[ { "path": ".gitignore", "content": ".terraform/\n*.tfstate\n*.tfstate.backup\n*.terraform.lock.hcl\n" }, { "path": "Lesson-01/Lesson-1.tf", "content": "provider \"aws\" {}\n\n\nresource \"aws_instance\" \"my_Ubuntu\" {\n ami = \"ami-090f10efc254eaf55\"\n instance_type = \"t3.micro\"\n\n tags = {\n Name = \"My Ubuntu Server\"\n Owner = \"Denis Astahov\"\n Project = \"Terraform Lessons\"\n }\n}\n\nresource \"aws_instance\" \"my_Amazon\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.small\"\n\n tags = {\n Name = \"My Amazon Server\"\n Owner = \"Denis Astahov\"\n Project = \"Terraform Lessons\"\n }\n}\n" }, { "path": "Lesson-02/WebServer.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_instance\" \"my_webserver\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n user_data_replace_on_change = true # This need to added!!!! \n user_data = <WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"Web Server Build by Terraform\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"WebServer Security Group\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n ingress {\n from_port = 443\n to_port = 443\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-03/WebServer.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_instance\" \"my_webserver\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n user_data = file(\"user_data.sh\")\n\n tags = {\n Name = \"Web Server Build by Terraform\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"WebServer Security Group\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n ingress {\n from_port = 443\n to_port = 443\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-03/user_data.sh", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\necho \"

WebServer with IP: $myip


Build by Terraform using External Script!\" > /var/www/html/index.html\necho \"
Hello World!!\" >> /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-04/WebServer.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_instance\" \"my_webserver\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n user_data = templatefile(\"user_data.sh.tpl\", {\n f_name = \"Denis\",\n l_name = \"Astahov\",\n names = [\"Vasya\", \"Kolya\", \"Petya\", \"John\", \"Donald\", \"Masha\"]\n })\n\n tags = {\n Name = \"Web Server Build by Terraform\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"WebServer Security Group\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n ingress {\n from_port = 443\n to_port = 443\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-04/user_data.sh.tpl", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\n\n\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n\ncat < /var/www/html/index.html\n\n

Build by Power of Terraform v0.12


\nOwner ${f_name} ${l_name}
\n\n%{ for x in names ~}\nHello to ${x} from ${f_name}
\n%{ endfor ~}\n\n\nEOF\n\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-05/DynamicSecurityGroup.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"Dynamic Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\", \"8080\", \"1541\", \"9092\", \"9093\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n\n\n ingress {\n from_port = 22\n to_port = 22\n protocol = \"tcp\"\n cidr_blocks = [\"10.10.0.0/16\"]\n }\n\n\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Dynamic SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-06/WebServer.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_eip\" \"my_static_ip\" {\n instance = aws_instance.my_webserver.id\n domain = \"vpc\" # Need to add in new AWS Provider version\n tags = {\n Name = \"Web Server IP\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_instance\" \"my_webserver\" {\n ami = \"ami-07ab3281411d31d04\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n user_data = templatefile(\"user_data.sh.tpl\", {\n f_name = \"Denis\",\n l_name = \"Astahov\",\n names = [\"Vasya\", \"Kolya\", \"Petya\", \"John\", \"Donald\", \"Masha\", \"Lena\", \"Katya\"]\n })\n user_data_replace_on_change = true # Added in the new AWS provider!!!\n\n tags = {\n Name = \"Web Server Build by Terraform\"\n Owner = \"Denis Astahov\"\n }\n\n lifecycle {\n create_before_destroy = true\n }\n}\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"WebServer Security Group\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-06/user_data.sh.tpl", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\n\n\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n\ncat < /var/www/html/index.html\n\n

Build by Power of Terraform v0.12


\nOwner ${f_name} ${l_name}
\n\n%{ for x in names ~}\nHello to ${x} from ${f_name}
\n%{ endfor ~}\n

\nServer IP: $myip
\n\nEOF\n\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-07/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Build WebServer during Bootstrap\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_eip\" \"my_static_ip\" {\n vpc = true # Need to add in new AWS Provider version\n instance = aws_instance.my_webserver.id\n tags = {\n Name = \"Web Server IP\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_instance\" \"my_webserver\" {\n ami = \"ami-07ab3281411d31d04\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n user_data = templatefile(\"user_data.sh.tpl\", {\n f_name = \"Denis\",\n l_name = \"Astahov\",\n names = [\"Vasya\", \"Kolya\", \"Petya\", \"John\", \"Donald\", \"Masha\", \"Lena\", \"Katya\"]\n })\n\n tags = {\n Name = \"Web Server Build by Terraform\"\n Owner = \"Denis Astahov\"\n }\n\n lifecycle {\n create_before_destroy = true\n }\n\n}\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"WebServer Security Group\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-07/outputs.tf", "content": "output \"my_web_site_ip\" {\n description = \"Elatic IP address assigned to our WebSite\"\n value = aws_eip.my_static_ip.public_ip\n}\n\noutput \"my_instance_id\" {\n description = \"InstanceID of our WebSite\"\n value = aws_instance.my_webserver.id\n}\n\noutput \"my_instance_arn\" {\n description = \"InstanceARN of our WebSite\"\n value = aws_instance.my_webserver.arn\n}\n\noutput \"my_sg_id\" {\n description = \"SecurityGroup of our WebSite\"\n value = aws_security_group.my_webserver.id\n}\n" }, { "path": "Lesson-07/user_data.sh.tpl", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\n\n\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n\ncat < /var/www/html/index.html\n\n

Build by Power of Terraform v0.12


\nOwner ${f_name} ${l_name}
\n\n%{ for x in names ~}\nHello to ${x} from ${f_name}
\n%{ endfor ~}\n

\nServer IP: $myip
\n\nEOF\n\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-08/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_instance\" \"my_server_web\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n\n tags = {\n Name = \"Server-Web\"\n }\n depends_on = [aws_instance.my_server_db, aws_instance.my_server_app]\n}\n\nresource \"aws_instance\" \"my_server_app\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n\n tags = {\n Name = \"Server-Application\"\n }\n\n depends_on = [aws_instance.my_server_db]\n}\n\n\nresource \"aws_instance\" \"my_server_db\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.my_webserver.id]\n\n tags = {\n Name = \"Server-Database\"\n }\n}\n\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"My Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\", \"22\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"My SecurityGroup\"\n }\n}\n" }, { "path": "Lesson-09/main.tf", "content": "provider \"aws\" {}\n\n\ndata \"aws_availability_zones\" \"working\" {}\ndata \"aws_caller_identity\" \"current\" {}\ndata \"aws_region\" \"current\" {}\ndata \"aws_vpcs\" \"my_vpcs\" {}\n\n\ndata \"aws_vpc\" \"prod_vpc\" {\n tags = {\n Name = \"prod\"\n }\n}\n\n\nresource \"aws_subnet\" \"prod_subnet_1\" {\n vpc_id = data.aws_vpc.prod_vpc.id\n availability_zone = data.aws_availability_zones.working.names[0]\n cidr_block = \"10.10.1.0/24\"\n tags = {\n Name = \"Subnet-1 in ${data.aws_availability_zones.working.names[0]}\"\n Account = \"Subnet in Account ${data.aws_caller_identity.current.account_id}\"\n Region = data.aws_region.current.description\n }\n}\n\nresource \"aws_subnet\" \"prod_subnet_2\" {\n vpc_id = data.aws_vpc.prod_vpc.id\n availability_zone = data.aws_availability_zones.working.names[1]\n cidr_block = \"10.10.2.0/24\"\n tags = {\n Name = \"Subnet-2 in ${data.aws_availability_zones.working.names[1]}\"\n Account = \"Subnet in Account ${data.aws_caller_identity.current.account_id}\"\n Region = data.aws_region.current.description\n }\n}\n\n\n\noutput \"prod_vpc_id\" {\n value = data.aws_vpc.prod_vpc.id\n}\n\noutput \"prod_vpc_cidr\" {\n value = data.aws_vpc.prod_vpc.cidr_block\n}\n\noutput \"aws_vpcs\" {\n value = data.aws_vpcs.my_vpcs.ids\n}\n\n\noutput \"data_aws_availability_zones\" {\n value = data.aws_availability_zones.working.names\n}\n\n\noutput \"data_aws_caller_identity\" {\n value = data.aws_caller_identity.current.account_id\n}\n\noutput \"data_aws_region_name\" {\n value = data.aws_region.current.region\n}\n\noutput \"data_aws_region_description\" {\n value = data.aws_region.current.description\n}\n" }, { "path": "Lesson-10/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Find Latest AMI id of:\n# - Ubuntu 18.04\n# - Amazon Linux 2\n# - Windows Server 2016 Base\n#\n# Made by Denis Astahov\n#-----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"ap-southeast-2\"\n}\n\ndata \"aws_ami\" \"latest_ubuntu\" {\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*\"]\n }\n}\n\n\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n\ndata \"aws_ami\" \"latest_windows_2016\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"Windows_Server-2016-English-Full-Base-*\"]\n }\n\n}\n\n// How to use\n/*\nresource \"aws_instance\" \"my_webserver_with_latest_ubuntu_ami\" {\n ami = data.aws_ami.latest_ubuntu.id\n instance_type = \"t3.micro\"\n}\n*/\n\n\noutput \"latest_windows_2016_ami_id\" {\n value = data.aws_ami.latest_windows_2016.id\n}\n\noutput \"latest_windows_2016_ami_name\" {\n value = data.aws_ami.latest_windows_2016.name\n}\n\n\noutput \"latest_amazon_linux_ami_id\" {\n value = data.aws_ami.latest_amazon_linux.id\n}\n\noutput \"latest_amazon_linux_ami_name\" {\n value = data.aws_ami.latest_amazon_linux.name\n}\n\n\noutput \"latest_ubuntu_ami_id\" {\n value = data.aws_ami.latest_ubuntu.id\n}\n\noutput \"latest_ubuntu_ami_name\" {\n value = data.aws_ami.latest_ubuntu.name\n}\n" }, { "path": "Lesson-11-ALB-LaunchTemplate/main.tf", "content": "#----------------------------------------------------------\n# Provision Highly Availabe Web in any Region Default VPC\n# Create:\n# - Security Group for Web Server and ALB\n# - Launch Template with Auto AMI Lookup\n# - Auto Scaling Group using 2 Availability Zones\n# - Application Load Balancer in 2 Availability Zones\n# - Application Load Balancer TargetGroup\n# Update to Web Servers will be via Green/Blue Deployment Strategy\n# Made by Denis Astahov 07-March-2023\n#-----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n\n default_tags {\n tags = {\n Owner = \"Denis Astahov\"\n CreatedBy = \"Terraform\"\n Course = \"From Zero to Certified Professional\"\n }\n }\n}\n\n\ndata \"aws_availability_zones\" \"working\" {}\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"137112412989\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n#-------------------------------------------------------------------------------\nresource \"aws_default_vpc\" \"default\" {}\n\nresource \"aws_default_subnet\" \"default_az1\" {\n availability_zone = data.aws_availability_zones.working.names[0]\n}\n\nresource \"aws_default_subnet\" \"default_az2\" {\n availability_zone = data.aws_availability_zones.working.names[1]\n}\n\n#-------------------------------------------------------------------------------\nresource \"aws_security_group\" \"web\" {\n name = \"Web Security Group\"\n vpc_id = aws_default_vpc.default.id\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n tags = {\n Name = \"Web Security Group\"\n }\n}\n\n#-------------------------------------------------------------------------------\nresource \"aws_launch_template\" \"web\" {\n name = \"WebServer-Highly-Available-LT\"\n image_id = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web.id]\n user_data = filebase64(\"${path.module}/user_data.sh\")\n}\n\nresource \"aws_autoscaling_group\" \"web\" {\n name = \"WebServer-Highly-Available-ASG-Ver-${aws_launch_template.web.latest_version}\"\n min_size = 2\n max_size = 2\n min_elb_capacity = 2\n health_check_type = \"ELB\"\n vpc_zone_identifier = [aws_default_subnet.default_az1.id, aws_default_subnet.default_az2.id]\n target_group_arns = [aws_lb_target_group.web.arn]\n\n launch_template {\n id = aws_launch_template.web.id\n version = aws_launch_template.web.latest_version\n }\n\n dynamic \"tag\" {\n for_each = {\n Name = \"WebServer in ASG-v${aws_launch_template.web.latest_version}\"\n TAGKEY = \"TAGVALUE\"\n }\n content {\n key = tag.key\n value = tag.value\n propagate_at_launch = true\n }\n }\n lifecycle {\n create_before_destroy = true\n }\n}\n\n#-------------------------------------------------------------------------------\nresource \"aws_lb\" \"web\" {\n name = \"WebServer-HighlyAvailable-ALB\"\n load_balancer_type = \"application\"\n security_groups = [aws_security_group.web.id]\n subnets = [aws_default_subnet.default_az1.id, aws_default_subnet.default_az2.id]\n}\n\nresource \"aws_lb_target_group\" \"web\" {\n name = \"WebServer-HighlyAvailable-TG\"\n vpc_id = aws_default_vpc.default.id\n port = 80\n protocol = \"HTTP\"\n deregistration_delay = 10 # seconds\n}\n\nresource \"aws_lb_listener\" \"http\" {\n load_balancer_arn = aws_lb.web.arn\n port = \"80\"\n protocol = \"HTTP\"\n\n default_action {\n type = \"forward\"\n target_group_arn = aws_lb_target_group.web.arn\n }\n}\n\n#-------------------------------------------------------------------------------\noutput \"web_loadbalancer_url\" {\n value = aws_lb.web.dns_name\n}\n" }, { "path": "Lesson-11-ALB-LaunchTemplate/user_data.sh", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\n\n\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n\ncat < /var/www/html/index.html\n\n\n

Build by Power of Terraform v0.12


\nServer PrivateIP: $myip

\n\n\nVersion 3.0\n\n\nEOF\n\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-11-ELB-LaunchConfiguration/main.tf", "content": "#----------------------------------------------------------\n# Provision Highly Availabe Web in any Region Default VPC\n# Create:\n# - Security Group for Web Server\n# - Launch Configuration with Auto AMI Lookup\n# - Auto Scaling Group using 2 Availability Zones\n# - Classic Load Balancer in 2 Availability Zones\n#\n# Made by Denis Astahov 11-June-2019\n#-----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"eu-west-2\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\ndata \"aws_availability_zones\" \"available\" {}\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n#--------------------------------------------------------------\nresource \"aws_security_group\" \"web\" {\n name = \"Dynamic Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n dynamic \"ingress\" {\n for_each = [\"80\", \"443\"]\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Dynamic SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n\n\nresource \"aws_launch_configuration\" \"web\" {\n // name = \"WebServer-Highly-Available-LC\"\n name_prefix = \"WebServer-Highly-Available-LC-\"\n image_id = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n security_groups = [aws_security_group.web.id]\n user_data = file(\"user_data.sh\")\n\n lifecycle {\n create_before_destroy = true\n }\n}\n\n\n\nresource \"aws_autoscaling_group\" \"web\" {\n name = \"ASG-${aws_launch_configuration.web.name}\"\n launch_configuration = aws_launch_configuration.web.name\n min_size = 2\n max_size = 2\n min_elb_capacity = 2\n health_check_type = \"ELB\"\n vpc_zone_identifier = [aws_default_subnet.default_az1.id, aws_default_subnet.default_az2.id]\n load_balancers = [aws_elb.web.name]\n\n dynamic \"tag\" {\n for_each = {\n Name = \"WebServer in ASG\"\n Owner = \"Denis Astahov\"\n TAGKEY = \"TAGVALUE\"\n }\n content {\n key = tag.key\n value = tag.value\n propagate_at_launch = true\n }\n }\n\n lifecycle {\n create_before_destroy = true\n }\n}\n\n\nresource \"aws_elb\" \"web\" {\n name = \"WebServer-HA-ELB\"\n availability_zones = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1]]\n security_groups = [aws_security_group.web.id]\n listener {\n lb_port = 80\n lb_protocol = \"http\"\n instance_port = 80\n instance_protocol = \"http\"\n }\n health_check {\n healthy_threshold = 2\n unhealthy_threshold = 2\n timeout = 3\n target = \"HTTP:80/\"\n interval = 10\n }\n tags = {\n Name = \"WebServer-Highly-Available-ELB\"\n }\n}\n\n\nresource \"aws_default_subnet\" \"default_az1\" {\n availability_zone = data.aws_availability_zones.available.names[0]\n}\n\nresource \"aws_default_subnet\" \"default_az2\" {\n availability_zone = data.aws_availability_zones.available.names[1]\n}\n\n#--------------------------------------------------\noutput \"web_loadbalancer_url\" {\n value = aws_elb.web.dns_name\n}\n" }, { "path": "Lesson-11-ELB-LaunchConfiguration/user_data.sh", "content": "#!/bin/bash\nyum -y update\nyum -y install httpd\n\n\nmyip=`curl http://169.254.169.254/latest/meta-data/local-ipv4`\n\ncat < /var/www/html/index.html\n\n\n

Build by Power of Terraform v0.12


\nServer PrivateIP: $myip

\n\n\nVersion 3.0\n\n\nEOF\n\nsudo service httpd start\nchkconfig httpd on\n" }, { "path": "Lesson-12/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Variables\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\n\nprovider \"aws\" {\n region = var.region\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n\nresource \"aws_eip\" \"my_static_ip\" {\n vpc = true # Need to add in new AWS Provider version\n instance = aws_instance.my_server.id\n //tags = var.common_tags\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server IP\" })\n\n /*\n tags = {\n Name = \"Server IP\"\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n }\n*/\n\n}\n\n\n\nresource \"aws_instance\" \"my_server\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = var.instance_type\n vpc_security_group_ids = [aws_security_group.my_server.id]\n monitoring = var.enable_detailed_monitoring\n\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server Build by Terraform\" })\n\n}\n\n\nresource \"aws_security_group\" \"my_server\" {\n name = \"My Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n dynamic \"ingress\" {\n for_each = var.allow_ports\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server SecurityGroup\" })\n\n}\n" }, { "path": "Lesson-12/outputs.tf", "content": "output \"my_server_ip\" {\n value = aws_eip.my_static_ip.public_ip\n}\n\noutput \"my_instance_id\" {\n value = aws_instance.my_server.id\n}\n\noutput \"my_sg_id\" {\n value = aws_security_group.my_server.id\n}\n" }, { "path": "Lesson-12/variables.tf", "content": "\nvariable \"region\" {\n description = \"Please Enter AWS Region to deploy Server\"\n type = string\n default = \"ca-central-1\"\n}\n\nvariable \"instance_type\" {\n description = \"Enter Instance Type\"\n type = string\n default = \"t3.small\"\n}\n\n\nvariable \"allow_ports\" {\n description = \"List of Ports to open for server\"\n type = list\n default = [\"80\", \"443\", \"22\", \"8080\"]\n}\n\nvariable \"enable_detailed_monitoring\" {\n type = bool\n default = false\n}\n\n\nvariable \"common_tags\" {\n description = \"Common Tags to apply to all resources\"\n type = map\n default = {\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n CostCenter = \"12345\"\n Environment = \"development\"\n }\n}\n" }, { "path": "Lesson-13/dev.tfvars", "content": "# Auto Fill variables for DEV\n\n#File names can be as:\n# terraform.tfvars\n# prod.auto.tfvars\n# dev.auto.tfvars\n\n\nregion = \"ca-central-1\"\ninstance_type = \"t2.micro\"\nenable_detailed_monitoring = false\n\nallow_ports = [\"80\", \"22\", \"8080\"]\n\ncommon_tags = {\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n CostCenter = \"12345\"\n Environment = \"dev\"\n}\n" }, { "path": "Lesson-13/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Autofill Variables\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\n\nprovider \"aws\" {\n region = var.region\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n\nresource \"aws_eip\" \"my_static_ip\" {\n vpc = true # Need to add in new AWS Provider version\n instance = aws_instance.my_server.id\n //tags = var.common_tags\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server IP\" })\n\n /*\n tags = {\n Name = \"Server IP\"\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n }\n*/\n\n}\n\n\n\nresource \"aws_instance\" \"my_server\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = var.instance_type\n vpc_security_group_ids = [aws_security_group.my_server.id]\n monitoring = var.enable_detailed_monitoring\n\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server Build by Terraform\" })\n\n}\n\n\nresource \"aws_security_group\" \"my_server\" {\n name = \"My Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n dynamic \"ingress\" {\n for_each = var.allow_ports\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = merge(var.common_tags, { Name = \"${var.common_tags[\"Environment\"]} Server SecurityGroup\" })\n\n}\n" }, { "path": "Lesson-13/outputs.tf", "content": "output \"my_server_ip\" {\n value = aws_eip.my_static_ip.public_ip\n}\n\noutput \"my_instance_id\" {\n value = aws_instance.my_server.id\n}\n\noutput \"my_sg_id\" {\n value = aws_security_group.my_server.id\n}\n" }, { "path": "Lesson-13/prod.tfvars", "content": "# Auto Fill variables for PROD\n\n#File names can be as:\n# terraform.tfvars\n# prod.auto.tfvars\n# dev.auto.tfvars\n\n\nregion = \"ca-central-1\"\ninstance_type = \"t2.small\"\nenable_detailed_monitoring = true\n\nallow_ports = [\"80\", \"443\"]\n\ncommon_tags = {\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n CostCenter = \"123477\"\n Environment = \"prod\"\n}\n" }, { "path": "Lesson-13/variables.tf", "content": "\nvariable \"region\" {\n description = \"Please Enter AWS Region to deploy Server\"\n type = string\n default = \"ca-central-1\"\n}\n\nvariable \"instance_type\" {\n description = \"Enter Instance Type\"\n type = string\n default = \"t3.small\"\n}\n\n\nvariable \"allow_ports\" {\n description = \"List of Ports to open for server\"\n type = list\n default = [\"80\", \"443\", \"22\", \"8080\"]\n}\n\nvariable \"enable_detailed_monitoring\" {\n type = bool\n default = false\n}\n\n\nvariable \"common_tags\" {\n description = \"Common Tags to apply to all resources\"\n type = map\n default = {\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n CostCenter = \"12345\"\n Environment = \"development\"\n }\n}\n" }, { "path": "Lesson-14/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Local Variables\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\n\ndata \"aws_region\" \"current\" {}\ndata \"aws_availability_zones\" \"available\" {}\n\nlocals {\n full_project_name = \"${var.environment}-${var.project_name}\"\n project_owner = \"${var.owner} owner of ${var.project_name}\"\n}\n\n\nlocals {\n country = \"Canada\"\n city = \"Deadmonton\"\n az_list = join(\",\", data.aws_availability_zones.available.names)\n region = data.aws_region.current.description\n location = \"In ${local.region} there are AZ: ${local.az_list}\"\n}\n\nresource \"aws_eip\" \"my_static_ip\" {\n vpc = true # Need to add in new AWS Provider version\n tags = {\n Name = \"Static IP\"\n Owner = var.owner\n Project = local.full_project_name\n proj_owner = local.project_owner\n city = local.city\n region_azs = local.az_list\n location = local.location\n }\n}\n" }, { "path": "Lesson-14/outputs.tf", "content": "output \"my_static_ip\" {\n value = aws_eip.my_static_ip.public_ip\n}\n" }, { "path": "Lesson-14/variables.tf", "content": "\nvariable \"environment\" {\n default = \"DEV\"\n}\n\nvariable \"project_name\" {\n default = \"ANDESA\"\n}\n\nvariable \"owner\" {\n default = \"Denis Astahov\"\n}\n" }, { "path": "Lesson-15/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Execute Local Commands on Computer with Terraform\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\n\nresource \"null_resource\" \"command1\" {\n provisioner \"local-exec\" {\n command = \"echo Terraform START: $(date) >> log.txt\"\n }\n}\n\n\n\nresource \"null_resource\" \"command2\" {\n provisioner \"local-exec\" {\n command = \"ping -c 5 www.google.com\"\n }\n}\n\n\nresource \"null_resource\" \"command3\" {\n provisioner \"local-exec\" {\n command = \"print('Hello World!')\"\n interpreter = [\"python\", \"-c\"]\n }\n}\n\n\nresource \"null_resource\" \"command4\" {\n provisioner \"local-exec\" {\n command = \"echo $NAME1 $NAME2 $NAME3 >> names.txt\"\n environment = {\n NAME1 = \"Vasya\"\n NAME2 = \"Petya\"\n NAME3 = \"Kolya\"\n }\n }\n}\n\n\nresource \"aws_instance\" \"myserver\" {\n ami = \"ami-08a9b721ecc5b0a53\"\n instance_type = \"t3.micro\"\n provisioner \"local-exec\" {\n command = \"echo Hello from AWS Instance Creations!\"\n }\n}\n\n\nresource \"null_resource\" \"command6\" {\n provisioner \"local-exec\" {\n command = \"echo Terraform END: $(date) >> log.txt\"\n }\n depends_on = [null_resource.command1, null_resource.command2, null_resource.command3, null_resource.command4, aws_instance.myserver]\n}\n" }, { "path": "Lesson-16/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Genarate Password\n# Store Password in SSM Parameter Store\n# Get Password from SSM Parameter Store\n# Example of Use Password in RDS\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\n// Generate Password\nresource \"random_string\" \"rds_password\" {\n length = 12\n special = true\n override_special = \"!#$&\"\n\n keepers = {\n kepeer1 = var.name\n //keperr2 = var.something\n }\n}\n\n// Store Password in SSM Parameter Store\nresource \"aws_ssm_parameter\" \"rds_password\" {\n name = \"/prod/mysql\"\n description = \"Master Password for RDS MySQL\"\n type = \"SecureString\"\n value = random_string.rds_password.result\n}\n\n// Get Password from SSM Parameter Store\ndata \"aws_ssm_parameter\" \"my_rds_password\" {\n name = \"/prod/mysql\"\n depends_on = [aws_ssm_parameter.rds_password]\n}\n\n\n// Example of Use Password in RDS\nresource \"aws_db_instance\" \"default\" {\n identifier = \"prod-rds\"\n allocated_storage = 20\n storage_type = \"gp2\"\n engine = \"mysql\"\n engine_version = \"5.7\"\n instance_class = \"db.t2.micro\"\n name = \"prod\"\n username = \"administrator\"\n password = data.aws_ssm_parameter.my_rds_password.value\n parameter_group_name = \"default.mysql5.7\"\n skip_final_snapshot = true\n apply_immediately = true\n}\n" }, { "path": "Lesson-16/outputs.tf", "content": "output \"rds_password\" {\n value = data.aws_ssm_parameter.my_rds_password.value\n}\n" }, { "path": "Lesson-16/variables.tf", "content": "variable \"name\" {\n default = \"petya\"\n}\n" }, { "path": "Lesson-17/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Terraform Conditions and Lookups\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\n// Use of Condition\nresource \"aws_instance\" \"my_webserver1\" {\n ami = \"ami-03a71cec707bfc3d7\"\n //instance_type = (var.env == \"prod\" ? \"t2.large\" : \"t2.micro\")\n instance_type = var.env == \"prod\" ? var.ec2_size[\"prod\"] : var.ec2_size[\"dev\"]\n\n tags = {\n Name = \"${var.env}-server\"\n Owner = var.env == \"prod\" ? var.prod_onwer : var.noprod_owner\n }\n}\n\n// Use of LOOKUP\nresource \"aws_instance\" \"my_webserver2\" {\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = lookup(var.ec2_size, var.env)\n\n tags = {\n Name = \"${var.env}-server\"\n Owner = var.env == \"prod\" ? var.prod_onwer : var.noprod_owner\n }\n}\n\n\n// Create Bastion ONLY for if \"dev\" environment\nresource \"aws_instance\" \"my_dev_bastion\" {\n count = var.env == \"dev\" ? 1 : 0\n ami = \"ami-03a71cec707bfc3d7\"\n instance_type = \"t2.micro\"\n\n tags = {\n Name = \"Bastion Server for Dev-server\"\n }\n}\n\n\n\nresource \"aws_security_group\" \"my_webserver\" {\n name = \"Dynamic Security Group\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n dynamic \"ingress\" {\n for_each = lookup(var.allow_port_list, var.env)\n content {\n from_port = ingress.value\n to_port = ingress.value\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Dynamic SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-17/variables.tf", "content": "variable \"env\" {\n default = \"dev\"\n}\n\nvariable \"prod_onwer\" {\n default = \"Denis Astahov\"\n}\n\nvariable \"noprod_owner\" {\n default = \"Dyadya Vasya\"\n}\n\nvariable \"ec2_size\" {\n default = {\n \"prod\" = \"t3.medium\"\n \"dev\" = \"t3.micro\"\n \"staging\" = \"t2.small\"\n }\n}\n\nvariable \"allow_port_list\" {\n default = {\n \"prod\" = [\"80\", \"443\"]\n \"dev\" = [\"80\", \"443\", \"8080\", \"22\"]\n }\n}\n" }, { "path": "Lesson-18/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Terraform Loops: Count and For if\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\n\nresource \"aws_iam_user\" \"user1\" {\n name = \"pushkin\"\n}\n\nresource \"aws_iam_user\" \"users\" {\n count = length(var.aws_users)\n name = element(var.aws_users, count.index)\n}\n\n#----------------------------------------------------------------\n\nresource \"aws_instance\" \"servers\" {\n count = 3\n ami = \"ami-07ab3281411d31d04\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Server Number ${count.index + 1}\"\n }\n}\n" }, { "path": "Lesson-18/outputs.tf", "content": "// Print all details\noutput \"created_iam_users_all\" {\n value = aws_iam_user.users\n}\n\n//Print only ID of users\noutput \"created_iam_users_ids\" {\n value = aws_iam_user.users[*].id\n}\n\n//Print my Custom output list\noutput \"created_iam_users_custom\" {\n value = [\n for user in aws_iam_user.users :\n \"Username: ${user.name} has ARN: ${user.arn}\"\n ]\n}\n\n//Print My Custom output MAP\noutput \"created_iam_users_map\" {\n value = {\n for user in aws_iam_user.users :\n user.unique_id => user.id // \"AIDA4BML4STW22K74HQFF\" : \"vasya\"\n }\n}\n\n// Print List of users with name 4 characters ONLY\noutput \"custom_if_length\" {\n value = [\n for x in aws_iam_user.users :\n x.name\n if length(x.name) == 4\n ]\n}\n\n#===================================================================\n\n// Print nice MAP of InstanceID: PublicIP\noutput \"server_all\" {\n value = {\n for server in aws_instance.servers :\n server.id => server.public_ip // \"i-0490f049844513179\" = \"99.79.58.22\"\n }\n}\n" }, { "path": "Lesson-18/variables.tf", "content": "variable \"aws_users\" {\n description = \"List of IAM Users to create\"\n default = [\"vasya\", \"petya\", \"kolya\", \"lena\", \"masha\", \"misha\", \"vova\", \"donald\"]\n}\n" }, { "path": "Lesson-19/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Provision Resources in Multiply AWS Regions / Accounts\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\n\nprovider \"aws\" { // This is example to use Another AWS Account\n alias = \"ANOTHER_AWS_ACCOUNT\"\n region = \"ca-central-1\"\n access_key = \"xxxxxxxxxxxx\"\n secret_key = \"yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy\"\n\n assume_role {\n role_arn = \"arn:aws:iam::1234567890:role/RemoteAdministrators\"\n session_name = \"TERRAFROM_SESSION\"\n }\n}\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nprovider \"aws\" {\n region = \"us-east-1\"\n alias = \"USA\"\n}\n\nprovider \"aws\" {\n region = \"eu-central-1\"\n alias = \"GER\"\n}\n#==================================================================\n\ndata \"aws_ami\" \"defaut_latest_ubuntu\" {\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*\"]\n }\n}\n\ndata \"aws_ami\" \"usa_latest_ubuntu\" {\n provider = aws.USA\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*\"]\n }\n}\n\ndata \"aws_ami\" \"ger_latest_ubuntu\" {\n provider = aws.GER\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*\"]\n }\n}\n\n#============================================================================\nresource \"aws_instance\" \"my_default_server\" {\n instance_type = \"t3.micro\"\n ami = data.aws_ami.defaut_latest_ubuntu.id\n tags = {\n Name = \"Default Server\"\n }\n}\n\nresource \"aws_instance\" \"my_usa_server\" {\n provider = aws.USA\n instance_type = \"t3.micro\"\n ami = data.aws_ami.usa_latest_ubuntu.id\n tags = {\n Name = \"USA Server\"\n }\n}\n\nresource \"aws_instance\" \"my_ger_server\" {\n provider = aws.GER\n instance_type = \"t3.micro\"\n ami = data.aws_ami.ger_latest_ubuntu.id\n tags = {\n Name = \"GERMANY Server\"\n }\n}\n" }, { "path": "Lesson-20/Layer1-Network/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Remote State on S3\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"dev/network/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n\n#==============================================================\n\ndata \"aws_availability_zones\" \"available\" {}\n\nresource \"aws_vpc\" \"main\" {\n cidr_block = var.vpc_cidr\n tags = {\n Name = \"${var.env}-vpc\"\n }\n}\n\nresource \"aws_internet_gateway\" \"main\" {\n vpc_id = aws_vpc.main.id\n tags = {\n Name = \"${var.env}-igw\"\n }\n}\n\n\nresource \"aws_subnet\" \"public_subnets\" {\n count = length(var.public_subnet_cidrs)\n vpc_id = aws_vpc.main.id\n cidr_block = element(var.public_subnet_cidrs, count.index)\n availability_zone = data.aws_availability_zones.available.names[count.index]\n map_public_ip_on_launch = true\n tags = {\n Name = \"${var.env}-puvlic-${count.index + 1}\"\n }\n}\n\n\nresource \"aws_route_table\" \"public_subnets\" {\n vpc_id = aws_vpc.main.id\n route {\n cidr_block = \"0.0.0.0/0\"\n gateway_id = aws_internet_gateway.main.id\n }\n tags = {\n Name = \"${var.env}-route-public-subnets\"\n }\n}\n\nresource \"aws_route_table_association\" \"public_routes\" {\n count = length(aws_subnet.public_subnets[*].id)\n route_table_id = aws_route_table.public_subnets.id\n subnet_id = element(aws_subnet.public_subnets[*].id, count.index)\n}\n\n#==============================================================\n" }, { "path": "Lesson-20/Layer1-Network/outputs.tf", "content": "output \"vpc_id\" {\n value = aws_vpc.main.id\n}\n\noutput \"vpc_cidr\" {\n value = aws_vpc.main.cidr_block\n}\n\noutput \"public_subnet_ids\" {\n value = aws_subnet.public_subnets[*].id\n}\n" }, { "path": "Lesson-20/Layer1-Network/variables.tf", "content": "variable \"vpc_cidr\" {\n default = \"10.0.0.0/16\"\n}\n\nvariable \"env\" {\n default = \"dev\"\n}\n\nvariable \"public_subnet_cidrs\" {\n default = [\n \"10.0.1.0/24\",\n \"10.0.2.0/24\",\n ]\n}\n" }, { "path": "Lesson-20/Layer2-Servers/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Remote State on S3\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"dev/servers/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n#====================================================================\n\n\ndata \"terraform_remote_state\" \"network\" {\n backend = \"s3\"\n config = {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket from where to GET Terraform State\n key = \"dev/network/terraform.tfstate\" // Object name in the bucket to GET Terraform state\n region = \"us-east-1\" // Region where bycket created\n }\n}\n\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n#===============================================================\n\n\nresource \"aws_instance\" \"web_server\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.webserver.id]\n subnet_id = data.terraform_remote_state.network.outputs.public_subnet_ids[0]\n user_data = <WebServer with IP: $myip
Build by Terraform with Remote State\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n tags = {\n Name = \"${var.env}-WebServer\"\n }\n}\n\nresource \"aws_security_group\" \"webserver\" {\n name = \"WebServer Security Group\"\n vpc_id = data.terraform_remote_state.network.outputs.vpc_id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n ingress {\n from_port = 22\n to_port = 22\n protocol = \"tcp\"\n cidr_blocks = [data.terraform_remote_state.network.outputs.vpc_cidr]\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"${var.env}-web-server-sg\"\n Owner = \"Denis Astahov\"\n }\n}\n\n#=================================================================\n" }, { "path": "Lesson-20/Layer2-Servers/outputs.tf", "content": "output \"webserver_sg_id\" {\n value = aws_security_group.webserver.id\n}\n\noutput \"web_server_public_ip\" {\n value = aws_instance.web_server.public_ip\n}\n" }, { "path": "Lesson-20/Layer2-Servers/variables.tf", "content": "variable \"env\" {\n default = \"dev\"\n}\n" }, { "path": "Lesson-21/modules/aws_network/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n# Provision:\n# - VPC\n# - Internet Gateway\n# - XX Public Subnets\n# - XX Private Subnets\n# - XX NAT Gateways in Public Subnets to give access to Internet from Private Subnets\n#\n# Made by Denis Astahov. Summer 2019\n#----------------------------------------------------------\n\n#==============================================================\n\ndata \"aws_availability_zones\" \"available\" {}\n\nresource \"aws_vpc\" \"main\" {\n cidr_block = var.vpc_cidr\n tags = {\n Name = \"${var.env}-vpc\"\n }\n}\n\nresource \"aws_internet_gateway\" \"main\" {\n vpc_id = aws_vpc.main.id\n tags = {\n Name = \"${var.env}-igw\"\n }\n}\n\n#-------------Public Subnets and Routing----------------------------------------\nresource \"aws_subnet\" \"public_subnets\" {\n count = length(var.public_subnet_cidrs)\n vpc_id = aws_vpc.main.id\n cidr_block = element(var.public_subnet_cidrs, count.index)\n availability_zone = data.aws_availability_zones.available.names[count.index]\n map_public_ip_on_launch = true\n tags = {\n Name = \"${var.env}-public-${count.index + 1}\"\n }\n}\n\n\nresource \"aws_route_table\" \"public_subnets\" {\n vpc_id = aws_vpc.main.id\n route {\n cidr_block = \"0.0.0.0/0\"\n gateway_id = aws_internet_gateway.main.id\n }\n tags = {\n Name = \"${var.env}-route-public-subnets\"\n }\n}\n\nresource \"aws_route_table_association\" \"public_routes\" {\n count = length(aws_subnet.public_subnets[*].id)\n route_table_id = aws_route_table.public_subnets.id\n subnet_id = element(aws_subnet.public_subnets[*].id, count.index)\n}\n\n\n#-----NAT Gateways with Elastic IPs--------------------------\n\n\nresource \"aws_eip\" \"nat\" {\n count = length(var.private_subnet_cidrs)\n domain = \"vpc\"\n tags = {\n Name = \"${var.env}-nat-gw-${count.index + 1}\"\n }\n}\n\nresource \"aws_nat_gateway\" \"nat\" {\n count = length(var.private_subnet_cidrs)\n allocation_id = aws_eip.nat[count.index].id\n subnet_id = element(aws_subnet.public_subnets[*].id, count.index)\n tags = {\n Name = \"${var.env}-nat-gw-${count.index + 1}\"\n }\n}\n\n\n#--------------Private Subnets and Routing-------------------------\n\nresource \"aws_subnet\" \"private_subnets\" {\n count = length(var.private_subnet_cidrs)\n vpc_id = aws_vpc.main.id\n cidr_block = element(var.private_subnet_cidrs, count.index)\n availability_zone = data.aws_availability_zones.available.names[count.index]\n tags = {\n Name = \"${var.env}-private-${count.index + 1}\"\n }\n}\n\nresource \"aws_route_table\" \"private_subnets\" {\n count = length(var.private_subnet_cidrs)\n vpc_id = aws_vpc.main.id\n route {\n cidr_block = \"0.0.0.0/0\"\n gateway_id = aws_nat_gateway.nat[count.index].id\n }\n tags = {\n Name = \"${var.env}-route-private-subnet-${count.index + 1}\"\n }\n}\n\nresource \"aws_route_table_association\" \"private_routes\" {\n count = length(aws_subnet.private_subnets[*].id)\n route_table_id = aws_route_table.private_subnets[count.index].id\n subnet_id = element(aws_subnet.private_subnets[*].id, count.index)\n}\n\n#==============================================================\n" }, { "path": "Lesson-21/modules/aws_network/outputs.tf", "content": "output \"vpc_id\" {\n value = aws_vpc.main.id\n}\n\noutput \"vpc_cidr\" {\n value = aws_vpc.main.cidr_block\n}\n\noutput \"public_subnet_ids\" {\n value = aws_subnet.public_subnets[*].id\n}\n\noutput \"private_subnet_ids\" {\n value = aws_subnet.private_subnets[*].id\n}\n" }, { "path": "Lesson-21/modules/aws_network/variables.tf", "content": "variable \"vpc_cidr\" {\n default = \"10.0.0.0/16\"\n}\n\nvariable \"env\" {\n default = \"dev\"\n}\n\nvariable \"public_subnet_cidrs\" {\n default = [\n \"10.0.1.0/24\",\n \"10.0.2.0/24\",\n \"10.0.3.0/24\"\n ]\n}\n\nvariable \"private_subnet_cidrs\" {\n default = [\n \"10.0.11.0/24\",\n \"10.0.22.0/24\",\n \"10.0.33.0/24\"\n ]\n}\n" }, { "path": "Lesson-21/modules/aws_security_group/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-21/modules/aws_something/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-21/projectA/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Use Our Terraform Module to create AWS VPC Networks\n#\n# Made by Denis Astahov. Summer 2019\n#----------------------------------------------------------\nprovider \"aws\" {\n region = var.region\n}\n\nmodule \"vpc-default\" {\n source = \"../modules/aws_network\"\n // source = \"git@github.com:adv4000/terraform-modules.git//aws_network\"\n}\n\nmodule \"vpc-dev\" {\n source = \"../modules/aws_network\"\n // source = \"git@github.com:adv4000/terraform-modules.git//aws_network\"\n env = \"dev\"\n vpc_cidr = \"10.100.0.0/16\"\n public_subnet_cidrs = [\"10.100.1.0/24\", \"10.100.2.0/24\"]\n private_subnet_cidrs = []\n}\n\nmodule \"vpc-prod\" {\n source = \"../modules/aws_network\"\n // source = \"git@github.com:adv4000/terraform-modules.git//aws_network\"\n env = \"prod\"\n vpc_cidr = \"10.10.0.0/16\"\n public_subnet_cidrs = [\"10.10.1.0/24\", \"10.10.2.0/24\", \"10.10.3.0/24\"]\n private_subnet_cidrs = [\"10.10.11.0/24\", \"10.10.22.0/24\", \"10.10.33.0/24\"]\n}\n\nmodule \"vpc-test\" {\n source = \"../modules/aws_network\"\n // source = \"git@github.com:adv4000/terraform-modules.git//aws_network\"\n env = \"staging\"\n vpc_cidr = \"10.10.0.0/16\"\n public_subnet_cidrs = [\"10.10.1.0/24\", \"10.10.2.0/24\"]\n private_subnet_cidrs = [\"10.10.11.0/24\", \"10.10.22.0/24\"]\n}\n#===============================================\n" }, { "path": "Lesson-21/projectA/outputs.tf", "content": "\noutput \"prod_public_subnet_ids\" {\n value = module.vpc-prod.public_subnet_ids\n}\n\noutput \"prod_private_subnet_ids\" {\n value = module.vpc-prod.private_subnet_ids\n}\n\noutput \"dev_public_subnet_ids\" {\n value = module.vpc-dev.public_subnet_ids\n}\n\noutput \"dev_private_subnet_ids\" {\n value = module.vpc-dev.private_subnet_ids\n}\n" }, { "path": "Lesson-21/projectA/variables.tf", "content": "variable \"region\" {\n description = \"AWS Region where to provision VPC Network\"\n default = \"eu-north-1\"\n}\n" }, { "path": "Lesson-22/ProjectXYZ/dev/kms/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/network/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/route53/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/s3/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/vpc/applications/app1/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"dev/vpc/applications/app1/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/dev/vpc/applications/app2/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"dev/vpc/applications/app2/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/dev/vpc/databases/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/vpc/ecs_cluster/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/dev/vpc/vpn/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/kms/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/network/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/route53/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/s3/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/vpc/applications/app1/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"prod/vpc/applications/app1/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/prod/vpc/applications/app2/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"prod/vpc/applications/app2/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/prod/vpc/databases/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/vpc/ecs_cluster/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/prod/vpc/vpn/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/kms/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/network/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/route53/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/s3/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/vpc/applications/app1/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"staging/vpc/applications/app1/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/staging/vpc/applications/app2/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"staging/vpc/applications/app2/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-east-1\" // Region where bycket created\n }\n}\n" }, { "path": "Lesson-22/ProjectXYZ/staging/vpc/databases/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/vpc/ecs_cluster/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/ProjectXYZ/staging/vpc/vpn/main.tf", "content": "Future Terraform Code :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/README.MD", "content": "# Terraform Folder Hierarchy for Multi Environment example\n\n\nTerraform Modules better to keep in GitHub or BitBucket, otherwise in separate folder.\n```\n.\n├── modules\n│   ├── aws_network\n│   ├── aws_security_group\n│   └── aws_something\n└── ProjectXYZ\n ├── dev\n │   ├── kms\n │   ├── network\n │   ├── route53\n │   ├── s3\n │   └── vpc\n │   ├── applications\n │   │   ├── app1\n │   │   └── app2\n │   ├── databases\n │   ├── ecs_cluster\n │   └── vpn\n ├── prod\n │   ├── kms\n │   ├── network\n │   ├── route53\n │   ├── s3\n │   └── vpc\n │   ├── applications\n │   │   ├── app1\n │   │   └── app2\n │   ├── databases\n │   ├── ecs_cluster\n │   └── vpn\n └── staging\n ├── kms\n ├── network\n ├── route53\n ├── s3\n └── vpc\n ├── applications\n │   ├── app1\n │   └── app2\n ├── databases\n ├── ecs_cluster\n └── vpn\n```\n\n# ----------------------------\n" }, { "path": "Lesson-22/modules/aws_network/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/modules/aws_security_group/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-22/modules/aws_something/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-23/globalvars/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Global Variables in Remote State on S3\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"denis-astahov-project-kgb-terraform-state\"\n key = \"globalvars/terraform.tfstate\"\n region = \"us-east-1\"\n }\n}\n\n#==================================================\n\noutput \"company_name\" {\n value = \"ANDESA Soft International\"\n}\n\noutput \"owner\" {\n value = \"Denis Astahov\"\n}\n\noutput \"tags\" {\n value = {\n Project = \"Assembly-2020\"\n CostCenter = \"R&D\"\n Country = \"Canada\"\n }\n}\n" }, { "path": "Lesson-23/stack1/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Use Global Variables from Remote State\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\ndata \"terraform_remote_state\" \"global\" {\n backend = \"s3\"\n config = {\n bucket = \"denis-astahov-project-kgb-terraform-state\"\n key = \"globalvars/terraform.tfstate\"\n region = \"us-east-1\"\n }\n}\n\nlocals {\n company_name = data.terraform_remote_state.global.outputs.company_name\n owner = data.terraform_remote_state.global.outputs.owner\n common_tags = data.terraform_remote_state.global.outputs.tags\n}\n#---------------------------------------------------------------------\n\nresource \"aws_vpc\" \"vpc1\" {\n cidr_block = \"10.0.0.0/16\"\n tags = {\n Name = \"Stack1-VPC1\"\n Company = local.company_name\n Owner = local.owner\n }\n}\n\n\nresource \"aws_vpc\" \"vpc2\" {\n cidr_block = \"10.0.0.0/16\"\n tags = merge(local.common_tags, { Name = \"Stack1-VPC2\" })\n}\n" }, { "path": "Lesson-23/stack2/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Use Global Variables from Remote State\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nprovider \"aws\" {\n region = \"ca-central-1\"\n}\n\ndata \"terraform_remote_state\" \"global\" {\n backend = \"s3\"\n config = {\n bucket = \"denis-astahov-project-kgb-terraform-state\"\n key = \"globalvars/terraform.tfstate\"\n region = \"us-east-1\"\n }\n}\n\nlocals {\n company_name = data.terraform_remote_state.global.outputs.company_name\n owner = data.terraform_remote_state.global.outputs.owner\n common_tags = data.terraform_remote_state.global.outputs.tags\n}\n#---------------------------------------------------------------------\n\nresource \"aws_vpc\" \"vpc1\" {\n cidr_block = \"10.0.0.0/16\"\n tags = {\n Name = \"Stack2-VPC1\"\n Company = local.company_name\n Owner = local.owner\n }\n}\n\n\nresource \"aws_vpc\" \"vpc2\" {\n cidr_block = \"10.0.0.0/16\"\n tags = merge(local.common_tags, { Name = \"Stack2-VPC2\" })\n}\n" }, { "path": "Lesson-24/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n#\n# Use Terraform with GCP - Google Cloud Platform\n#\n# Made by Denis Astahov\n#\n#-----------------------------------------------------------\n//export GOOGLE_CLOUD_KEYFILE_JSON=\"gcp-creds.json\"\n\nprovider \"google\" {\n credentials = file(\"mygcp-creds.json\")\n project = \"my-gcp-project-238521\"\n region = \"us-west1\"\n zone = \"us-west1-c\"\n}\n\nresource \"google_compute_instance\" \"my_server\" {\n name = \"my-gcp-server\"\n machine_type = \"f1-micro\"\n boot_disk {\n initialize_params {\n image = \"debian-cloud/debian-9\"\n }\n }\n\n network_interface {\n network = \"default\"\n }\n}\n" }, { "path": "Lesson-24/mygcp-creds.json", "content": "// Fake Credentials file, but should look like this\n{\n \"type\": \"service_account\",\n \"project_id\": \"my-gcp-project-xyzxyz\",\n \"private_key_id\": \"d6fasdasfasfasf935f7\",\n \"private_key\": \"-----BEGIN PRIVATE KEY-----\\nA0xFAafq5visBkpMBDscO5YIQ+w=\\n-----END PRIVATE KEY-----\\n\",\n \"client_email\": \"tf-22-677@my-gcp-project-xyzxyz.iam.gserviceaccount.com\",\n \"client_id\": \"34623523523523523\",\n \"auth_uri\": \"https://accounts.astahov.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.astahov.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.astahov.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.astahov.com/robot/v1/metadata/x509/tf-22-677%40my-gcp-project-xyzxyz.iam.gserviceaccount.com\"\n}\n" }, { "path": "Lesson-25/README.MD", "content": "\n## Officail Terraform website\nhttps://www.terraform.io/\n\n## A Comprehensive Guide to Terraform - blog\nhttps://blog.gruntwork.io/a-comprehensive-guide-to-terraform-b3d32832baca\n\n## Terraform: Up & Running: Writing Infrastructure as Code - book\nhttps://www.amazon.ca/Terraform-Running-Writing-Infrastructure-Code/dp/1492046906/\n\n## Collection of Terraform AWS modules supported by the community\nhttps://github.com/terraform-aws-modules\n\n## Source Code for All Terraform Lessons\nhttps://github.com/adv4000/terraform-lessons\n" }, { "path": "Lesson-26/import-begin.tf", "content": "# terraform import aws_instance.node1 i-0417da3dfcfd6e059\n# terraform import aws_instance.node2 i-0b92baf1fa014b3e2\n# terraform import aws_instance.node3 i-0ca6e4b3d52437673\n# terraform import aws_security_group.nomad sg-0bb76870a0cbc887a\n\nresource \"aws_instance\" \"node1\" {\n\n}\n\nresource \"aws_instance\" \"node2\" {\n\n}\n\nresource \"aws_instance\" \"node3\" {\n\n}\n\nresource \"aws_security_group\" \"nomad\" {\n\n}\n" }, { "path": "Lesson-26/import-finish.tf", "content": "resource \"aws_instance\" \"node1\" {\n ami = \"ami-0a634ae95e11c6f91\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.nomad.id]\n ebs_optimized = true\n tags = {\n Name = \"Nomad Ubuntu Node-1\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node2\" {\n ami = \"ami-0a634ae95e11c6f91\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.nomad.id]\n ebs_optimized = true\n tags = {\n Name = \"Nomad Ubuntu Node-2\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node3\" {\n ami = \"ami-0a634ae95e11c6f91\"\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.nomad.id]\n ebs_optimized = true\n tags = {\n Name = \"Nomad Ubuntu Node-3\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\nresource \"aws_security_group\" \"nomad\" {\n description = \"Nomad\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 0\n to_port = 65535\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n tags = {\n Name = \"Nomad Cluster\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-27/main.tf", "content": "# Up to Terraform v0.15.1\n# terraform taint aws_instance.node2\n#\nprovider \"aws\" {\n region = \"us-west-1\"\n}\n\nresource \"aws_instance\" \"node1\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-1\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node2\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-2\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node3\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-3\"\n Owner = \"Denis Astahov\"\n }\n depends_on = [aws_instance.node2]\n}\n" }, { "path": "Lesson-27-v0.15.2+/main.tf", "content": "# Since Terraform v0.15.2\n# terraform apply -replace aws_instance.node2\n#\nprovider \"aws\" {\n region = \"us-west-1\"\n}\n\nresource \"aws_instance\" \"node1\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-1\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node2\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-2\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_instance\" \"node3\" {\n ami = \"ami-05655c267c89566dd\"\n instance_type = \"t3.micro\"\n tags = {\n Name = \"Node-3\"\n Owner = \"Denis Astahov\"\n }\n depends_on = [aws_instance.node2]\n}\n" }, { "path": "Lesson-28/new-prod/config.tf", "content": "provider \"aws\" {\n region = \"us-west-2\" // Region where to Create Resources\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"adv-it-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"new-prod/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-west-2\" // Region where bucket is created\n }\n}\n" }, { "path": "Lesson-28/new-prod/ip-prod.tf", "content": "resource \"aws_eip\" \"prod-ip1\" { domain = \"vpc\" } # Need to add in new AWS Provider version\nresource \"aws_eip\" \"prod-ip2\" { domain = \"vpc\" } # Need to add in new AWS Provider version\n" }, { "path": "Lesson-28/new-prod/main.tf", "content": "data \"aws_availability_zones\" \"available\" {}\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n" }, { "path": "Lesson-28/new-prod/web-prod.tf", "content": "resource \"aws_instance\" \"web-prod\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web-prod.id]\n user_data = <PROD WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"PROD WebServer\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_security_group\" \"web-prod\" {\n name = \"WebServer SG Prod\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-28/new-staging/config.tf", "content": "provider \"aws\" {\n region = \"us-west-2\" // Region where to Create Resources\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"adv-it-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"new-staging/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-west-2\" // Region where bucket is created\n }\n}\n" }, { "path": "Lesson-28/new-staging/ip-stag.tf", "content": "resource \"aws_eip\" \"stag-ip1\" { vpc = true } # Need to add in new AWS Provider version\nresource \"aws_eip\" \"stag-ip2\" { vpc = true } # Need to add in new AWS Provider version\n" }, { "path": "Lesson-28/new-staging/main.tf", "content": "data \"aws_availability_zones\" \"available\" {}\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n" }, { "path": "Lesson-28/new-staging/web-stag.tf", "content": "resource \"aws_instance\" \"web-stag\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web-stag.id]\n user_data = <STAG WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"STAG WebServer\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_security_group\" \"web-stag\" {\n name = \"WebServer SG Stag\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-28/old-all/config.tf", "content": "provider \"aws\" {\n region = \"us-west-2\" // Region where to Create Resources\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"adv-it-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"old-all/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-west-2\" // Region where bucket is created\n }\n}\n" }, { "path": "Lesson-28/old-all/ip-prod.tf", "content": "resource \"aws_eip\" \"prod-ip1\" { domain = \"vpc\" } # Need to add in new AWS Provider version\nresource \"aws_eip\" \"prod-ip2\" { domain = \"vpc\" } # Need to add in new AWS Provider version\n" }, { "path": "Lesson-28/old-all/ip-stag.tf", "content": "resource \"aws_eip\" \"stag-ip1\" { domain = \"vpc\" } # Need to add in new AWS Provider version\nresource \"aws_eip\" \"stag-ip2\" { domain = \"vpc\" } # Need to add in new AWS Provider version\n" }, { "path": "Lesson-28/old-all/main.tf", "content": "data \"aws_availability_zones\" \"available\" {}\ndata \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\n\nresource \"aws_eip\" \"myip-prod\" {}\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n" }, { "path": "Lesson-28/old-all/web-prod.tf", "content": "resource \"aws_instance\" \"web-prod\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web-prod.id]\n user_data = <PROD WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"PROD WebServer\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_security_group\" \"web-prod\" {\n name = \"WebServer SG Prod\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-28/old-all/web-stag.tf", "content": "resource \"aws_instance\" \"web-stag\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web-stag.id]\n user_data = <STAG WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"STAG WebServer\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_security_group\" \"web-stag\" {\n name = \"WebServer SG Stag\"\n description = \"My First SecurityGroup\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-29/config.tf", "content": "provider \"aws\" {\n region = \"us-west-2\" // Region where to Create Resources\n}\n\nterraform {\n backend \"s3\" {\n bucket = \"adv-it-terraform-state\" // Bucket where to SAVE Terraform State\n key = \"prod/terraform.tfstate\" // Object name in the bucket to SAVE Terraform State\n region = \"us-west-2\" // Region where bucket is created\n }\n}\n" }, { "path": "Lesson-29/main.tf", "content": "data \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\nresource \"aws_instance\" \"web\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = \"t3.micro\"\n vpc_security_group_ids = [aws_security_group.web.id]\n user_data = <PROD WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"PROD WebServer - ${terraform.workspace}\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_security_group\" \"web\" {\n name_prefix = \"WebServer SG Prod\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"Web Server SecurityGroup - ${terraform.workspace}\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_eip\" \"web\" {\n vpc = true # Need to add in new AWS Provider version\n instance = aws_instance.web.id\n tags = {\n Name = \"PROD WebServer IP - ${terraform.workspace}\"\n Owner = \"Denis Astahov\"\n }\n}\n\n####################################\noutput \"web_public_ip\" {\n value = aws_eip.web.public_ip\n}\n" }, { "path": "Lesson-30/main.tf", "content": "data \"aws_ami\" \"latest_amazon_linux\" {\n owners = [\"amazon\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"amzn2-ami-hvm-*-x86_64-gp2\"]\n }\n}\n\nresource \"aws_instance\" \"web\" {\n ami = data.aws_ami.latest_amazon_linux.id\n instance_type = var.server_size\n vpc_security_group_ids = [aws_security_group.web.id]\n user_data = <${var.server_name}-WebServer with IP: $myip
Build by Terraform!\" > /var/www/html/index.html\nsudo service httpd start\nchkconfig httpd on\nEOF\n\n tags = {\n Name = \"${var.server_name}-WebServer\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_default_vpc\" \"default\" {} # This need to be added since AWS Provider v4.29+ to get VPC id\n\nresource \"aws_security_group\" \"web\" {\n name_prefix = \"${var.server_name}-WebServer-SG\"\n vpc_id = aws_default_vpc.default.id # This need to be added since AWS Provider v4.29+ to set VPC id\n\n ingress {\n from_port = 80\n to_port = 80\n protocol = \"tcp\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n egress {\n from_port = 0\n to_port = 0\n protocol = \"-1\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n\n tags = {\n Name = \"${var.server_name}-WebServer SecurityGroup\"\n Owner = \"Denis Astahov\"\n }\n}\n\nresource \"aws_eip\" \"web\" {\n domain = \"vpc\" # Need to add in new AWS Provider version\n instance = aws_instance.web.id\n tags = {\n Name = \"${var.server_name}-WebServer-IP\"\n Owner = \"Denis Astahov\"\n }\n}\n" }, { "path": "Lesson-30/outputs.tf", "content": "output \"web_public_ip\" {\n value = aws_eip.web.public_ip\n}\n" }, { "path": "Lesson-30/variables.tf", "content": "variable \"server_name\" {\n description = \"Name for WebServer\"\n type = string\n default = \"demo\"\n}\n\n\nvariable \"server_size\" {\n description = \"Server Size for WebServer\"\n type = string\n default = \"t3.micro\"\n}\n" }, { "path": "Lesson-31/main.tf", "content": "provider \"aws\" {\n region = var.region\n}\n\n\nmodule \"vpc-dev\" {\n source = \"./modules/aws_network\"\n env = \"dev\"\n vpc_cidr = var.vpc_settings[\"dev\"]\n}\n\nmodule \"vpc-staging\" {\n source = \"./modules/aws_network\"\n env = \"stag\"\n vpc_cidr = var.vpc_settings[\"stag\"]\n}\n\nmodule \"vpc-prod\" {\n source = \"./modules/aws_network\"\n env = \"prod\"\n vpc_cidr = var.vpc_settings[\"prod\"]\n\n depends_on = [module.vpc-dev, module.vpc-staging] # <--Supported only in Terraform 0.13+\n}\n\nmodule \"vpc\" {\n count = 2 # <--Supported only in Terraform 0.13+\n source = \"./modules/aws_network\"\n env = \"demo-${count.index + 1}\"\n}\n\nmodule \"vpc_list\" {\n for_each = var.vpc_settings # <--Supported only in Terraform 0.13+\n source = \"./modules/aws_network\"\n env = each.key\n vpc_cidr = each.value\n}\n" }, { "path": "Lesson-31/modules/aws_network/main.tf", "content": "#----------------------------------------------------------\n# My Terraform\n# Provision:\n# - VPC\n# - Internet Gateway\n\n# Made by Denis Astahov. Summer 2020\n#----------------------------------------------------------\n\n#==============================================================\n\ndata \"aws_availability_zones\" \"available\" {}\n\nresource \"aws_vpc\" \"main\" {\n cidr_block = var.vpc_cidr\n tags = {\n Name = \"${var.env}-vpc\"\n }\n}\n\nresource \"aws_internet_gateway\" \"main\" {\n vpc_id = aws_vpc.main.id\n tags = {\n Name = \"${var.env}-igw\"\n }\n}\n" }, { "path": "Lesson-31/modules/aws_network/outputs.tf", "content": "output \"vpc_id\" {\n value = aws_vpc.main.id\n}\n\noutput \"vpc_cidr\" {\n value = aws_vpc.main.cidr_block\n}\n" }, { "path": "Lesson-31/modules/aws_network/variables.tf", "content": "variable \"vpc_cidr\" {\n default = \"10.0.0.0/16\"\n}\n\nvariable \"env\" {\n default = \"demo\"\n}\n" }, { "path": "Lesson-31/modules/aws_security_group/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-31/modules/aws_something/main.tf", "content": "Future Terraform Module :)\n\nDo it yourself!\n" }, { "path": "Lesson-31/variables.tf", "content": "variable \"vpc_settings\" {\n default = {\n prod = \"10.10.0.0/16\",\n stag = \"10.20.0.0/16\"\n dev = \"10.30.0.0/16\"\n }\n}\n\nvariable \"region\" {\n type = string\n default = \"eu-west-1\"\n\n validation {\n condition = substr(var.region, 0, 3) == \"eu-\"\n error_message = \"Must be an EUROPE AWS Region, like \\\"eu-\\\".\"\n }\n}\n" }, { "path": "Lesson-32/main.tf", "content": "provider \"aws\" { // My Root Account\n region = \"us-west-2\"\n}\n\nprovider \"aws\" { // My DEV Account\n region = \"us-west-1\"\n alias = \"dev\"\n\n assume_role {\n role_arn = \"arn:aws:iam::639130796919:role/TerraformRole\"\n }\n}\n\nprovider \"aws\" { // My PROD Account\n region = \"ca-central-1\"\n alias = \"prod\"\n\n assume_role {\n role_arn = \"arn:aws:iam::032823347814:role/TerraformRole\"\n }\n}\n#--------------------------------------------------------------\n\nmodule \"servers\" {\n source = \"./module_servers\"\n instance_type = \"t3.small\"\n providers = {\n aws.root = aws\n aws.prod = aws.prod\n aws.dev = aws.dev\n }\n}\n" }, { "path": "Lesson-32/module_servers/main.tf", "content": "terraform {\n required_providers {\n aws = {\n source = \"hashicorp/aws\"\n configuration_aliases = [\n aws.root,\n aws.prod,\n aws.dev\n ]\n }\n }\n}\n#----------------------------------------------\ndata \"aws_ami\" \"latest_ubuntu20_root\" {\n provider = aws.root\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\"]\n }\n}\n\ndata \"aws_ami\" \"latest_ubuntu20_prod\" {\n provider = aws.prod\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\"]\n }\n}\n\ndata \"aws_ami\" \"latest_ubuntu20_dev\" {\n provider = aws.dev\n owners = [\"099720109477\"]\n most_recent = true\n filter {\n name = \"name\"\n values = [\"ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*\"]\n }\n}\n\n\n#-------------------------------------------------------------------\nresource \"aws_instance\" \"server_root\" {\n provider = aws.root\n ami = data.aws_ami.latest_ubuntu20_root.id\n instance_type = var.instance_type\n tags = { Name = \"Server-ROOT\" }\n}\n\nresource \"aws_instance\" \"server_prod\" {\n provider = aws.prod\n ami = data.aws_ami.latest_ubuntu20_prod.id\n instance_type = var.instance_type\n tags = { Name = \"Server-PROD\" }\n}\n\nresource \"aws_instance\" \"server_dev\" {\n provider = aws.dev\n ami = data.aws_ami.latest_ubuntu20_dev.id\n instance_type = var.instance_type\n tags = { Name = \"Server-DEV\" }\n}\n" }, { "path": "Lesson-32/module_servers/variables.tf", "content": "variable \"instance_type\" {\n default = \"t3.micro\"\n}\n" }, { "path": "Lesson-33/iam_groups.tf", "content": "#----------------------------------------------------------\n# Terraform - From Zero to Certified Professional\n#\n# Create IAM Groups from the map\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nlocals {\n group_map_with_key = { for item in var.iam_group_map : item.group_name => item }\n}\n\n#===============================================================================\noutput \"iam_group_map_with_key\" {\n value = local.group_map_with_key\n}\n\n#===============================================================================\nresource \"aws_iam_group\" \"this\" {\n for_each = local.group_map_with_key\n name = each.key\n}\n#===============================================================================\n" }, { "path": "Lesson-33/iam_groups_policies.tf", "content": "#----------------------------------------------------------\n# Terraform - From Zero to Certified Professional\n#\n# Create IAM Group Policies from the map\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\n\nlocals {\n group_policy_map_setproduct = [\n for item in var.iam_group_map :\n setproduct([item.group_name], item.group_policies)\n ]\n\n group_policy_map_setproduct_pairs = [\n for item in var.iam_group_map : [\n for pair in setproduct([item.group_name], item.group_policies) : {\n group_name = pair[0]\n group_policy = pair[1]\n }\n ]\n ]\n\n group_policy_map_setproduct_pairs_flatten = flatten(local.group_policy_map_setproduct_pairs)\n\n group_policy_map_setproduct_pairs_flatten_with_key = {\n for item in local.group_policy_map_setproduct_pairs_flatten :\n \"${item.group_name}__${item.group_policy}\" => item\n }\n\n\n group_map_converted = {\n for flatitem in flatten([\n for item in var.iam_group_map : [\n for pair in setproduct([item.group_name], item.group_policies) : {\n group_name = pair[0]\n group_policy = pair[1]\n }\n ]\n ]) :\n \"${flatitem.group_name}__${flatitem.group_policy}\" => flatitem\n }\n}\n\n#===============================================================================\noutput \"map_setproduct\" {\n value = local.group_policy_map_setproduct\n}\n\noutput \"map_setproduct_pairs\" {\n value = local.group_policy_map_setproduct_pairs\n}\n\noutput \"map_setproduct_pairs_flatten\" {\n value = local.group_policy_map_setproduct_pairs_flatten\n}\n\noutput \"map_setproduct_pairs_flatten_with_key\" {\n value = local.group_policy_map_setproduct_pairs_flatten_with_key\n}\n\noutput \"map_xconverted\" {\n value = local.group_map_converted\n}\n#===============================================================================\nresource \"aws_iam_group_policy_attachment\" \"this\" {\n for_each = local.group_map_converted\n group = each.value.group_name\n policy_arn = each.value.group_policy\n depends_on = [aws_iam_group.this]\n}\n#===============================================================================\n" }, { "path": "Lesson-33/variables.tf", "content": "variable \"iam_group_map\" {\n default = [\n {\n group_name = \"Developers\"\n group_policies = [\n \"arn:aws:iam::aws:policy/AWSProtonDeveloperAccess\",\n \"arn:aws:iam::aws:policy/AWSCodeBuildDeveloperAccess\"\n ]\n },\n {\n group_name = \"SysOps\"\n group_policies = [\n \"arn:aws:iam::aws:policy/job-function/SystemAdministrator\",\n \"arn:aws:iam::aws:policy/job-function/NetworkAdministrator\",\n \"arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess\"\n ]\n },\n {\n group_name = \"Administrators\"\n group_policies = [\"arn:aws:iam::aws:policy/AdministratorAccess\"]\n },\n {\n group_name = \"SecurityAuditors\"\n group_policies = [\n \"arn:aws:iam::aws:policy/SecurityAudit\",\n \"arn:aws:iam::aws:policy/AWSSecurityHubReadOnlyAccess\"\n ]\n }\n ]\n}\n" }, { "path": "Lesson-34/main.tf", "content": "#----------------------------------------------------------\n# Build EC2 Instace using AWS Provider VS AWSCC Provider\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"us-west-2\"\n}\n\nprovider \"awscc\" {\n region = \"us-west-2\"\n}\n\nvariable \"tags\" {\n description = \"Tags to apply\"\n type = map(any)\n default = {\n Owner = \"Denis Astahov\"\n Project = \"Phoenix\"\n }\n}\n\n\n# Reformat Tags from MAP(ANY) to List of MAPS\nlocals {\n awscc_reformat_tags = [\n for tagKey, tagValue in var.tags :\n {\n key = tagKey\n value = tagValue\n }\n ]\n}\n\n# Create EC2 Instance using AWS Provider\nresource \"aws_instance\" \"my_ubuntu\" {\n ami = \"ami-06e54d05255faf8f6\"\n instance_type = \"t3.micro\"\n tags = merge(\n {\n Name = \"Server-created-by-AWS-Provider\"\n },\n var.tags)\n}\n\n# Create EC2 Instance using AWSCC Provider\nresource \"awscc_ec2_instance\" \"my_ubuntu\" {\n image_id = \"ami-06e54d05255faf8f6\"\n instance_type = \"t3.micro\"\n tags = concat(\n [\n {\n key = \"Name\",\n value = \"Server-created-by-AWSCC-Provider\"\n }\n ],\n local.awscc_reformat_tags)\n}\n" }, { "path": "Lesson-35/deployments/dev/config.tf", "content": "terraform {\n backend \"s3\" {\n bucket = \"astahov-terraform-remote-state\" # Bucket where to SAVE Terraform State\n key = \"dev/terraform.tfstate\" # Object name in the bucket to SAVE Terraform State\n region = \"ca-west-1\" # Region where bucket created\n use_lockfile = true\n }\n}\n\nprovider \"aws\" {\n region = \"ca-west-1\" # Region where to create resources\n\n default_tags {\n tags = {\n Owner = \"Denis Astahov\"\n Project = \"Terraform From Zero to Professional\"\n }\n }\n}\n" }, { "path": "Lesson-35/deployments/dev/main.tf", "content": "module \"vpc\" {\n source = \"../../module-aws-vpc\"\n\n environment = \"dev\"\n vpc_cidr = \"10.10.0.0/16\"\n subnet_cidrs = [\n \"10.10.1.0/24\",\n \"10.10.2.0/24\"\n ]\n}\n\nmodule \"database\" {\n source = \"../../module-aws-rds\"\n\n environment = \"dev\"\n name = \"astahov-db\"\n engine = \"mysql\"\n engine_version = \"8.4\"\n db_cluster_instance_class = \"db.t3.micro\"\n db_name = \"mydatabase\"\n username = \"dbadmin\"\n multi_az = false\n allocated_storage = 20\n port = 1433\n vpc_id = module.vpc.vpc_id\n subnet_ids = module.vpc.subnet_ids\n cidr_blocks = [module.vpc.vpc_cidr]\n tags = {\n ProjectCode = \"5674848\"\n }\n}\n" }, { "path": "Lesson-35/deployments/prod/config.tf", "content": "terraform {\n backend \"s3\" {\n bucket = \"astahov-terraform-remote-state\" # Bucket where to SAVE Terraform State\n key = \"prod/terraform.tfstate\" # Object name in the bucket to SAVE Terraform State\n region = \"ca-west-1\" # Region where bucket created\n use_lockfile = true\n }\n}\n\nprovider \"aws\" {\n region = \"ca-west-1\" # Region where to create resources\n\n default_tags {\n tags = {\n Owner = \"Denis Astahov\"\n Project = \"Terraform From Zero to Professional\"\n }\n }\n}\n" }, { "path": "Lesson-35/deployments/prod/main.tf", "content": "module \"vpc\" {\n source = \"../../module-aws-vpc\"\n\n environment = \"prod\"\n vpc_cidr = \"10.20.0.0/16\"\n subnet_cidrs = [\n \"10.20.1.0/24\",\n \"10.20.2.0/24\"\n ]\n}\n\nmodule \"database\" {\n source = \"../../module-aws-rds\"\n\n environment = \"prod\"\n name = \"astahov-db\"\n engine = \"mysql\"\n engine_version = \"8.4\"\n db_cluster_instance_class = \"db.t3.small\"\n db_name = \"mydatabase\"\n username = \"dbadmin\"\n multi_az = true\n allocated_storage = 20\n port = 1433\n vpc_id = module.vpc.vpc_id\n subnet_ids = module.vpc.subnet_ids\n cidr_blocks = [module.vpc.vpc_cidr]\n}\n" }, { "path": "Lesson-35/module-aws-rds/main.tf", "content": "resource \"aws_db_instance\" \"this\" {\n identifier = \"${var.environment}-${var.name}\"\n allocated_storage = var.allocated_storage\n max_allocated_storage = var.max_allocated_storage\n engine = var.engine\n engine_version = var.engine_version\n instance_class = var.db_cluster_instance_class\n storage_type = var.storage_type\n username = var.username\n password = random_password.rds_password.result\n skip_final_snapshot = true\n copy_tags_to_snapshot = true\n vpc_security_group_ids = [aws_security_group.rds_sg.id]\n db_subnet_group_name = aws_db_subnet_group.rds_subnet_group.name\n port = var.port\n backup_retention_period = var.backup_retention_period\n storage_encrypted = var.storage_encrypted\n multi_az = var.multi_az\n db_name = var.db_name\n tags = var.tags\n}\n\nresource \"random_password\" \"rds_password\" {\n length = var.password_length\n special = false\n upper = true\n lower = true\n numeric = true\n}\n\nresource \"aws_security_group\" \"rds_sg\" {\n name = \"${var.environment}-${var.name}-rds-sg\"\n vpc_id = var.vpc_id\n description = \"Security group for RDS instance\"\n\n ingress {\n from_port = var.port\n to_port = var.port\n protocol = \"tcp\"\n cidr_blocks = var.cidr_blocks\n }\n\n tags = merge(var.tags, { \"Name\" = \"${var.environment}-${var.name}-rds-sg\" })\n lifecycle {\n create_before_destroy = true\n }\n}\n\nresource \"aws_db_subnet_group\" \"rds_subnet_group\" {\n name = \"${var.environment}-${var.name}-subnet-group\"\n subnet_ids = var.subnet_ids\n tags = var.tags\n lifecycle {\n create_before_destroy = true\n }\n}\n\n\nresource \"aws_ssm_parameter\" \"rds_instance_host\" {\n name = \"/${var.environment}/rds/${var.name}/db_host\"\n type = \"String\"\n value = aws_db_instance.this.address\n tags = var.tags\n}\n\nresource \"aws_ssm_parameter\" \"rds_instance_port\" {\n name = \"/${var.environment}/rds/${var.name}/db_port\"\n type = \"String\"\n value = aws_db_instance.this.port\n tags = var.tags\n}\n\nresource \"aws_ssm_parameter\" \"rds_instance_username\" {\n name = \"/${var.environment}/rds/${var.name}/db_username\"\n type = \"String\"\n value = aws_db_instance.this.username\n tags = var.tags\n}\n\nresource \"aws_ssm_parameter\" \"rds_instance_password\" {\n name = \"/${var.environment}/rds/${var.name}/db_password\"\n type = \"SecureString\"\n value = random_password.rds_password.result\n tags = var.tags\n}\n" }, { "path": "Lesson-35/module-aws-rds/outputs.tf", "content": "\noutput \"rds_instance_endpoint\" {\n value = aws_db_instance.this.endpoint\n}\n\noutput \"rds_instance_port\" {\n value = aws_db_instance.this.port\n}\n\noutput \"rds_instance_username\" {\n value = aws_db_instance.this.username\n}\n\noutput \"rds_instance_password_ssm_arn\" {\n value = aws_ssm_parameter.rds_instance_password.arn\n}\n\noutput \"rds_instance_identifier\" {\n value = aws_db_instance.this.identifier\n}\n" }, { "path": "Lesson-35/module-aws-rds/variables.tf", "content": "variable \"name\" {\n description = \"A unique identifier for the RDS instance\"\n type = string\n}\n\nvariable \"engine\" {\n description = \"The name of the database engine to be used for this DB instance\"\n}\n\nvariable \"engine_version\" {\n description = \"The version number of the database engine to use\"\n}\n\nvariable \"username\" {\n description = \"Master username for the database\"\n}\n\nvariable \"port\" {\n description = \"The port on which the DB accepts connections\"\n}\n\nvariable \"backup_retention_period\" {\n description = \"The number of days during which automatic DB snapshots are retained\"\n default = 0\n}\n\nvariable \"storage_encrypted\" {\n description = \"Specifies whether the DB instance is encrypted\"\n default = true\n}\n\nvariable \"multi_az\" {\n description = \"Is the RDS MultiAZ or SingleAZ. False for Single AZ and True for MultiAZ\"\n default = false\n}\n\nvariable \"password_length\" {\n description = \"Length of the randomly generated password\"\n default = 16\n}\n\nvariable \"tags\" {\n type = map(any)\n default = {}\n}\n\nvariable \"environment\" {\n description = \"The name of the environment\"\n type = string\n}\n\nvariable \"db_cluster_instance_class\" {\n description = \"The instance type of the RDS instance\"\n type = string\n}\n\nvariable \"storage_type\" {\n description = \"One of 'standard' (magnetic), 'gp3' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'standard' if not. Note that this behavior is different from the AWS web console, where the default is 'gp2'.\"\n type = string\n default = \"gp3\"\n}\n\nvariable \"vpc_id\" {\n description = \"The ID of the VPC where the RDS Single-AZ/MultiAZ instance will be created\"\n}\n\nvariable \"subnet_ids\" {\n description = \"The IDs of the subnets for the RDS Single-AZ/MultiAZ instance\"\n type = list(string)\n}\n\nvariable \"allocated_storage\" {\n description = \"Size of the storage\"\n default = 20\n}\n\nvariable \"max_allocated_storage\" {\n description = \"Enable AutoScaling up to\"\n default = null\n}\n\nvariable \"cidr_blocks\" {\n description = \"ingress CIDR \"\n default = [\"0.0.0.0/0\"]\n type = list(string)\n}\n\nvariable \"db_name\" {\n description = \"value of the initial database name\"\n type = string\n default = \"\"\n}\n" }, { "path": "Lesson-35/module-aws-vpc/main.tf", "content": "data \"aws_availability_zones\" \"available\" {}\n\nresource \"aws_vpc\" \"main\" {\n cidr_block = var.vpc_cidr\n tags = {\n Name = \"${var.environment}-vpc\"\n }\n}\n\nresource \"aws_internet_gateway\" \"main\" {\n vpc_id = aws_vpc.main.id\n tags = {\n Name = \"${var.environment}-igw\"\n }\n}\n\n\nresource \"aws_subnet\" \"public_subnets\" {\n count = length(var.subnet_cidrs)\n vpc_id = aws_vpc.main.id\n cidr_block = element(var.subnet_cidrs, count.index)\n availability_zone = data.aws_availability_zones.available.names[count.index]\n map_public_ip_on_launch = true\n tags = {\n Name = \"${var.environment}-public-${count.index + 1}\"\n }\n}\n\nresource \"aws_route_table\" \"public_subnets\" {\n vpc_id = aws_vpc.main.id\n route {\n cidr_block = \"0.0.0.0/0\"\n gateway_id = aws_internet_gateway.main.id\n }\n tags = {\n Name = \"${var.environment}-route-public-subnets\"\n }\n}\n\nresource \"aws_route_table_association\" \"public_routes\" {\n count = length(aws_subnet.public_subnets[*].id)\n route_table_id = aws_route_table.public_subnets.id\n subnet_id = element(aws_subnet.public_subnets[*].id, count.index)\n}\n" }, { "path": "Lesson-35/module-aws-vpc/outputs.tf", "content": "output \"vpc_id\" {\n value = aws_vpc.main.id\n}\n\noutput \"vpc_cidr\" {\n value = aws_vpc.main.cidr_block\n}\n\noutput \"igw_id\" {\n value = aws_internet_gateway.main.id\n}\n\noutput \"subnet_ids\" {\n value = aws_subnet.public_subnets[*].id\n}\n" }, { "path": "Lesson-35/module-aws-vpc/variables.tf", "content": "variable \"tags\" {\n type = map(any)\n default = {}\n}\n\nvariable \"environment\" {\n description = \"The name of the environment\"\n type = string\n}\n\nvariable \"vpc_cidr\" {\n default = \"10.0.0.0/16\"\n}\n\n\nvariable \"subnet_cidrs\" {\n default = [\n \"10.0.1.0/24\",\n \"10.0.2.0/24\"\n ]\n}\n" }, { "path": "Lesson-36/ephemeral/main.tf", "content": "#----------------------------------------------------------\n# Terraform - From Zero to Certified Professional\n#\n# New way of Secrets management using Ephemeral block\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-west-1\"\n}\n\nephemeral \"random_password\" \"masterdb\" { #---> Generate Password\n length = 16\n special = true\n override_special = \"!$%#\"\n}\n\nresource \"aws_ssm_parameter\" \"masterdb_password\" { #---> Store Password\n name = \"/prod/masterdb/password\"\n type = \"SecureString\"\n value_wo = ephemeral.random_password.masterdb.result\n value_wo_version = 1\n}\n\nephemeral \"aws_ssm_parameter\" \"masterdb_password\" { #---> Get Password\n arn = aws_ssm_parameter.masterdb_password.arn\n}\n\nresource \"aws_db_instance\" \"masterdb\" { #---> Use Password\n identifier = \"prod-master-db\"\n db_name = \"master\"\n allocated_storage = 20\n instance_class = \"db.t3.micro\"\n engine = \"mysql\"\n engine_version = \"8.0\"\n username = \"admin\"\n skip_final_snapshot = true\n password_wo = ephemeral.aws_ssm_parameter.masterdb_password.value\n password_wo_version = 1\n}\n" }, { "path": "Lesson-36/non-ephemeral/main.tf", "content": "#----------------------------------------------------------\n# Terraform - From Zero to Certified Professional\n#\n# Old way of Secrets management NOT using Ephemeral block\n#\n# Made by Denis Astahov\n#----------------------------------------------------------\nprovider \"aws\" {\n region = \"ca-west-1\"\n}\n\nresource \"random_password\" \"masterdb\" { #---> Generate Password\n length = 16\n special = true\n override_special = \"!$%#\"\n}\n\nresource \"aws_ssm_parameter\" \"masterdb_password\" { #---> Store Password\n name = \"/prod/masterdb/password\"\n type = \"SecureString\"\n value = random_password.masterdb.result\n}\n\ndata \"aws_ssm_parameter\" \"masterdb_password\" { #---> Get Password\n name = aws_ssm_parameter.masterdb_password.name\n}\n\nresource \"aws_db_instance\" \"masterdb\" { #---> Use Password\n identifier = \"prod-master-db\"\n db_name = \"master\"\n allocated_storage = 20\n instance_class = \"db.t3.micro\"\n engine = \"mysql\"\n engine_version = \"8.0\"\n username = \"admin\"\n skip_final_snapshot = true\n password = data.aws_ssm_parameter.masterdb_password.value\n}\n" }, { "path": "Lesson-37/action/lambda_function.py", "content": "# ------------------------------------------------------------------------------\n# Simple Lambda Function which print payload\n# \n# Version Date Name Info\n# 1.0 15-October-2025 Denis Astahov Initial Version\n#\n# ------------------------------------------------------------------------------\n\ndef lambda_handler(event, context):\n print(\"Incoming Event:\")\n print(event)\n\n message = {\n \"message\": \"Lambda got this Payload:\",\n \"payload\": event\n }\n\n return message\n" }, { "path": "Lesson-37/action/lambda_function.tf", "content": "resource \"aws_lambda_function\" \"this\" {\n function_name = var.name\n description = \"Created by Terraform\"\n role = aws_iam_role.lambda.arn\n runtime = \"python3.13\"\n handler = \"lambda_function.lambda_handler\"\n filename = data.archive_file.lambda_zip.output_path\n source_code_hash = data.archive_file.lambda_zip.output_base64sha256\n tags = var.tags\n\n lifecycle {\n action_trigger {\n events = [after_create, after_update]\n actions = [action.aws_lambda_invoke.this]\n }\n }\n}\n\naction \"aws_lambda_invoke\" \"this\" {\n config {\n function_name = aws_lambda_function.this.function_name\n payload = jsonencode({\n Message = \"Triggered by Terraform Action\"\n })\n }\n}\n\n# terraform apply -invoke action.aws_lambda_invoke.count\naction \"aws_lambda_invoke\" \"count\" {\n count = 5\n config {\n function_name = aws_lambda_function.this.function_name\n payload = jsonencode({\n Message = \"Triggered by Terraform Action\"\n InvokeNumber = count.index + 1\n })\n }\n}\n" }, { "path": "Lesson-37/action/main.tf", "content": "# -----Lambda Package\ndata \"archive_file\" \"lambda_zip\" {\n type = \"zip\"\n output_path = \"lambda_function.zip\"\n source {\n filename = \"lambda_function.py\"\n content = file(\"${path.module}/lambda_function.py\")\n }\n}\n\n#--------------- Lambda IAM Permissions\nresource \"aws_iam_role\" \"lambda\" {\n name = \"${var.name}-iam-role\"\n tags = var.tags\n assume_role_policy = <
\n\nCourse covering all features of Terraform v0.12, v0.13, v0.14, v0.15 and v1.x\n# Terraform Lessons by Denis Astahov\n\n\n### Set AWS Credentials in Windows PowerShell:\n```\n$env:AWS_ACCESS_KEY_ID=\"xxxxxxxxxxxxxxxxx\"\n$env:AWS_SECRET_ACCESS_KEY=\"yyyyyyyyyyyyyyyyyyyyyyyyyyyy\"\n$env:AWS_DEFAULT_REGION=\"zzzzzzzzz\"\n```\n\n### Set AWS Credentials in Linux Shell:\n```\nexport AWS_ACCESS_KEY_ID=\"xxxxxxxxxxxxxxxxx\"\nexport AWS_SECRET_ACCESS_KEY=\"yyyyyyyyyyyyyyyyyyyyyyyyyyyy\"\nexport AWS_DEFAULT_REGION=\"zzzzzzzzz\"\n```\n\n### Terraform Commands\n```\nterraform init\nterraform plan\nterraform apply\nterraform destroy\n\nterraform show\nterraform output\nterraform console\nterraform import\nterraform taint\n```\n\n### Terraform State Commands\n```\nterraform state show\nterraform state list\nterraform state pull\nterraform state rm\nterraform state mv\nterraform state push\n```\n`for x in $(terraform state list | grep xyz); do terraform state mv -state-out=”terraform.tfstate” $x $x; done`\n\n\n\n### Terraform Workspace Commands\n```\nterraform workspace show\nterraform workspace list\nterraform workspace new\nterraform workspace select\nterraform workspace delete\n```\n`${terraform.workspace}`\n" } ]