init

modules/alb/main.tf

@@ -0,0 +1,55 @@
+#로드밸런서
+resource "aws_lb" "alb" {
+    name = "${var.name}-alb" 
+    load_balancer_type = "application"
+    subnets = var.subnet_ids
+    security_groups = var.sg_ids
+}
+# ALB LISTENER
+resource "aws_lb_listener" "http" {
+    load_balancer_arn = aws_lb.alb.arn
+    port = "80"
+    protocol = "HTTP"
+
+    default_action {
+        type             = "forward"
+        target_group_arn = aws_lb_target_group.instance.arn
+    }
+}
+# ALB Listener rule
+resource "aws_lb_listener_rule" "alb-lsn-rule" {
+  listener_arn = aws_lb_listener.http.arn
+  priority     = 100
+
+  condition {
+    path_pattern {
+      values = ["*"]
+    }
+    # field = "path-pattern"
+    # values = ["*"]
+  }
+
+  action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.instance.arn
+  }
+  depends_on = [
+    aws_lb_listener.http
+  ]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group
+# ALB TARGET GROUP
+resource "aws_lb_target_group" "instance" {
+  name     = "web-tg"
+  port     = 80
+  protocol = "HTTP"
+  vpc_id   = var.vpc_id
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group_attachment
+resource "aws_lb_target_group_attachment" "instance" {
+  target_group_arn = aws_lb_target_group.instance.arn
+  target_id        = var.instance_id
+  port             = 80
+}

modules/alb/outputs.tf

@@ -0,0 +1,3 @@
+output "alb_tg_arn" {
+    value = aws_lb_target_group.instance.arn
+}

modules/alb/variables.tf

@@ -0,0 +1,15 @@
+variable "name" {
+    type = string
+}
+variable "subnet_ids" {
+    type = list(string)
+}
+variable "sg_ids" {
+    type = list(string)
+}
+variable "vpc_id" {
+    type = string
+}
+variable "instance_id" {
+    type = string
+}

modules/ec2/eks-host.sh

@@ -0,0 +1,11 @@
+curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
+unzip awscliv2.zip
+sudo ./aws/install
+export PATH=/usr/local/bin:$PATH
+source ~/.bash_profile
+curl -o /usr/local/bin/kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.23.13/2022-10-31/bin/linux/amd64/kubectl
+chmod +x /usr/local/bin/kubectl
+yum install -y jq
+yum install -y bash-completion
+curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
+mv -v /tmp/eksctl /usr/local/bin

modules/ec2/main.tf

@@ -0,0 +1,33 @@
+resource "aws_network_interface" "eni" {
+  # public subnet 여부에 따라 동작방식이 달라짐.
+  subnet_id = var.public_ip_associate ? var.public_subnet : var.private_subnet
+  # private_ips = ["172.16.10.100"]
+  security_groups = var.sg_list
+  tags = {
+    Name = "primary_network_interface"
+  }
+}
+
+resource "aws_instance" "ec2" {
+  ami = var.ami_name
+  # "ami-0ab04b3ccbadfae1f"
+  instance_type = var.instance_type
+  # "t2.micro"
+  
+  user_data = var.user_data_file != null ? file(var.user_data_file) : null
+
+  tags = {
+    Name = "${var.tag_name}"
+  }
+
+  primary_network_interface {
+    network_interface_id = aws_network_interface.eni.id
+    # device_index         = 0
+    # delete_on_termination = true
+    
+    # security_groups = var.sg_list
+    
+  }
+  
+  key_name = var.key_name
+}

modules/ec2/mariadb.sh

@@ -0,0 +1,9 @@
+cat <<EOF>> /etc/yum.repos.d/MariaDB.repo
+[mariadb]
+name = MariaDB
+baseurl = http://yum.mariadb.org/10.3/centos7-amd64
+gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
+gpgcheck = 1
+EOF
+yum install mariadb-server -y
+systemctl enable --now mariadb

modules/ec2/nginx.sh

@@ -0,0 +1,3 @@
+yum update -y
+amazon-linux-extras install -y nginx1
+systemctl enable --now nginx

modules/ec2/outputs.tf

@@ -0,0 +1,16 @@
+output "ec2_id" {
+    value = aws_instance.ec2.id
+  
+}
+
+output "public_ip_associate" {
+    value = aws_instance.ec2.associate_public_ip_address
+  
+}
+
+output "sg_id" {
+    value = aws_network_interface.eni.security_groups
+}
+output "private_ip" {
+    value = aws_instance.ec2.private_ip
+}

modules/ec2/vailables.tf

@@ -0,0 +1,46 @@
+variable "ami_name" {
+  description = "ami name"
+  type        = string
+}
+
+variable "instance_type" {
+  type = string
+}
+
+variable "tag_name" {
+  type = string
+}
+
+variable "public_ip_associate" {
+  type = bool
+}
+variable "key_name" {
+  type = string
+}
+# variable "subnet_id" {
+#   type = string
+# }
+
+variable "public_subnet" {
+  type = string
+}
+
+variable "private_subnet" {
+  type = string
+}
+
+variable "sg_list" {
+  description = "sg list"
+  type = list(string)
+  
+}
+
+variable "user_data_file" {
+  type = string
+  default = null
+}
+
+# variable "user_data" {
+#   type = string
+#   default = null
+# }

modules/eip/main.tf

@@ -0,0 +1,4 @@
+resource "aws_eip" "lb" {
+  instance = aws_instance.web.id
+  vpc      = true
+}

modules/igw/main.tf

@@ -0,0 +1,7 @@
+resource "aws_internet_gateway" "main" {
+  vpc_id = var.vpc_id
+
+  tags = {
+    Name = "${var.tag_name}-igw"
+  }
+}

modules/igw/outputs.tf

@@ -0,0 +1,5 @@
+//modules-igw-output
+output "igw_id" {
+  description = "The name of hq-igw id"
+  value = aws_internet_gateway.main.id
+}

modules/igw/valiables.tf

@@ -0,0 +1,9 @@
+variable "vpc_id" {
+    description = "set vpc id"
+    type = string
+}
+
+variable "tag_name" {
+    description = "value"
+    type = string
+}

modules/nat-gateway/main.tf

@@ -0,0 +1,22 @@
+resource "aws_eip" "nat-eip" {
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+resource "aws_nat_gateway" "main" {
+  allocation_id = aws_eip.nat-eip.id
+  subnet_id     = var.subnet_id
+
+  tags = {
+    Name = "${var.tag_name}-ngw"
+  }
+
+  # To ensure proper ordering, it is recommended to add an explicit dependency
+  # on the Internet Gateway for the VPC.
+  # depends_on = [aws_internet_gateway.example]
+}
+# resource "aws_nat_gateway" "example" {
+#   connectivity_type = "private"
+#   subnet_id         = aws_subnet.example.id
+# }

modules/nat-gateway/outputs.tf

@@ -0,0 +1,4 @@
+output "nat_id" {
+    value = aws_nat_gateway.main.id
+  
+}

modules/nat-gateway/variables.tf

@@ -0,0 +1,10 @@
+variable "subnet_id" {
+  description = "subnet id"
+  type        = string
+
+}
+
+variable "tag_name" {
+    description = "value"
+    type = string
+}

modules/route-add/main.tf

@@ -0,0 +1,26 @@
+resource "aws_route" "route-igw-add" {
+  count = format("%.1s", var.gw_type) == "i" ? 1 : 0
+  route_table_id            = var.route_id
+  destination_cidr_block    = var.destination_cidr
+  gateway_id = var.igw_id
+  depends_on                = [var.route_id]
+#   depends_on                = [aws_route_table.testing]
+}
+resource "aws_route" "route-nat-add" {
+  count = format("%.1s", var.gw_type) == "n" ? 1 : 0
+  route_table_id            = var.route_id
+  destination_cidr_block    = var.destination_cidr
+  nat_gateway_id = var.nat_id
+  depends_on                = [var.route_id]
+#   depends_on                = [aws_route_table.testing]
+}
+
+# transit_gateway_id -
+resource "aws_route" "route-tgw-add" {
+  count = format("%.1s", var.gw_type) == "t" ? 1 : 0
+  route_table_id            = var.route_id
+  destination_cidr_block    = var.destination_cidr
+  # "10.0.0.0/8"
+  transit_gateway_id = var.tgw_id
+  depends_on                = [var.route_id]
+}

modules/route-add/variables.tf

@@ -0,0 +1,30 @@
+variable "destination_cidr" {
+    description = "destination cidr"
+    type = string
+  
+}
+variable "route_id" {
+    description = "value"
+    type = string
+}
+
+variable "gw_type" {
+    description = "gateway type. nat or igw"
+    type = string
+}
+variable "igw_id" {
+    description = "value"
+    type = string
+    default = "null"
+}
+variable "nat_id" {
+    description = "value"
+    type = string
+    default = "null"
+}
+
+variable "tgw_id" {
+    description = "value"
+    type = string
+    default = "null"
+}

modules/route-association/main.tf

@@ -0,0 +1,10 @@
+//라우팅 테이블 서브넷 연결
+resource "aws_route_table_association" "route-association" {
+    # for_each = toset(var.subnet_ids)
+    # subnet_id      = each.value
+    count = var.association_count
+    subnet_id = var.subnet_ids[count.index]
+    route_table_id = var.route_table_id
+    
+    
+}

modules/route-association/variables.tf

@@ -0,0 +1,14 @@
+variable "subnet_ids" {
+  description = "Subnet id"
+  type        = list(any)
+}
+
+variable "route_table_id" {
+  description = "Subnet id"
+  type        = string
+}
+
+variable "association_count" {
+  description = "Subnet count"
+  type        = number
+}

modules/route-table/main.tf

@@ -0,0 +1,24 @@
+/*
+라우팅 테이블에 서브넷을 연결.
+라우팅에서 경로 설정.
+*/
+
+//public
+resource "aws_route_table" "main" {
+  vpc_id = var.vpc_id
+  tags = {
+    Name = "${var.tag_name}-rt"
+  }
+
+#   route {
+#     cidr_block = "10.0.1.0/24"
+#     gateway_id = aws_internet_gateway.example.id
+#   }
+
+#   route {
+#     ipv6_cidr_block        = "::/0"
+#     egress_only_gateway_id = aws_egress_only_internet_gateway.example.id
+#   }
+}
+
+//private

modules/route-table/outputs.tf

@@ -0,0 +1,5 @@
+output "route_id" {
+    description = "get route_public_id"
+    value = aws_route_table.main.id
+
+}

modules/route-table/variables.tf

@@ -0,0 +1,8 @@
+variable "tag_name" {
+    description = "value"
+    type = string
+}
+variable "vpc_id" {
+    description = "set vpc id"
+    type = string
+}

modules/sg-rule-add/main.tf

@@ -0,0 +1,16 @@
+resource "aws_security_group_rule" "sg-rule-add" {
+  # description = "Security groups rule add"
+
+  type              = var.type
+  // rules
+  for_each = var.rules
+  from_port         = each.value.from_port
+  to_port           = each.value.to_port
+  protocol          = each.value.protocol
+  cidr_blocks       = [each.value.cidr_blocks]
+
+  security_group_id = var.security_group_id
+
+  description = "${var.tag_name}-sg-rule"
+
+}

modules/sg-rule-add/variables.tf

@@ -0,0 +1,34 @@
+variable "type" {
+  description = "security rule type"
+  type  = string
+}
+# variable "from_port" {
+#   description = "from port"
+#   type = number
+# }
+# variable "to_port" {
+#   description = "to_port"
+#   type = number
+# }
+# variable "protocol" {
+#   description = "protocol"
+#   type = string
+# }
+# variable "cidr_blocks" {
+#   description = "cidr_blocks"
+#   type = list(string)
+# }
+
+variable "rules" {
+  description = "sg rules"
+  type = map(map(string))
+
+}
+
+variable "security_group_id" {
+  
+}
+variable "tag_name" {
+  description = "tag_name"
+  type  = string
+}

modules/sg/main.tf

@@ -0,0 +1,6 @@
+resource "aws_security_group" "sg" {
+  description = "Security groups"
+  name        = var.sg_name
+  vpc_id = var.vpc_id
+
+}

modules/sg/outputs.tf

@@ -0,0 +1,5 @@
+//sg-output
+output "sg_id" {
+  description = "sg id outputs"
+  value       = aws_security_group.sg.id
+}

modules/sg/variables.tf

@@ -0,0 +1,9 @@
+variable "sg_name" {
+  description = "security group name"
+  type        = string
+}
+variable "vpc_id" {
+  description = "vpc_id"
+  type        = string
+
+}

modules/vpc-subnet/main.tf

@@ -0,0 +1,14 @@
+resource "aws_subnet" "main" {
+    vpc_id     = var.vpc_id
+    
+    for_each = var.subnet-az-list
+    availability_zone = each.value.name
+    cidr_block = each.value.cidr
+
+    map_public_ip_on_launch = var.public_ip_on ? true : false
+
+    tags = {
+        Name = "${var.tag_name}-subnet"
+    }
+    
+}

modules/vpc-subnet/outputs.tf

@@ -0,0 +1,5 @@
+//modules-subnet-outputs
+output "subnet" {
+  description = "Subnets info"
+  value = aws_subnet.main
+}

modules/vpc-subnet/valiables.tf

@@ -0,0 +1,20 @@
+variable "vpc_id" {
+    description = "set vpc id"
+    type = string
+}
+
+// reference | https://github.com/davidcsi/terraform/blob/master/healthchecks/main.tf
+variable "subnet-az-list" {
+    description = "Subnet available zone & cidr"
+    type = map(map(string))
+}
+
+
+variable "public_ip_on" {
+  type = bool
+}
+
+variable "tag_name" {
+    description = "value"
+    type = string
+}

modules/vpc/main.tf

@@ -0,0 +1,14 @@
+resource "aws_vpc" "main" {
+    # cidr_block       = "10.3.0.0/16"
+    cidr_block       = var.cidr_block
+    // instance_tenancy = "default"
+
+    # 인스턴스에 public DNS가 표시되도록 하는 속성
+    enable_dns_hostnames = true
+    enable_dns_support   = true
+
+
+    tags = {
+        Name = "${var.tag_name}-vpc"
+    }
+}

modules/vpc/outputs.tf

@@ -0,0 +1,10 @@
+//modules-vpc-output
+output "vpc_id" {
+  description = "The name of vpc hq id"
+  value = aws_vpc.main.id
+}
+
+output "vpc_name" {
+  value = var.tag_name
+}
+

modules/vpc/valiables.tf

@@ -0,0 +1,8 @@
+variable "cidr_block" {
+    description = "value"
+    type = string
+}
+variable "tag_name" {
+    description = "value"
+    type = string
+}

modules/vpn_conn/main.tf

@@ -0,0 +1,17 @@
+resource "aws_vpn_connection" "example" {
+  customer_gateway_id = var.cgw_id
+  
+  transit_gateway_id = var.tgw_id
+  
+  type = "ipsec.1"
+
+  tunnel1_preshared_key = var.preshared_key
+  tunnel2_preshared_key = var.preshared_key
+
+  static_routes_only = true
+  tags = {
+    Name = "terraform_ipsec_vpn_example"
+  }
+}
+#   outside_ip_address_type                 = "PrivateIpv4"
+#   transport_transit_gateway_attachment_id = data.aws_ec2_transit_gateway_dx_gateway_attachment.example.id

modules/vpn_conn/outputs.tf

@@ -0,0 +1,10 @@
+output "vpn_conn_tunnel-1_ip" {
+  value = aws_vpn_connection.example.tunnel1_address
+}
+output "vpn_conn_tunnel-2_ip" {
+  value = aws_vpn_connection.example.tunnel2_address
+}
+output "attach_id" {
+  value = aws_vpn_connection.example.transit_gateway_attachment_id
+  
+}

modules/vpn_conn/variables.tf

@@ -0,0 +1,13 @@
+variable "cgw_id" {
+    type = string
+  
+}
+
+variable "tgw_id" {
+    type = string
+  
+}
+variable "preshared_key" {
+    type = string
+  
+}