Assignment – Terraform – Day 1 – Aug 2023
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Assignment # 1
Write a Terraform code which would do following
- Create a new Project == New Directory
- Create a EBS vol of 5 GB
- Create a AWS Key Pair
- Create a AWS Security Group alllowing 22, 80 port
- Create a EC2 Instance and Attach a EBS vol in S#1, Use Key-pair from S#2, Use Security group from S#3.
resource “aws_key_pair” “nad_key” {
key_name = “nad-key2”
public_key = “ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCRLiQbgvozII8iLJ/0utIbPXeY9sOpwLb0GIuIsc/jkp8laHoyQnwl+cWsQ4fFOvL+q5DR3JjFuNhVGF9Xqx51N9Kau3PNCMBuyMqSyXtciVXmP”
}
resource “aws_security_group” “nad_firewall” {
ingress {
from_port = 443
to_port = 443
protocol = “tcp”
}
egress {
from_port = 0
to_port = 0
protocol = “-1”
}
tags = {
Name = “nad”
}
}
resource “aws_instance” “tasknad2” {
ami = “ami-053b0d53c279acc90”
instance_type = “t2.micro”
key_name = aws_key_pair.nad_key.key_name
security_groups= [“${aws_security_group.nad_firewall.name}”]
tags= {
Name = “TC OS”
}
}
resource “aws_ebs_volume” “nad_volume” {
availability_zone = aws_instance.tasknad2.availability_zone
size = 1
tags= {
Name = “Nad volume”
}
}
resource “aws_volume_attachment” “ebs” {
device_name = “/dev/sdh”
volume_id = aws_ebs_volume.nad_volume.id
instance_id = aws_instance.tasknad2.id
}
resource “aws_key_pair” “nurnokp1” {
key_name = “key1”
public_key = “ssh-rsa xxxxxx”
}
resource “aws_security_group” “nurnosecgrp1” {
name = “nurno security group 1”
description = “Allow set traffic from internal”
ingress {
from_port = 22
to_port = 22
protocol = “tcp”
}
ingress {
from_port = 80
to_port = 80
protocol = “tcp”
}
}
resource “aws_ebs_volume” “ebsnurno1” {
availability_zone = aws_instance.web.availability_zone
size = 5
tags = {
Name = “nurno vol 1”
}
}
resource “aws_instance” “web” {
ami = “ami-053b0d53c279acc90”
instance_type = “t3.micro”
key_name = aws_key_pair.nurnokp1.key_name
security_groups = [“${aws_security_group.nurnosecgrp1.name}”]
tags = {
Name = “nurno-web”
}
}
resource “aws_volume_attachment” “ebs” {
device_name = “/dev/sdh”
volume_id = aws_ebs_volume.ebsnurno1.id
instance_id = aws_instance.web.id
}
resource “tls_private_key” “example” {
algorithm = “RSA”
rsa_bits = 4096
}
resource “aws_key_pair” “cy_assignment_key” {
key_name = “cy-key”
public_key = “${tls_private_key.example.public_key_openssh}”
}
resource “aws_security_group” “cy-sg” {
name_prefix = “cy-sg”
ingress {
from_port = 22
to_port = 22
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]
}
ingress {
from_port = 80
to_port = 80
protocol = “tcp”
cidr_blocks = [“0.0.0.0/0”]
}
tags = {
Name = “CY Asgn1 SG”
}
}
resource “aws_instance” “cy-asgn1-instance” {
ami = “ami-08a52ddb321b32a8c”
instance_type = “t2.micro”
key_name = aws_key_pair.cy_assignment_key.key_name
vpc_security_group_ids = [aws_security_group.cy-sg.id]
tags = {
Name = “cy-asgn1-instance”
}
}
resource “aws_ebs_volume” “example” {
availability_zone = aws_instance.cy-asgn1-instance.availability_zone
size = 5
tags = {
Name = “CYeaVolume”
}
}
resource “aws_volume_attachment” “ebs” {
device_name = “/dev/sdh”
volume_id = aws_ebs_volume.example.id
instance_id = aws_instance.cy-asgn1-instance.id
}
resource “aws_ebs_volume” “example” {
availability_zone = “us-east-1a”
size = 5
tags = {
Name = “BerylVolume”
}
}
resource “aws_key_pair” “deployer” {
key_name = “beryl-keypair”
public_key = “ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBYKXjJrWaTt+n5n880rPUlofEfr1YzXzl8AIJ5FUvbjCdUJ0T/c0m77S3qfYQWmOgmW3IC2emElzfh5TY+HVhzI7IGo1isV7xdrUsT35xTZikMMtmaTaYkFZ4sw6DTBmF8sZwvkJwBeRNqOd/BpPthmD3f4sW414IoXZR69A5UAd1HJ0LCmhWWDB6k4k6sVsz4jK5sDEIWtNKMhS3RATby64W1/F81LWBgvAdFaJKiMfmH6kwLh1RackcJd02VR5LhwiocvqEdVViWba+OgHV9JDXW6gjIQ9XxcgVfnzH1Kpx4vcTZRlFEL3el3YrcuXYmuAgSZtqZfvlQQI3jsM7”
}
resource “aws_security_group” “allow_tls” {
name = “beryl-sec-group”
description = “Allow TLS inbound traffic”
tags = {
Name = “beryl terraform test”
}
ingress {
from_port = 443
to_port = 443
protocol = “tcp”
}
ingress {
from_port = 80
to_port = 80
protocol = “tcp”
}
ingress {
from_port = 22
to_port = 22
protocol = “tcp”
}
egress {
from_port = 0
to_port = 0
protocol = “tcp”
}
}
resource “aws_instance” “web” {
ami = “ami-053b0d53c279acc90”
instance_type = “t3.micro”
security_groups = [“${aws_security_group.allow_tls.name}”]
key_name = aws_key_pair.deployer.key_name
tags = {
Name = “beryl-testupdate”
}
}
resource “aws_volume_attachment” “ebs” {
device_name = “/dev/sdh”
volume_id = aws_ebs_volume.example.id
instance_id = aws_instance.web.id
}
resource “aws_key_pair” “cheah_keypair” {
key_name = “cheah-keypair”
public_key = file(“~/cheah/.ssh/id_rsa.pub”)
}
resource “aws_security_group” “cheah_security_group” {
name = “cheah-policy”
ingress {
from_port = 22
to_port = 22
protocol = “tcp”
}
ingress {
from_port = 80
to_port = 80
protocol = “tcp”
}
}
resource “aws_instance” “web” {
ami = “ami-053b0d53c279acc90”
instance_type = “t3.micro”
key_name = aws_key_pair.cheah_keypair.key_name
security_groups = [
aws_security_group.cheah_security_group.name
]
tags = {
Name = “cheah-instance”
}
}
resource “aws_ebs_volume” “cheah_volume” {
availability_zone = “us-east-1a”
size = 5
type = “gp2”
}
resource “aws_volume_attachment” “cheah_attachment” {
device_name = “/dev/cheah”
volume_id = aws_ebs_volume.cheah_volume.id
instance_id = aws_instance.web.id
}
output “vms_publicip” {
value = aws_instance.web.public_ip
}