path.module}/assignments.sh" + + depends_on = [ + module.web_sg, + module.ngw.nat_id + ] +} + +module "web_sg" { + source = "./modules/sg" + sg_name = "${local.common_tags.project}-web-sg" + vpc_id = module.vpc.vpc_id + +} +module "web_sg_ingress" { + source = "./modules/sg-rule-add" + type = "ingress" + rules = { + "ssh" = { + from_port = "22" + to_port = "22" + protocol = "tcp" + cidr_blocks = "${module.bastion.private_ip}/32" + } + "http" = { + from_port = "80" + to_port = "80" + protocol = "tcp" + cidr_blocks = "0.0.0.0/0" + } + } + + security_group_id = module.web_sg.sg_id + + tag_name = "${local.common_tags.project}" +} + +module "web_sg_egress" { + source = "./modules/sg-rule-add" + type = "egress" + rules = { + "ssh" = { + from_port = "-1" + to_port = "-1" + protocol = "-1" + cidr_blocks = "0.0.0.0/0" + } + } + + security_group_id = module.web_sg.sg_id + + tag_name = "${local.common_tags.project}" +} + +################################################### +### Create Infra - Application LoadBalancer ### +################################################### + +// ALB 보안그룹 생성 +module "alb_sg" { + source = "./modules/sg" + sg_name = "${local.common_tags.project}-alb-sg" + vpc_id = module.vpc.vpc_id + +} + +module "alb_sg_ingress" { + source = "./modules/sg-rule-add" + type = "ingress" + rules = { + "http" = { + from_port = "80" + to_port = "80" + protocol = "tcp" + cidr_blocks = "0.0.0.0/0" + } + } + + security_group_id = module.alb_sg.sg_id + + tag_name = "${local.common_tags.project}" +} + +module "alb_sg_egress" { + source = "./modules/sg-rule-add" + type = "egress" + rules = { + "ssh" = { + from_port = "-1" + to_port = "-1" + protocol = "-1" + cidr_blocks = "0.0.0.0/0" + } + } + + security_group_id = module.alb_sg.sg_id + + tag_name = "${local.common_tags.project}" +} + +// ALB +module "alb" { + source = "./modules/alb" + name = "${local.common_tags.project}" + + vpc_id = module.vpc.vpc_id + subnet_ids = [module.subnet_ext.subnet.zone-a.id, module.subnet_ext.subnet.zone-c.id] + + instance_id = module.web_svr.ec2_id + sg_ids = [module.alb_sg.sg_id] + + depends_on = [ + module.alb_sg + ] +} \ No newline at end of file diff --git a/modules/alb/main.tf b/modules/alb/main.tf new file mode 100644 index 0000000..780edf5 --- /dev/null +++ b/modules/alb/main.tf @@ -0,0 +1,55 @@ +#로드밸런서 +resource "aws_lb" "alb" { + name = "${var.name}-alb" + load_balancer_type = "application" + subnets = var.subnet_ids + security_groups = var.sg_ids +} +# ALB LISTENER +resource "aws_lb_listener" "http" { + load_balancer_arn = aws_lb.alb.arn + port = "80" + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.instance.arn + } +} +# ALB Listener rule +resource "aws_lb_listener_rule" "alb-lsn-rule" { + listener_arn = aws_lb_listener.http.arn + priority = 100 + + condition { + path_pattern { + values = ["*"] + } + # field = "path-pattern" + # values = ["*"] + } + + action { + type = "forward" + target_group_arn = aws_lb_target_group.instance.arn + } + depends_on = [ + aws_lb_listener.http + ] +} + +# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group +# ALB TARGET GROUP +resource "aws_lb_target_group" "instance" { + name = "web-tg" + port = 80 + protocol = "HTTP" + vpc_id = var.vpc_id +} + +# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group_attachment +resource "aws_lb_target_group_attachment" "instance" { + target_group_arn = aws_lb_target_group.instance.arn + target_id = var.instance_id + port = 80 +} diff --git a/modules/alb/outputs.tf b/modules/alb/outputs.tf new file mode 100644 index 0000000..02b8012 --- /dev/null +++ b/modules/alb/outputs.tf @@ -0,0 +1,3 @@ +output "alb_tg_arn" { + value = aws_lb_target_group.instance.arn +} \ No newline at end of file diff --git a/modules/alb/variables.tf b/modules/alb/variables.tf new file mode 100644 index 0000000..b821e85 --- /dev/null +++ b/modules/alb/variables.tf @@ -0,0 +1,15 @@ +variable "name" { + type = string +} +variable "subnet_ids" { + type = list(string) +} +variable "sg_ids" { + type = list(string) +} +variable "vpc_id" { + type = string +} +variable "instance_id" { + type = string +} diff --git a/modules/ec2/eks-host.sh b/modules/ec2/eks-host.sh new file mode 100644 index 0000000..db46a2e --- /dev/null +++ b/modules/ec2/eks-host.sh @@ -0,0 +1,11 @@ +curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" +unzip awscliv2.zip +sudo ./aws/install +export PATH=/usr/local/bin:$PATH +source ~/.bash_profile +curl -o /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.23.13/2022-10-31/bin/linux/amd64/kubectl +chmod +x /usr/local/bin/kubectl +yum install -y jq +yum install -y bash-completion +curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp +mv -v /tmp/eksctl /usr/local/bin diff --git a/modules/ec2/main.tf b/modules/ec2/main.tf new file mode 100644 index 0000000..e115e61 --- /dev/null +++ b/modules/ec2/main.tf @@ -0,0 +1,33 @@ +resource "aws_network_interface" "eni" { + # public subnet 여부에 따라 동작방식이 달라짐. + subnet_id = var.public_ip_associate ? var.public_subnet : var.private_subnet + # private_ips = ["172.16.10.100"] + security_groups = var.sg_list + tags = { + Name = "primary_network_interface" + } +} + +resource "aws_instance" "ec2" { + ami = var.ami_name + # "ami-0ab04b3ccbadfae1f" + instance_type = var.instance_type + # "t2.micro" + + user_data = var.user_data_file != null ? file(var.user_data_file) : null + + tags = { + Name = "${var.tag_name}" + } + + primary_network_interface { + network_interface_id = aws_network_interface.eni.id + # device_index = 0 + # delete_on_termination = true + + # security_groups = var.sg_list + + } + + key_name = var.key_name +} \ No newline at end of file diff --git a/modules/ec2/mariadb.sh b/modules/ec2/mariadb.sh new file mode 100644 index 0000000..ad1bc9c --- /dev/null +++ b/modules/ec2/mariadb.sh @@ -0,0 +1,9 @@ +cat <> /etc/yum.repos.d/MariaDB.repo +[mariadb] +name = MariaDB +baseurl = http://yum.mariadb.org/10.3/centos7-amd64 +gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB +gpgcheck = 1 +EOF +yum install mariadb-server -y +systemctl enable --now mariadb \ No newline at end of file diff --git a/modules/ec2/nginx.sh b/modules/ec2/nginx.sh new file mode 100644 index 0000000..5ccba52 --- /dev/null +++ b/modules/ec2/nginx.sh @@ -0,0 +1,3 @@ +yum update -y +amazon-linux-extras install -y nginx1 +systemctl enable --now nginx \ No newline at end of file diff --git a/modules/ec2/outputs.tf b/modules/ec2/outputs.tf new file mode 100644 index 0000000..1acbc42 --- /dev/null +++ b/modules/ec2/outputs.tf @@ -0,0 +1,16 @@ +output "ec2_id" { + value = aws_instance.ec2.id + +} + +output "public_ip_associate" { + value = aws_instance.ec2.associate_public_ip_address + +} + +output "sg_id" { + value = aws_network_interface.eni.security_groups +} +output "private_ip" { + value = aws_instance.ec2.private_ip +} \ No newline at end of file diff --git a/modules/ec2/vailables.tf b/modules/ec2/vailables.tf new file mode 100644 index 0000000..c89c095 --- /dev/null +++ b/modules/ec2/vailables.tf @@ -0,0 +1,46 @@ +variable "ami_name" { + description = "ami name" + type = string +} + +variable "instance_type" { + type = string +} + +variable "tag_name" { + type = string +} + +variable "public_ip_associate" { + type = bool +} +variable "key_name" { + type = string +} +# variable "subnet_id" { +# type = string +# } + +variable "public_subnet" { + type = string +} + +variable "private_subnet" { + type = string +} + +variable "sg_list" { + description = "sg list" + type = list(string) + +} + +variable "user_data_file" { + type = string + default = null +} + +# variable "user_data" { +# type = string +# default = null +# } \ No newline at end of file diff --git a/modules/eip/main.tf b/modules/eip/main.tf new file mode 100644 index 0000000..8d050f5 --- /dev/null +++ b/modules/eip/main.tf @@ -0,0 +1,4 @@ +resource "aws_eip" "lb" { + instance = aws_instance.web.id + vpc = true +} \ No newline at end of file diff --git a/modules/eip/outputs.tf b/modules/eip/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/eip/variables.tf b/modules/eip/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/igw/main.tf b/modules/igw/main.tf new file mode 100644 index 0000000..419b50f --- /dev/null +++ b/modules/igw/main.tf @@ -0,0 +1,7 @@ +resource "aws_internet_gateway" "main" { + vpc_id = var.vpc_id + + tags = { + Name = "${var.tag_name}-igw" + } +} \ No newline at end of file diff --git a/modules/igw/outputs.tf b/modules/igw/outputs.tf new file mode 100644 index 0000000..21cabf2 --- /dev/null +++ b/modules/igw/outputs.tf @@ -0,0 +1,5 @@ +//modules-igw-output +output "igw_id" { + description = "The name of hq-igw id" + value = aws_internet_gateway.main.id +} \ No newline at end of file diff --git a/modules/igw/valiables.tf b/modules/igw/valiables.tf new file mode 100644 index 0000000..1b6592e --- /dev/null +++ b/modules/igw/valiables.tf @@ -0,0 +1,9 @@ +variable "vpc_id" { + description = "set vpc id" + type = string +} + +variable "tag_name" { + description = "value" + type = string +} \ No newline at end of file diff --git a/modules/nat-gateway/main.tf b/modules/nat-gateway/main.tf new file mode 100644 index 0000000..ecca3c8 --- /dev/null +++ b/modules/nat-gateway/main.tf @@ -0,0 +1,22 @@ +resource "aws_eip" "nat-eip" { + lifecycle { + create_before_destroy = true + } +} + +resource "aws_nat_gateway" "main" { + allocation_id = aws_eip.nat-eip.id + subnet_id = var.subnet_id + + tags = { + Name = "${var.tag_name}-ngw" + } + + # To ensure proper ordering, it is recommended to add an explicit dependency + # on the Internet Gateway for the VPC. + # depends_on = [aws_internet_gateway.example] +} +# resource "aws_nat_gateway" "example" { +# connectivity_type = "private" +# subnet_id = aws_subnet.example.id +# } diff --git a/modules/nat-gateway/outputs.tf b/modules/nat-gateway/outputs.tf new file mode 100644 index 0000000..78500c6 --- /dev/null +++ b/modules/nat-gateway/outputs.tf @@ -0,0 +1,4 @@ +output "nat_id" { + value = aws_nat_gateway.main.id + +} \ No newline at end of file diff --git a/modules/nat-gateway/variables.tf b/modules/nat-gateway/variables.tf new file mode 100644 index 0000000..776eb48 --- /dev/null +++ b/modules/nat-gateway/variables.tf @@ -0,0 +1,10 @@ +variable "subnet_id" { + description = "subnet id" + type = string + +} + +variable "tag_name" { + description = "value" + type = string +} \ No newline at end of file diff --git a/modules/route-add/main.tf b/modules/route-add/main.tf new file mode 100644 index 0000000..e22b27e --- /dev/null +++ b/modules/route-add/main.tf @@ -0,0 +1,26 @@ +resource "aws_route" "route-igw-add" { + count = format("%.1s", var.gw_type) == "i" ? 1 : 0 + route_table_id = var.route_id + destination_cidr_block = var.destination_cidr + gateway_id = var.igw_id + depends_on = [var.route_id] +# depends_on = [aws_route_table.testing] +} +resource "aws_route" "route-nat-add" { + count = format("%.1s", var.gw_type) == "n" ? 1 : 0 + route_table_id = var.route_id + destination_cidr_block = var.destination_cidr + nat_gateway_id = var.nat_id + depends_on = [var.route_id] +# depends_on = [aws_route_table.testing] +} + +# transit_gateway_id - +resource "aws_route" "route-tgw-add" { + count = format("%.1s", var.gw_type) == "t" ? 1 : 0 + route_table_id = var.route_id + destination_cidr_block = var.destination_cidr + # "10.0.0.0/8" + transit_gateway_id = var.tgw_id + depends_on = [var.route_id] +} \ No newline at end of file diff --git a/modules/route-add/outputs.tf b/modules/route-add/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/route-add/variables.tf b/modules/route-add/variables.tf new file mode 100644 index 0000000..93bd46d --- /dev/null +++ b/modules/route-add/variables.tf @@ -0,0 +1,30 @@ +variable "destination_cidr" { + description = "destination cidr" + type = string + +} +variable "route_id" { + description = "value" + type = string +} + +variable "gw_type" { + description = "gateway type. nat or igw" + type = string +} +variable "igw_id" { + description = "value" + type = string + default = "null" +} +variable "nat_id" { + description = "value" + type = string + default = "null" +} + +variable "tgw_id" { + description = "value" + type = string + default = "null" +} diff --git a/modules/route-association/main.tf b/modules/route-association/main.tf new file mode 100644 index 0000000..5e467ea --- /dev/null +++ b/modules/route-association/main.tf @@ -0,0 +1,10 @@ +//라우팅 테이블 서브넷 연결 +resource "aws_route_table_association" "route-association" { + # for_each = toset(var.subnet_ids) + # subnet_id = each.value + count = var.association_count + subnet_id = var.subnet_ids[count.index] + route_table_id = var.route_table_id + + +} \ No newline at end of file diff --git a/modules/route-association/outputs.tf b/modules/route-association/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/route-association/variables.tf b/modules/route-association/variables.tf new file mode 100644 index 0000000..6a0feec --- /dev/null +++ b/modules/route-association/variables.tf @@ -0,0 +1,14 @@ +variable "subnet_ids" { + description = "Subnet id" + type = list(any) +} + +variable "route_table_id" { + description = "Subnet id" + type = string +} + +variable "association_count" { + description = "Subnet count" + type = number +} \ No newline at end of file diff --git a/modules/route-table/main.tf b/modules/route-table/main.tf new file mode 100644 index 0000000..0b770e6 --- /dev/null +++ b/modules/route-table/main.tf @@ -0,0 +1,24 @@ +/* +라우팅 테이블에 서브넷을 연결. +라우팅에서 경로 설정. +*/ + +//public +resource "aws_route_table" "main" { + vpc_id = var.vpc_id + tags = { + Name = "${var.tag_name}-rt" + } + +# route { +# cidr_block = "10.0.1.0/24" +# gateway_id = aws_internet_gateway.example.id +# } + +# route { +# ipv6_cidr_block = "::/0" +# egress_only_gateway_id = aws_egress_only_internet_gateway.example.id +# } +} + +//private \ No newline at end of file diff --git a/modules/route-table/outputs.tf b/modules/route-table/outputs.tf new file mode 100644 index 0000000..c475be0 --- /dev/null +++ b/modules/route-table/outputs.tf @@ -0,0 +1,5 @@ +output "route_id" { + description = "get route_public_id" + value = aws_route_table.main.id + +} \ No newline at end of file diff --git a/modules/route-table/variables.tf b/modules/route-table/variables.tf new file mode 100644 index 0000000..e0bbed4 --- /dev/null +++ b/modules/route-table/variables.tf @@ -0,0 +1,8 @@ +variable "tag_name" { + description = "value" + type = string +} +variable "vpc_id" { + description = "set vpc id" + type = string +} \ No newline at end of file diff --git a/modules/sg-rule-add/main.tf b/modules/sg-rule-add/main.tf new file mode 100644 index 0000000..b4141d4 --- /dev/null +++ b/modules/sg-rule-add/main.tf @@ -0,0 +1,16 @@ +resource "aws_security_group_rule" "sg-rule-add" { + # description = "Security groups rule add" + + type = var.type + // rules + for_each = var.rules + from_port = each.value.from_port + to_port = each.value.to_port + protocol = each.value.protocol + cidr_blocks = [each.value.cidr_blocks] + + security_group_id = var.security_group_id + + description = "${var.tag_name}-sg-rule" + +} diff --git a/modules/sg-rule-add/outputs.tf b/modules/sg-rule-add/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/sg-rule-add/variables.tf b/modules/sg-rule-add/variables.tf new file mode 100644 index 0000000..fbf8d91 --- /dev/null +++ b/modules/sg-rule-add/variables.tf @@ -0,0 +1,34 @@ +variable "type" { + description = "security rule type" + type = string +} +# variable "from_port" { +# description = "from port" +# type = number +# } +# variable "to_port" { +# description = "to_port" +# type = number +# } +# variable "protocol" { +# description = "protocol" +# type = string +# } +# variable "cidr_blocks" { +# description = "cidr_blocks" +# type = list(string) +# } + +variable "rules" { + description = "sg rules" + type = map(map(string)) + +} + +variable "security_group_id" { + +} +variable "tag_name" { + description = "tag_name" + type = string +} \ No newline at end of file diff --git a/modules/sg/main.tf b/modules/sg/main.tf new file mode 100644 index 0000000..46b4f72 --- /dev/null +++ b/modules/sg/main.tf @@ -0,0 +1,6 @@ +resource "aws_security_group" "sg" { + description = "Security groups" + name = var.sg_name + vpc_id = var.vpc_id + +} diff --git a/modules/sg/outputs.tf b/modules/sg/outputs.tf new file mode 100644 index 0000000..fb7b098 --- /dev/null +++ b/modules/sg/outputs.tf @@ -0,0 +1,5 @@ +//sg-output +output "sg_id" { + description = "sg id outputs" + value = aws_security_group.sg.id +} \ No newline at end of file diff --git a/modules/sg/variables.tf b/modules/sg/variables.tf new file mode 100644 index 0000000..a7161b1 --- /dev/null +++ b/modules/sg/variables.tf @@ -0,0 +1,9 @@ +variable "sg_name" { + description = "security group name" + type = string +} +variable "vpc_id" { + description = "vpc_id" + type = string + +} diff --git a/modules/vpc-subnet/main.tf b/modules/vpc-subnet/main.tf new file mode 100644 index 0000000..f68dbee --- /dev/null +++ b/modules/vpc-subnet/main.tf @@ -0,0 +1,14 @@ +resource "aws_subnet" "main" { + vpc_id = var.vpc_id + + for_each = var.subnet-az-list + availability_zone = each.value.name + cidr_block = each.value.cidr + + map_public_ip_on_launch = var.public_ip_on ? true : false + + tags = { + Name = "${var.tag_name}-subnet" + } + +} \ No newline at end of file diff --git a/modules/vpc-subnet/outputs.tf b/modules/vpc-subnet/outputs.tf new file mode 100644 index 0000000..501289f --- /dev/null +++ b/modules/vpc-subnet/outputs.tf @@ -0,0 +1,5 @@ +//modules-subnet-outputs +output "subnet" { + description = "Subnets info" + value = aws_subnet.main +} \ No newline at end of file diff --git a/modules/vpc-subnet/valiables.tf b/modules/vpc-subnet/valiables.tf new file mode 100644 index 0000000..bdfd463 --- /dev/null +++ b/modules/vpc-subnet/valiables.tf @@ -0,0 +1,20 @@ +variable "vpc_id" { + description = "set vpc id" + type = string +} + +// reference | https://github.com/davidcsi/terraform/blob/master/healthchecks/main.tf +variable "subnet-az-list" { + description = "Subnet available zone & cidr" + type = map(map(string)) +} + + +variable "public_ip_on" { + type = bool +} + +variable "tag_name" { + description = "value" + type = string +} \ No newline at end of file diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf new file mode 100644 index 0000000..327714b --- /dev/null +++ b/modules/vpc/main.tf @@ -0,0 +1,14 @@ +resource "aws_vpc" "main" { + # cidr_block = "10.3.0.0/16" + cidr_block = var.cidr_block + // instance_tenancy = "default" + + # 인스턴스에 public DNS가 표시되도록 하는 속성 + enable_dns_hostnames = true + enable_dns_support = true + + + tags = { + Name = "${var.tag_name}-vpc" + } +} \ No newline at end of file diff --git a/modules/vpc/outputs.tf b/modules/vpc/outputs.tf new file mode 100644 index 0000000..bdb6bfd --- /dev/null +++ b/modules/vpc/outputs.tf @@ -0,0 +1,10 @@ +//modules-vpc-output +output "vpc_id" { + description = "The name of vpc hq id" + value = aws_vpc.main.id +} + +output "vpc_name" { + value = var.tag_name +} + diff --git a/modules/vpc/valiables.tf b/modules/vpc/valiables.tf new file mode 100644 index 0000000..54f3314 --- /dev/null +++ b/modules/vpc/valiables.tf @@ -0,0 +1,8 @@ +variable "cidr_block" { + description = "value" + type = string +} +variable "tag_name" { + description = "value" + type = string +} diff --git a/modules/vpn_conn/main.tf b/modules/vpn_conn/main.tf new file mode 100644 index 0000000..cc65d11 --- /dev/null +++ b/modules/vpn_conn/main.tf @@ -0,0 +1,17 @@ +resource "aws_vpn_connection" "example" { + customer_gateway_id = var.cgw_id + + transit_gateway_id = var.tgw_id + + type = "ipsec.1" + + tunnel1_preshared_key = var.preshared_key + tunnel2_preshared_key = var.preshared_key + + static_routes_only = true + tags = { + Name = "terraform_ipsec_vpn_example" + } +} +# outside_ip_address_type = "PrivateIpv4" +# transport_transit_gateway_attachment_id = data.aws_ec2_transit_gateway_dx_gateway_attachment.example.id \ No newline at end of file diff --git a/modules/vpn_conn/outputs.tf b/modules/vpn_conn/outputs.tf new file mode 100644 index 0000000..7e5eda0 --- /dev/null +++ b/modules/vpn_conn/outputs.tf @@ -0,0 +1,10 @@ +output "vpn_conn_tunnel-1_ip" { + value = aws_vpn_connection.example.tunnel1_address +} +output "vpn_conn_tunnel-2_ip" { + value = aws_vpn_connection.example.tunnel2_address +} +output "attach_id" { + value = aws_vpn_connection.example.transit_gateway_attachment_id + +} \ No newline at end of file diff --git a/modules/vpn_conn/variables.tf b/modules/vpn_conn/variables.tf new file mode 100644 index 0000000..3665238 --- /dev/null +++ b/modules/vpn_conn/variables.tf @@ -0,0 +1,13 @@ +variable "cgw_id" { + type = string + +} + +variable "tgw_id" { + type = string + +} +variable "preshared_key" { + type = string + +} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..219307d --- /dev/null +++ b/outputs.tf @@ -0,0 +1,35 @@ +//main-outputs +output "aws_id" { + description = "The AWS Account ID." + value = data.aws_caller_identity.this.account_id +} + +output "info_vpc" { + description = "vpc_id & vpc_name" + value = module.vpc +} + +output "info_igw" { + description = "igw info" + value = module.igw +} + +output "info_subnet_ext" { + description = "public subnet info" + value = module.subnet_ext +} + +output "info_ngw" { + description = "ngw_id" + value = module.ngw.nat_id +} + +output "bastion" { + description = "bastion" + value = module.bastion +} + +output "web" { + description = "web" + value = module.web_svr +} \ No newline at end of file diff --git a/terraform.tf b/terraform.tf new file mode 100644 index 0000000..d30e8e5 --- /dev/null +++ b/terraform.tf @@ -0,0 +1,11 @@ +// Terraform Backend +terraform { + cloud { + + organization = "icurfer-demo" + + workspaces { + name = "tf-cloud-backend" + } + } +} \ No newline at end of file diff --git a/terraform.tfstate b/terraform.tfstate new file mode 100644 index 0000000..6e97c2c --- /dev/null +++ b/terraform.tfstate @@ -0,0 +1,2252 @@ +{ + "version": 4, + "terraform_version": "1.13.5", + "serial": 24, + "lineage": "e0aed558-4ec9-71f4-d027-a84494b8dbf5", + "outputs": { + "aws_id": { + "value": "${AWS_ID}", + "type": "string" + }, + "bastion": { + "value": { + "ec2_id": "i-046adf4158bfe6795", + "private_ip": "10.3.1.143", + "public_ip_associate": true, + "sg_id": [ + "sg-09142d65e3a9aaf85" + ] + }, + "type": [ + "object", + { + "ec2_id": "string", + "private_ip": "string", + "public_ip_associate": "bool", + "sg_id": [ + "set", + "string" + ] + } + ] + }, + "info_igw": { + "value": { + "igw_id": "igw-0ee2d92d53f024f58" + }, + "type": [ + "object", + { + "igw_id": "string" + } + ] + }, + "info_ngw": { + "value": "nat-005b00141e8937410", + "type": "string" + }, + "info_subnet_ext": { + "value": { + "subnet": { + "zone-a": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-0bf94eac1514fd868", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2a", + "availability_zone_id": "apne2-az1", + "cidr_block": "10.3.1.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0bf94eac1514fd868", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "zone-c": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-060218ba162a2bee1", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2c", + "availability_zone_id": "apne2-az3", + "cidr_block": "10.3.3.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-060218ba162a2bee1", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + } + } + }, + "type": [ + "object", + { + "subnet": [ + "object", + { + "zone-a": [ + "object", + { + "arn": "string", + "assign_ipv6_address_on_creation": "bool", + "availability_zone": "string", + "availability_zone_id": "string", + "cidr_block": "string", + "customer_owned_ipv4_pool": "string", + "enable_dns64": "bool", + "enable_lni_at_device_index": "number", + "enable_resource_name_dns_a_record_on_launch": "bool", + "enable_resource_name_dns_aaaa_record_on_launch": "bool", + "id": "string", + "ipv6_cidr_block": "string", + "ipv6_cidr_block_association_id": "string", + "ipv6_native": "bool", + "map_customer_owned_ip_on_launch": "bool", + "map_public_ip_on_launch": "bool", + "outpost_arn": "string", + "owner_id": "string", + "private_dns_hostname_type_on_launch": "string", + "region": "string", + "tags": [ + "map", + "string" + ], + "tags_all": [ + "map", + "string" + ], + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "vpc_id": "string" + } + ], + "zone-c": [ + "object", + { + "arn": "string", + "assign_ipv6_address_on_creation": "bool", + "availability_zone": "string", + "availability_zone_id": "string", + "cidr_block": "string", + "customer_owned_ipv4_pool": "string", + "enable_dns64": "bool", + "enable_lni_at_device_index": "number", + "enable_resource_name_dns_a_record_on_launch": "bool", + "enable_resource_name_dns_aaaa_record_on_launch": "bool", + "id": "string", + "ipv6_cidr_block": "string", + "ipv6_cidr_block_association_id": "string", + "ipv6_native": "bool", + "map_customer_owned_ip_on_launch": "bool", + "map_public_ip_on_launch": "bool", + "outpost_arn": "string", + "owner_id": "string", + "private_dns_hostname_type_on_launch": "string", + "region": "string", + "tags": [ + "map", + "string" + ], + "tags_all": [ + "map", + "string" + ], + "timeouts": [ + "object", + { + "create": "string", + "delete": "string" + } + ], + "vpc_id": "string" + } + ] + } + ] + } + ] + }, + "info_vpc": { + "value": { + "vpc_id": "vpc-094d0597c9f7de270", + "vpc_name": "icurfer-demo" + }, + "type": [ + "object", + { + "vpc_id": "string", + "vpc_name": "string" + } + ] + }, + "web": { + "value": { + "ec2_id": "i-061ac79742fb62f9a", + "private_ip": "10.3.2.166", + "public_ip_associate": false, + "sg_id": [ + "sg-09de01b8aba29f83b" + ] + }, + "type": [ + "object", + { + "ec2_id": "string", + "private_ip": "string", + "public_ip_associate": "bool", + "sg_id": [ + "set", + "string" + ] + } + ] + } + }, + "resources": [ + { + "mode": "data", + "type": "aws_caller_identity", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "account_id": "${AWS_ID}", + "arn": "arn:aws:iam::${AWS_ID}:user/icurfer-demo", + "id": "${AWS_ID}", + "user_id": "AIDAWQ4CBXWFJSQBH62TS" + }, + "sensitive_attributes": [], + "identity_schema_version": 0 + } + ] + }, + { + "module": "module.alb", + "mode": "managed", + "type": "aws_lb", + "name": "alb", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:loadbalancer/app/icurfer-demo-alb/cfca3d19b8b78a49", + "arn_suffix": "app/icurfer-demo-alb/cfca3d19b8b78a49", + "client_keep_alive": 3600, + "connection_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "customer_owned_ipv4_pool": "", + "desync_mitigation_mode": "defensive", + "dns_name": "icurfer-demo-alb-1209844126.ap-northeast-2.elb.amazonaws.com", + "dns_record_client_routing_policy": null, + "drop_invalid_header_fields": false, + "enable_cross_zone_load_balancing": true, + "enable_deletion_protection": false, + "enable_http2": true, + "enable_tls_version_and_cipher_suite_headers": false, + "enable_waf_fail_open": false, + "enable_xff_client_port": false, + "enable_zonal_shift": false, + "enforce_security_group_inbound_rules_on_private_link_traffic": "", + "id": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:loadbalancer/app/icurfer-demo-alb/cfca3d19b8b78a49", + "idle_timeout": 60, + "internal": false, + "ip_address_type": "ipv4", + "ipam_pools": [], + "load_balancer_type": "application", + "minimum_load_balancer_capacity": [], + "name": "icurfer-demo-alb", + "name_prefix": "", + "preserve_host_header": false, + "region": "ap-northeast-2", + "secondary_ips_auto_assigned_per_subnet": null, + "security_groups": [ + "sg-0b990b7962b1a40c7" + ], + "subnet_mapping": [ + { + "allocation_id": "", + "ipv6_address": "", + "outpost_id": "", + "private_ipv4_address": "", + "subnet_id": "subnet-060218ba162a2bee1" + }, + { + "allocation_id": "", + "ipv6_address": "", + "outpost_id": "", + "private_ipv4_address": "", + "subnet_id": "subnet-0bf94eac1514fd868" + } + ], + "subnets": [ + "subnet-060218ba162a2bee1", + "subnet-0bf94eac1514fd868" + ], + "tags": {}, + "tags_all": {}, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270", + "xff_header_processing_mode": "append", + "zone_id": "ZWKZPGTI48KDX" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:loadbalancer/app/icurfer-demo-alb/cfca3d19b8b78a49" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.alb_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb", + "mode": "managed", + "type": "aws_lb_listener", + "name": "http", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alpn_policy": null, + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f", + "load_balancer_arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:loadbalancer/app/icurfer-demo-alb/cfca3d19b8b78a49", + "mutual_authentication": [], + "port": 80, + "protocol": "HTTP", + "region": "ap-northeast-2", + "routing_http_request_x_amzn_mtls_clientcert_header_name": null, + "routing_http_request_x_amzn_mtls_clientcert_issuer_header_name": null, + "routing_http_request_x_amzn_mtls_clientcert_leaf_header_name": null, + "routing_http_request_x_amzn_mtls_clientcert_serial_number_header_name": null, + "routing_http_request_x_amzn_mtls_clientcert_subject_header_name": null, + "routing_http_request_x_amzn_mtls_clientcert_validity_header_name": null, + "routing_http_request_x_amzn_tls_cipher_suite_header_name": null, + "routing_http_request_x_amzn_tls_version_header_name": null, + "routing_http_response_access_control_allow_credentials_header_value": "", + "routing_http_response_access_control_allow_headers_header_value": "", + "routing_http_response_access_control_allow_methods_header_value": "", + "routing_http_response_access_control_allow_origin_header_value": "", + "routing_http_response_access_control_expose_headers_header_value": "", + "routing_http_response_access_control_max_age_header_value": "", + "routing_http_response_content_security_policy_header_value": "", + "routing_http_response_server_enabled": true, + "routing_http_response_strict_transport_security_header_value": "", + "routing_http_response_x_content_type_options_header_value": "", + "routing_http_response_x_frame_options_header_value": "", + "ssl_policy": "", + "tags": {}, + "tags_all": {}, + "tcp_idle_timeout_seconds": null, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsInVwZGF0ZSI6MzAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.alb.aws_lb.alb", + "module.alb.aws_lb_target_group.instance", + "module.alb_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb", + "mode": "managed", + "type": "aws_lb_listener_rule", + "name": "alb-lsn-rule", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f", + "type": "forward" + } + ], + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener-rule/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f/76e733b43a3dac43", + "condition": [ + { + "host_header": [], + "http_header": [], + "http_request_method": [], + "path_pattern": [ + { + "regex_values": [], + "values": [ + "*" + ] + } + ], + "query_string": [], + "source_ip": [] + } + ], + "id": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener-rule/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f/76e733b43a3dac43", + "listener_arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f", + "priority": 100, + "region": "ap-northeast-2", + "tags": {}, + "tags_all": {}, + "transform": [] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:listener-rule/app/icurfer-demo-alb/cfca3d19b8b78a49/c08c4af125a9ed6f/76e733b43a3dac43" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.alb.aws_lb.alb", + "module.alb.aws_lb_listener.http", + "module.alb.aws_lb_target_group.instance", + "module.alb_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb", + "mode": "managed", + "type": "aws_lb_target_group", + "name": "instance", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f", + "arn_suffix": "targetgroup/web-tg/346ef474807f527f", + "connection_termination": null, + "deregistration_delay": "300", + "health_check": [ + { + "enabled": true, + "healthy_threshold": 5, + "interval": 30, + "matcher": "200", + "path": "/", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 2 + } + ], + "id": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f", + "ip_address_type": "ipv4", + "lambda_multi_value_headers_enabled": false, + "load_balancer_arns": [ + "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:loadbalancer/app/icurfer-demo-alb/cfca3d19b8b78a49" + ], + "load_balancing_algorithm_type": "round_robin", + "load_balancing_anomaly_mitigation": "off", + "load_balancing_cross_zone_enabled": "use_load_balancer_configuration", + "name": "web-tg", + "name_prefix": "", + "port": 80, + "preserve_client_ip": null, + "protocol": "HTTP", + "protocol_version": "HTTP1", + "proxy_protocol_v2": false, + "region": "ap-northeast-2", + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "cookie_name": "", + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": {}, + "tags_all": {}, + "target_failover": [ + { + "on_deregistration": null, + "on_unhealthy": null + } + ], + "target_group_health": [ + { + "dns_failover": [ + { + "minimum_healthy_targets_count": "1", + "minimum_healthy_targets_percentage": "off" + } + ], + "unhealthy_state_routing": [ + { + "minimum_healthy_targets_count": 1, + "minimum_healthy_targets_percentage": "off" + } + ] + } + ], + "target_health_state": [ + { + "enable_unhealthy_connection_termination": null, + "unhealthy_draining_interval": null + } + ], + "target_type": "instance", + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.alb_sg.aws_security_group.sg", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb", + "mode": "managed", + "type": "aws_lb_target_group_attachment", + "name": "instance", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f-20251114173146343200000001", + "port": 80, + "region": "ap-northeast-2", + "target_group_arn": "arn:aws:elasticloadbalancing:ap-northeast-2:${AWS_ID}:targetgroup/web-tg/346ef474807f527f", + "target_id": "i-061ac79742fb62f9a" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.alb.aws_lb_target_group.instance", + "module.alb_sg.aws_security_group.sg", + "module.ngw.aws_eip.nat-eip", + "module.ngw.aws_nat_gateway.main", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg", + "module.web_svr.aws_instance.ec2", + "module.web_svr.aws_network_interface.eni" + ] + } + ] + }, + { + "module": "module.alb_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "sg", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:security-group/sg-0b990b7962b1a40c7", + "description": "Security groups", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0b990b7962b1a40c7", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + } + ], + "name": "icurfer-demo-alb-sg", + "name_prefix": "", + "owner_id": "${AWS_ID}", + "region": "ap-northeast-2", + "revoke_rules_on_delete": false, + "tags": {}, + "tags_all": {}, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "sg-0b990b7962b1a40c7", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb_sg_egress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ssh", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "id": "sgrule-4061797488", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "-1", + "region": "ap-northeast-2", + "security_group_id": "sg-0b990b7962b1a40c7", + "security_group_rule_id": "sgr-0f95caacb915475ab", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 0, + "type": "egress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.alb_sg.aws_security_group.sg", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.alb_sg_ingress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "http", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 80, + "id": "sgrule-1733558737", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "region": "ap-northeast-2", + "security_group_id": "sg-0b990b7962b1a40c7", + "security_group_rule_id": "sgr-03e037fd81a46cc57", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 80, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.alb_sg.aws_security_group.sg", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.bastion", + "mode": "managed", + "type": "aws_instance", + "name": "ec2", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 2, + "attributes": { + "ami": "ami-010be25c3775061c9", + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:instance/i-046adf4158bfe6795", + "associate_public_ip_address": true, + "availability_zone": "ap-northeast-2a", + "capacity_reservation_specification": [ + { + "capacity_reservation_preference": "open", + "capacity_reservation_target": [] + } + ], + "cpu_options": [ + { + "amd_sev_snp": "", + "core_count": 1, + "threads_per_core": 1 + } + ], + "credit_specification": [ + { + "cpu_credits": "standard" + } + ], + "disable_api_stop": false, + "disable_api_termination": false, + "ebs_block_device": [], + "ebs_optimized": false, + "enable_primary_ipv6": null, + "enclave_options": [ + { + "enabled": false + } + ], + "ephemeral_block_device": [], + "force_destroy": false, + "get_password_data": false, + "hibernation": false, + "host_id": "", + "host_resource_group_arn": null, + "iam_instance_profile": "", + "id": "i-046adf4158bfe6795", + "instance_initiated_shutdown_behavior": "stop", + "instance_lifecycle": "", + "instance_market_options": [], + "instance_state": "running", + "instance_type": "t2.micro", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "icurfer-demo", + "launch_template": [], + "maintenance_options": [ + { + "auto_recovery": "default" + } + ], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_protocol_ipv6": "disabled", + "http_put_response_hop_limit": 1, + "http_tokens": "optional", + "instance_metadata_tags": "disabled" + } + ], + "monitoring": false, + "network_interface": [], + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "placement_group_id": "", + "placement_partition_number": 0, + "primary_network_interface": [ + { + "delete_on_termination": false, + "network_interface_id": "eni-0e16a7a0542f62fad" + } + ], + "primary_network_interface_id": "eni-0e16a7a0542f62fad", + "private_dns": "ip-10-3-1-143.ap-northeast-2.compute.internal", + "private_dns_name_options": [ + { + "enable_resource_name_dns_a_record": false, + "enable_resource_name_dns_aaaa_record": false, + "hostname_type": "ip-name" + } + ], + "private_ip": "10.3.1.143", + "public_dns": "ec2-43-201-31-200.ap-northeast-2.compute.amazonaws.com", + "public_ip": "43.201.31.200", + "region": "ap-northeast-2", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/sda1", + "encrypted": false, + "iops": 100, + "kms_key_id": "", + "tags": {}, + "tags_all": {}, + "throughput": 0, + "volume_id": "vol-0a56f44d36a2724bc", + "volume_size": 8, + "volume_type": "gp2" + } + ], + "secondary_private_ips": [], + "security_groups": [], + "source_dest_check": true, + "spot_instance_request_id": "", + "subnet_id": "subnet-0bf94eac1514fd868", + "tags": { + "Name": "bastion" + }, + "tags_all": { + "Name": "bastion" + }, + "tenancy": "default", + "timeouts": null, + "user_data": null, + "user_data_base64": null, + "user_data_replace_on_change": false, + "volume_tags": null, + "vpc_security_group_ids": [ + "sg-09142d65e3a9aaf85" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "i-046adf4158bfe6795", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwicmVhZCI6OTAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9", + "dependencies": [ + "module.bastion.aws_network_interface.eni", + "module.bastion_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.bastion", + "mode": "managed", + "type": "aws_network_interface", + "name": "eni", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:network-interface/eni-0e16a7a0542f62fad", + "attachment": [ + { + "attachment_id": "eni-attach-01cc7b433a07391bf", + "device_index": 0, + "instance": "i-046adf4158bfe6795", + "network_card_index": 0 + } + ], + "description": "", + "enable_primary_ipv6": null, + "id": "eni-0e16a7a0542f62fad", + "interface_type": "interface", + "ipv4_prefix_count": 0, + "ipv4_prefixes": [], + "ipv6_address_count": 0, + "ipv6_address_list": [], + "ipv6_address_list_enabled": false, + "ipv6_addresses": [], + "ipv6_prefix_count": 0, + "ipv6_prefixes": [], + "mac_address": "02:fc:21:1f:44:99", + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_name": "ip-10-3-1-143.ap-northeast-2.compute.internal", + "private_ip": "10.3.1.143", + "private_ip_list": [ + "10.3.1.143" + ], + "private_ip_list_enabled": false, + "private_ips": [ + "10.3.1.143" + ], + "private_ips_count": 0, + "region": "ap-northeast-2", + "security_groups": [ + "sg-09142d65e3a9aaf85" + ], + "source_dest_check": true, + "subnet_id": "subnet-0bf94eac1514fd868", + "tags": { + "Name": "primary_network_interface" + }, + "tags_all": { + "Name": "primary_network_interface" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.bastion_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.bastion_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "sg", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:security-group/sg-09142d65e3a9aaf85", + "description": "Security groups", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-09142d65e3a9aaf85", + "ingress": [ + { + "cidr_blocks": [ + "140.245.71.192/32" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 22, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22 + } + ], + "name": "icurfer-demo-bastion-sg", + "name_prefix": "", + "owner_id": "${AWS_ID}", + "region": "ap-northeast-2", + "revoke_rules_on_delete": false, + "tags": {}, + "tags_all": {}, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "sg-09142d65e3a9aaf85", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.bastion_sg_egress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ssh", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "id": "sgrule-2100603008", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "-1", + "region": "ap-northeast-2", + "security_group_id": "sg-09142d65e3a9aaf85", + "security_group_rule_id": "sgr-0f32711cd46a0d8ae", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 0, + "type": "egress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.bastion_sg.aws_security_group.sg", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.bastion_sg_ingress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ssh", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "140.245.71.192/32" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 22, + "id": "sgrule-3487828899", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "region": "ap-northeast-2", + "security_group_id": "sg-09142d65e3a9aaf85", + "security_group_rule_id": "sgr-0adb077887de6b592", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 22, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.bastion_sg.aws_security_group.sg", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.igw", + "mode": "managed", + "type": "aws_internet_gateway", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:internet-gateway/igw-0ee2d92d53f024f58", + "id": "igw-0ee2d92d53f024f58", + "owner_id": "${AWS_ID}", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-igw" + }, + "tags_all": { + "Name": "icurfer-demo-igw" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.ngw", + "mode": "managed", + "type": "aws_eip", + "name": "nat-eip", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address": null, + "allocation_id": "eipalloc-001e6b4f360b452bb", + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:elastic-ip/eipalloc-001e6b4f360b452bb", + "associate_with_private_ip": null, + "association_id": "eipassoc-01706e3c27d57aae3", + "carrier_ip": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-001e6b4f360b452bb", + "instance": "", + "ipam_pool_id": null, + "network_border_group": "ap-northeast-2", + "network_interface": "eni-095145bcc52ec8306", + "private_dns": "ip-10-3-1-216.ap-northeast-2.compute.internal", + "private_ip": "10.3.1.216", + "ptr_record": "", + "public_dns": "ec2-13-209-239-239.ap-northeast-2.compute.amazonaws.com", + "public_ip": "13.209.239.239", + "public_ipv4_pool": "amazon", + "region": "ap-northeast-2", + "tags": {}, + "tags_all": {}, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.ngw", + "mode": "managed", + "type": "aws_nat_gateway", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-001e6b4f360b452bb", + "association_id": "eipassoc-01706e3c27d57aae3", + "connectivity_type": "public", + "id": "nat-005b00141e8937410", + "network_interface_id": "eni-095145bcc52ec8306", + "private_ip": "10.3.1.216", + "public_ip": "13.209.239.239", + "region": "ap-northeast-2", + "secondary_allocation_ids": [], + "secondary_private_ip_address_count": 0, + "secondary_private_ip_addresses": [], + "subnet_id": "subnet-0bf94eac1514fd868", + "tags": { + "Name": "icurfer-demo-ngw" + }, + "tags_all": { + "Name": "icurfer-demo-ngw" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTgwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.ngw.aws_eip.nat-eip", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_add", + "mode": "managed", + "type": "aws_route", + "name": "route-igw-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-0ee2d92d53f024f58", + "id": "r-rtb-0baf654d0b000bede1080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "origin": "CreateRoute", + "region": "ap-northeast-2", + "route_table_id": "rtb-0baf654d0b000bede", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": null, + "region": "ap-northeast-2", + "route_table_id": "rtb-0baf654d0b000bede" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.igw.aws_internet_gateway.main", + "module.route_public.aws_route_table.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_add_nat", + "mode": "managed", + "type": "aws_route", + "name": "route-nat-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "carrier_gateway_id": "", + "core_network_arn": "", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-00de7d014a0da356d1080289494", + "instance_id": "", + "instance_owner_id": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-005b00141e8937410", + "network_interface_id": "", + "origin": "CreateRoute", + "region": "ap-northeast-2", + "route_table_id": "rtb-00de7d014a0da356d", + "state": "active", + "timeouts": null, + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": null, + "region": "ap-northeast-2", + "route_table_id": "rtb-00de7d014a0da356d" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.ngw.aws_eip.nat-eip", + "module.ngw.aws_nat_gateway.main", + "module.route_private.aws_route_table.main", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_association", + "mode": "managed", + "type": "aws_route_table_association", + "name": "route-association", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0eca570af20701aca", + "region": "ap-northeast-2", + "route_table_id": "rtb-0baf654d0b000bede", + "subnet_id": "subnet-0bf94eac1514fd868", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.route_public.aws_route_table.main", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-0c42948b363f39d6f", + "region": "ap-northeast-2", + "route_table_id": "rtb-0baf654d0b000bede", + "subnet_id": "subnet-060218ba162a2bee1", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.route_public.aws_route_table.main", + "module.subnet_ext.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_association_nat", + "mode": "managed", + "type": "aws_route_table_association", + "name": "route-association", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-05dc35d613ad0485c", + "region": "ap-northeast-2", + "route_table_id": "rtb-00de7d014a0da356d", + "subnet_id": "subnet-0a2b1a87f06b6beb4", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.route_private.aws_route_table.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway_id": "", + "id": "rtbassoc-061e1dd46ab376d11", + "region": "ap-northeast-2", + "route_table_id": "rtb-00de7d014a0da356d", + "subnet_id": "subnet-0357469df090fe600", + "timeouts": null + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.route_private.aws_route_table.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_private", + "mode": "managed", + "type": "aws_route_table", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:route-table/rtb-00de7d014a0da356d", + "id": "rtb-00de7d014a0da356d", + "owner_id": "${AWS_ID}", + "propagating_vgws": [], + "region": "ap-northeast-2", + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "nat-005b00141e8937410", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "icurfer-demo-int-rt" + }, + "tags_all": { + "Name": "icurfer-demo-int-rt" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "rtb-00de7d014a0da356d", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.route_public", + "mode": "managed", + "type": "aws_route_table", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:route-table/rtb-0baf654d0b000bede", + "id": "rtb-0baf654d0b000bede", + "owner_id": "${AWS_ID}", + "propagating_vgws": [], + "region": "ap-northeast-2", + "route": [ + { + "carrier_gateway_id": "", + "cidr_block": "0.0.0.0/0", + "core_network_arn": "", + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-0ee2d92d53f024f58", + "ipv6_cidr_block": "", + "local_gateway_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "transit_gateway_id": "", + "vpc_endpoint_id": "", + "vpc_peering_connection_id": "" + } + ], + "tags": { + "Name": "icurfer-demo-ext-rt" + }, + "tags_all": { + "Name": "icurfer-demo-ext-rt" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "rtb-0baf654d0b000bede", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.subnet_ext", + "mode": "managed", + "type": "aws_subnet", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "zone-a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-0bf94eac1514fd868", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2a", + "availability_zone_id": "apne2-az1", + "cidr_block": "10.3.1.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0bf94eac1514fd868", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "subnet-0bf94eac1514fd868", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.main" + ], + "create_before_destroy": true + }, + { + "index_key": "zone-c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-060218ba162a2bee1", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2c", + "availability_zone_id": "apne2-az3", + "cidr_block": "10.3.3.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-060218ba162a2bee1", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "subnet-060218ba162a2bee1", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.main" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.subnet_int", + "mode": "managed", + "type": "aws_subnet", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "zone-a", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-0a2b1a87f06b6beb4", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2a", + "availability_zone_id": "apne2-az1", + "cidr_block": "10.3.2.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0a2b1a87f06b6beb4", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "subnet-0a2b1a87f06b6beb4", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + }, + { + "index_key": "zone-c", + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:subnet/subnet-0357469df090fe600", + "assign_ipv6_address_on_creation": false, + "availability_zone": "ap-northeast-2c", + "availability_zone_id": "apne2-az3", + "cidr_block": "10.3.4.0/24", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": false, + "id": "subnet-0357469df090fe600", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_hostname_type_on_launch": "ip-name", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-subnet" + }, + "tags_all": { + "Name": "icurfer-demo-subnet" + }, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "subnet-0357469df090fe600", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_vpc", + "name": "main", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:vpc/vpc-094d0597c9f7de270", + "assign_generated_ipv6_cidr_block": false, + "cidr_block": "10.3.0.0/16", + "default_network_acl_id": "acl-038acdff82dee941a", + "default_route_table_id": "rtb-0631cc424c5b39ac7", + "default_security_group_id": "sg-03defe67960fcbac0", + "dhcp_options_id": "dopt-016212e28ae9032c1", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "enable_network_address_usage_metrics": false, + "id": "vpc-094d0597c9f7de270", + "instance_tenancy": "default", + "ipv4_ipam_pool_id": null, + "ipv4_netmask_length": null, + "ipv6_association_id": "", + "ipv6_cidr_block": "", + "ipv6_cidr_block_network_border_group": "", + "ipv6_ipam_pool_id": "", + "ipv6_netmask_length": 0, + "main_route_table_id": "rtb-0631cc424c5b39ac7", + "owner_id": "${AWS_ID}", + "region": "ap-northeast-2", + "tags": { + "Name": "icurfer-demo-vpc" + }, + "tags_all": { + "Name": "icurfer-demo-vpc" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "vpc-094d0597c9f7de270", + "region": "ap-northeast-2" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "create_before_destroy": true + } + ] + }, + { + "module": "module.web_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "sg", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:security-group/sg-09de01b8aba29f83b", + "description": "Security groups", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-09de01b8aba29f83b", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + }, + { + "cidr_blocks": [ + "10.3.1.143/32" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 22, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22 + } + ], + "name": "icurfer-demo-web-sg", + "name_prefix": "", + "owner_id": "${AWS_ID}", + "region": "ap-northeast-2", + "revoke_rules_on_delete": false, + "tags": {}, + "tags_all": {}, + "timeouts": null, + "vpc_id": "vpc-094d0597c9f7de270" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "sg-09de01b8aba29f83b", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.vpc.aws_vpc.main" + ] + } + ] + }, + { + "module": "module.web_sg_egress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "ssh", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 0, + "id": "sgrule-1009189752", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "-1", + "region": "ap-northeast-2", + "security_group_id": "sg-09de01b8aba29f83b", + "security_group_rule_id": "sgr-0976d1555c00ab99c", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 0, + "type": "egress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg" + ] + } + ] + }, + { + "module": "module.web_sg_ingress", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "sg-rule-add", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": "http", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 80, + "id": "sgrule-3420894346", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "region": "ap-northeast-2", + "security_group_id": "sg-09de01b8aba29f83b", + "security_group_rule_id": "sgr-0bff1fb2fff37ebe3", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 80, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.bastion.aws_instance.ec2", + "module.bastion.aws_network_interface.eni", + "module.bastion_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg" + ] + }, + { + "index_key": "ssh", + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.3.1.143/32" + ], + "description": "icurfer-demo-sg-rule", + "from_port": 22, + "id": "sgrule-3174725373", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "region": "ap-northeast-2", + "security_group_id": "sg-09de01b8aba29f83b", + "security_group_rule_id": "sgr-03f01e0876ef8b65d", + "self": false, + "source_security_group_id": null, + "timeouts": null, + "to_port": 22, + "type": "ingress" + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.bastion.aws_instance.ec2", + "module.bastion.aws_network_interface.eni", + "module.bastion_sg.aws_security_group.sg", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg" + ] + } + ] + }, + { + "module": "module.web_svr", + "mode": "managed", + "type": "aws_instance", + "name": "ec2", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 2, + "attributes": { + "ami": "ami-010be25c3775061c9", + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:instance/i-061ac79742fb62f9a", + "associate_public_ip_address": false, + "availability_zone": "ap-northeast-2a", + "capacity_reservation_specification": [ + { + "capacity_reservation_preference": "open", + "capacity_reservation_target": [] + } + ], + "cpu_options": [ + { + "amd_sev_snp": "", + "core_count": 1, + "threads_per_core": 1 + } + ], + "credit_specification": [ + { + "cpu_credits": "standard" + } + ], + "disable_api_stop": false, + "disable_api_termination": false, + "ebs_block_device": [], + "ebs_optimized": false, + "enable_primary_ipv6": null, + "enclave_options": [ + { + "enabled": false + } + ], + "ephemeral_block_device": [], + "force_destroy": false, + "get_password_data": false, + "hibernation": false, + "host_id": "", + "host_resource_group_arn": null, + "iam_instance_profile": "", + "id": "i-061ac79742fb62f9a", + "instance_initiated_shutdown_behavior": "stop", + "instance_lifecycle": "", + "instance_market_options": [], + "instance_state": "running", + "instance_type": "t2.micro", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "icurfer-demo", + "launch_template": [], + "maintenance_options": [ + { + "auto_recovery": "default" + } + ], + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_protocol_ipv6": "disabled", + "http_put_response_hop_limit": 1, + "http_tokens": "optional", + "instance_metadata_tags": "disabled" + } + ], + "monitoring": false, + "network_interface": [], + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "placement_group_id": "", + "placement_partition_number": 0, + "primary_network_interface": [ + { + "delete_on_termination": false, + "network_interface_id": "eni-067bc63bbbcf070e0" + } + ], + "primary_network_interface_id": "eni-067bc63bbbcf070e0", + "private_dns": "ip-10-3-2-166.ap-northeast-2.compute.internal", + "private_dns_name_options": [ + { + "enable_resource_name_dns_a_record": false, + "enable_resource_name_dns_aaaa_record": false, + "hostname_type": "ip-name" + } + ], + "private_ip": "10.3.2.166", + "public_dns": "", + "public_ip": "", + "region": "ap-northeast-2", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/sda1", + "encrypted": false, + "iops": 100, + "kms_key_id": "", + "tags": {}, + "tags_all": {}, + "throughput": 0, + "volume_id": "vol-0072a5a0d55072319", + "volume_size": 8, + "volume_type": "gp2" + } + ], + "secondary_private_ips": [], + "security_groups": [], + "source_dest_check": true, + "spot_instance_request_id": "", + "subnet_id": "subnet-0a2b1a87f06b6beb4", + "tags": { + "Name": "web" + }, + "tags_all": { + "Name": "web" + }, + "tenancy": "default", + "timeouts": null, + "user_data": "#!/bin/bash\nset -e\n\n# Update and install docker\napt update -y\napt install -y docker.io\n\n# Enable \u0026 start Docker\nsystemctl enable docker\nsystemctl start docker\n\n# Wait for docker daemon to be ready\ntries=0\nwhile ! docker info \u003e/dev/null 2\u003e\u00261; do\n tries=$((tries+1))\n echo \"Waiting for Docker... ($tries)\"\n sleep 30\ndone\n\n# Run the helloworld container\ndocker run -d --name hello -p 80:8080 testcontainers/helloworld:1.2.0", + "user_data_base64": null, + "user_data_replace_on_change": false, + "volume_tags": null, + "vpc_security_group_ids": [ + "sg-09de01b8aba29f83b" + ] + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "identity": { + "account_id": "${AWS_ID}", + "id": "i-061ac79742fb62f9a", + "region": "ap-northeast-2" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwicmVhZCI6OTAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9", + "dependencies": [ + "module.ngw.aws_eip.nat-eip", + "module.ngw.aws_nat_gateway.main", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg", + "module.web_svr.aws_network_interface.eni" + ] + } + ] + }, + { + "module": "module.web_svr", + "mode": "managed", + "type": "aws_network_interface", + "name": "eni", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:ap-northeast-2:${AWS_ID}:network-interface/eni-067bc63bbbcf070e0", + "attachment": [ + { + "attachment_id": "eni-attach-06745c1e3ac066527", + "device_index": 0, + "instance": "i-061ac79742fb62f9a", + "network_card_index": 0 + } + ], + "description": "", + "enable_primary_ipv6": null, + "id": "eni-067bc63bbbcf070e0", + "interface_type": "interface", + "ipv4_prefix_count": 0, + "ipv4_prefixes": [], + "ipv6_address_count": 0, + "ipv6_address_list": [], + "ipv6_address_list_enabled": false, + "ipv6_addresses": [], + "ipv6_prefix_count": 0, + "ipv6_prefixes": [], + "mac_address": "02:49:56:c6:c5:bb", + "outpost_arn": "", + "owner_id": "${AWS_ID}", + "private_dns_name": "ip-10-3-2-166.ap-northeast-2.compute.internal", + "private_ip": "10.3.2.166", + "private_ip_list": [ + "10.3.2.166" + ], + "private_ip_list_enabled": false, + "private_ips": [ + "10.3.2.166" + ], + "private_ips_count": 0, + "region": "ap-northeast-2", + "security_groups": [ + "sg-09de01b8aba29f83b" + ], + "source_dest_check": true, + "subnet_id": "subnet-0a2b1a87f06b6beb4", + "tags": { + "Name": "primary_network_interface" + }, + "tags_all": { + "Name": "primary_network_interface" + } + }, + "sensitive_attributes": [], + "identity_schema_version": 0, + "private": "bnVsbA==", + "dependencies": [ + "module.ngw.aws_eip.nat-eip", + "module.ngw.aws_nat_gateway.main", + "module.subnet_ext.aws_subnet.main", + "module.subnet_int.aws_subnet.main", + "module.vpc.aws_vpc.main", + "module.web_sg.aws_security_group.sg" + ] + } + ] + } + ], + "check_results": null +} +