From 6e6118086b6973852837cb5719495c5906e5b85b Mon Sep 17 00:00:00 2001 From: Argus Date: Fri, 1 Aug 2025 03:20:54 +0000 Subject: [PATCH 1/3] My new naming convention --- staging/00-vpc.tf | 48 +++++++++++++++++++++---------------------- staging/01-sg.tf | 52 +++++++++++++++++++++++------------------------ staging/_vars.tf | 10 ++++----- 3 files changed, 55 insertions(+), 55 deletions(-) diff --git a/staging/00-vpc.tf b/staging/00-vpc.tf index 6aad41a..6f9dff6 100644 --- a/staging/00-vpc.tf +++ b/staging/00-vpc.tf @@ -1,96 +1,96 @@ -resource "aws_vpc" "tf_vpc" { +resource "aws_vpc" "vpc" { cidr_block = "${var.vpc_subnet_prefix}.0.0/16" tags = { - Name = "${var.app_name}-VPC" + Name = "${var.app_name}-vpc" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_a1" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_app1" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.1.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-VPC-Subnet-1-App" + Name = "${var.app_name}-app-1a" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_a2" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_app2" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.2.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-VPC-Subnet-2-App" + Name = "${var.app_name}-app-1b" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_b1" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_db1" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.10.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-VPC-Subnet-1-DB" + Name = "${var.app_name}-db-1a" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_b2" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_db2" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.11.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-VPC-Subnet-2-DB" + Name = "${var.app_name}-db-1b" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_c1" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_web1" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.20.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-VPC-Subnet-1-Web" + Name = "${var.app_name}-web-1a" Environment = var.environment } } -resource "aws_subnet" "tf_vpc_sub_c2" { - vpc_id = aws_vpc.tf_vpc.id +resource "aws_subnet" "vpc_sub_web2" { + vpc_id = aws_vpc.vpc.id cidr_block = "${var.vpc_subnet_prefix}.21.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-VPC-Subnet-2-Web" + Name = "${var.app_name}-web-1b" Environment = var.environment } } resource "aws_internet_gateway" "gw" { - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id tags = { - Name = "${var.app_name} Internet Gateway" + Name = "${var.app_name}-ig" Environment = var.environment } } resource "aws_default_route_table" "default" { - default_route_table_id = aws_vpc.tf_vpc.default_route_table_id + default_route_table_id = aws_vpc.vpc.default_route_table_id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.gw.id } tags = { - Name = "${var.app_name} Route Table" + Name = "${var.app_name}-rtb" Environment = var.environment } } \ No newline at end of file diff --git a/staging/01-sg.tf b/staging/01-sg.tf index 88cd62c..f375bf6 100644 --- a/staging/01-sg.tf +++ b/staging/01-sg.tf @@ -1,7 +1,7 @@ -resource "aws_security_group" "tf-elb-web-sg" { - name = "${var.app_name}-SG-Web-ELB" +resource "aws_security_group" "web-elb-sg" { + name = "${var.app_name}-web-elb-sg" description = "Allow global inbound traffic" - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id ingress { description = "HTTP" @@ -43,15 +43,15 @@ resource "aws_security_group" "tf-elb-web-sg" { } tags = { - Name = "${var.app_name}-SG-WEB-ELB" + Name = "${var.app_name}-web-elb-sg" Environment = var.environment } } -resource "aws_security_group" "tf-web-sg" { - name = "${var.app_name}-SG-WEB" +resource "aws_security_group" "web-sg" { + name = "${var.app_name}-web-sg" description = "Allow ELB inbound traffic" - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id ingress { description = "HTTP" @@ -59,7 +59,7 @@ resource "aws_security_group" "tf-web-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.tf-elb-web-sg.id + aws_security_group.elb-web-sg.id ] } @@ -69,7 +69,7 @@ resource "aws_security_group" "tf-web-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.tf-elb-web-sg.id + aws_security_group.elb-web-sg.id ] } @@ -88,10 +88,10 @@ resource "aws_security_group" "tf-web-sg" { } } -resource "aws_security_group" "tf-elb-app-sg" { - name = "${var.app_name}-SG-APP-ELB" +resource "aws_security_group" "app-elb-sg" { + name = "${var.app_name}-app-elb-sg" description = "Allow inbound traffic from Web instances" - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id ingress { description = "HTTP" @@ -99,7 +99,7 @@ resource "aws_security_group" "tf-elb-app-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.tf-web-sg.id + aws_security_group.web-sg.id ] } @@ -109,7 +109,7 @@ resource "aws_security_group" "tf-elb-app-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.tf-web-sg.id + aws_security_group.web-sg.id ] } @@ -123,15 +123,15 @@ resource "aws_security_group" "tf-elb-app-sg" { } tags = { - Name = "${var.app_name}-SG-APP-ELB" + Name = "${var.app_name}-app-elb-sg" Environment = var.environment } } -resource "aws_security_group" "tf-app-sg" { - name = "${var.app_name}-SG-APP" +resource "aws_security_group" "app-sg" { + name = "${var.app_name}-app-sg" description = "Allow inbound traffic from Web instances" - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id ingress { description = "HTTP" @@ -139,7 +139,7 @@ resource "aws_security_group" "tf-app-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.tf-elb-app-sg.id + aws_security_group.elb-app-sg.id ] } @@ -149,7 +149,7 @@ resource "aws_security_group" "tf-app-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.tf-elb-app-sg.id + aws_security_group.elb-app-sg.id ] } @@ -163,15 +163,15 @@ resource "aws_security_group" "tf-app-sg" { } tags = { - Name = "${var.app_name}-SG-APP" + Name = "${var.app_name}-app-sg" Environment = var.environment } } -resource "aws_security_group" "tf-db-sg" { - name = "${var.app_name}-SG-DB" +resource "aws_security_group" "db-sg" { + name = "${var.app_name}-db-sg" description = "Allow traffic from APP" - vpc_id = aws_vpc.tf_vpc.id + vpc_id = aws_vpc.vpc.id ingress { description = "MySQL" @@ -179,7 +179,7 @@ resource "aws_security_group" "tf-db-sg" { to_port = 3306 protocol = "tcp" security_groups = [ - aws_security_group.tf-app-sg.id + aws_security_group.app-sg.id ] } @@ -193,7 +193,7 @@ resource "aws_security_group" "tf-db-sg" { } tags = { - Name = "${var.app_name}-SG-DB" + Name = "${var.app_name}-db-sg" Environment = var.environment } } \ No newline at end of file diff --git a/staging/_vars.tf b/staging/_vars.tf index f47cb21..06984f2 100644 --- a/staging/_vars.tf +++ b/staging/_vars.tf @@ -1,6 +1,6 @@ variable "app_name" { type = string - default = "DAT" + default = "myproject" } variable "environment" { @@ -21,10 +21,10 @@ variable "sizing" { rds_read = string }) default = { - ec2_app = "t2.nano" - ec2_web = "t2.nano" - rds_master = "t2.micro" - rds_read = "t2.micro" + ec2_app = "t4g.nano" + ec2_web = "t4g.nano" + rds_master = "t4g.micro" + rds_read = "t4g.micro" } } From cd4fae5dbc57d53a8b8f09cd0ca2ab910c277b7f Mon Sep 17 00:00:00 2001 From: Argus Date: Fri, 1 Aug 2025 05:19:14 +0000 Subject: [PATCH 2/3] Better naming convention, bump version --- staging/.terraform.lock.hcl | 57 +++++++++++++++-------------- staging/00-vpc.tf | 63 +++++++++++++++++++------------- staging/01-sg.tf | 36 +++++++++---------- staging/10-s3.tf | 17 +++++---- staging/20-ec2.tf | 33 ++++++++--------- staging/21-elb.tf | 72 ++++++++++++++++++------------------- staging/30-rds.tf | 19 +++++----- staging/_data.tf | 9 ++--- staging/_init.tf | 16 ++++++--- staging/_vars.tf | 8 ++--- 10 files changed, 176 insertions(+), 154 deletions(-) diff --git a/staging/.terraform.lock.hcl b/staging/.terraform.lock.hcl index 4054f11..7c6c1cf 100644 --- a/staging/.terraform.lock.hcl +++ b/staging/.terraform.lock.hcl @@ -2,37 +2,42 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "3.22.0" + version = "6.7.0" hashes = [ - "h1:KVhBCK+8d3Jpq7T/Un94WH0LiGGCT3j7HCuW71CGd1M=", - "h1:f/Tz8zv1Zb78ZaiyJkQ0MGIViZwbYrLuQk3kojPM91c=", - "zh:4a9a66caf1964cdd3b61fb3ebb0da417195a5529cb8e496f266b0778335d11c8", - "zh:514f2f006ae68db715d86781673faf9483292deab235c7402ff306e0e92ea11a", - "zh:5277b61109fddb9011728f6650ef01a639a0590aeffe34ed7de7ba10d0c31803", - "zh:67784dc8c8375ab37103eea1258c3334ee92be6de033c2b37e3a2a65d0005142", - "zh:76d4c8be2ca4a3294fb51fb58de1fe03361d3bc403820270cc8e71a04c5fa806", - "zh:8f90b1cfdcf6e8fb1a9d0382ecaa5056a3a84c94e313fbf9e92c89de271cdede", - "zh:d0ac346519d0df124df89be2d803eb53f373434890f6ee3fb37112802f9eac59", - "zh:d6256feedada82cbfb3b1dd6dd9ad02048f23120ab50e6146a541cb11a108cc1", - "zh:db2fe0d2e77c02e9a74e1ed694aa352295a50283f9a1cf896e5be252af14e9f4", - "zh:eda61e889b579bd90046939a5b40cf5dc9031fb5a819fc3e4667a78bd432bdb2", + "h1:MR1e3FM/ZMHBaUOsLJu2XIjkbogmh5q5IV/N73zGX14=", + "zh:3c0a256f813e5e2c1e1aa137204ad9168ebe487f6cee874af9e9c78eb300568e", + "zh:3c49dd75ea28395b29ba259988826b956c8adf6c0b59dd8874feb4f47bad976a", + "zh:3e6e3e3bfc6594f4f9e2c017ee588c5fcad394b87dd0b68a3f37cd66001f3c8c", + "zh:3f9b55826eeebf9b2ed448fc111d772c703e1edc6678e1bb646e66f3c3f9308f", + "zh:44e4ced936045ddc42d22c653a6427e7eb2b7aee918dff8438da0cb40996beb4", + "zh:474ab4d63918f41e8ea1cef43aeb1c719629dbf289db175c95de1431a8853ae7", + "zh:71b9e1d82c5ccc8d9bf72b3712c2b90722fc1f35a0f0f7a9557b9ee01971e6e2", + "zh:7723256d6ccc55f4000d1df8db202b02b30a7d917f5d31624c717e14ba15ea95", + "zh:82174836faa830aff0e47ea61d4cfbb5c97e1e944b1978f1d933acd37f584c88", + "zh:8e62fdc10206ba7232eec991e5a387378f2fbe47cc717b7f60eeb1df2c974514", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:be24dd2d53b224d7098e75ca432746e3420ce071189eea100aa8cbcd2498d389", + "zh:d27651d0e458933127ddca35a833e1a0f0ff0c131391288b3239763a2fd8f96f", + "zh:d33c181fff1b96bf8366e6c3d92408370b21649291e8f4d1f7e9a3fbb920fc9d", + "zh:edc0a0a84f85036c6d3df29d09557bd43206d9ee57b10542b484050f0f34d242", ] } provider "registry.terraform.io/hashicorp/random" { - version = "3.0.0" + version = "3.7.2" hashes = [ - "h1:+JUEdzBH7Od9JKdMMAIJlX9v6P8jfbMR7V4/FKXLAgY=", - "h1:yhHJpb4IfQQfuio7qjUXuUFTU/s+ensuEpm23A+VWz0=", - "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b", - "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17", - "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc", - "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2", - "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b", - "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51", - "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc", - "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd", - "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578", - "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515", + "h1:356j/3XnXEKr9nyicLUufzoF4Yr6hRy481KIxRVpK0c=", + "zh:14829603a32e4bc4d05062f059e545a91e27ff033756b48afbae6b3c835f508f", + "zh:1527fb07d9fea400d70e9e6eb4a2b918d5060d604749b6f1c361518e7da546dc", + "zh:1e86bcd7ebec85ba336b423ba1db046aeaa3c0e5f921039b3f1a6fc2f978feab", + "zh:24536dec8bde66753f4b4030b8f3ef43c196d69cccbea1c382d01b222478c7a3", + "zh:29f1786486759fad9b0ce4fdfbbfece9343ad47cd50119045075e05afe49d212", + "zh:4d701e978c2dd8604ba1ce962b047607701e65c078cb22e97171513e9e57491f", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7b8434212eef0f8c83f5a90c6d76feaf850f6502b61b53c329e85b3b281cba34", + "zh:ac8a23c212258b7976e1621275e3af7099e7e4a3d4478cf8d5d2a27f3bc3e967", + "zh:b516ca74431f3df4c6cf90ddcdb4042c626e026317a33c53f0b445a3d93b720d", + "zh:dc76e4326aec2490c1600d6871a95e78f9050f9ce427c71707ea412a2f2f1a62", + "zh:eac7b63e86c749c7d48f527671c7aee5b4e26c10be6ad7232d6860167f99dbb0", ] } diff --git a/staging/00-vpc.tf b/staging/00-vpc.tf index 6f9dff6..bae6cc2 100644 --- a/staging/00-vpc.tf +++ b/staging/00-vpc.tf @@ -1,4 +1,4 @@ -resource "aws_vpc" "vpc" { +resource "aws_vpc" "main_vpc" { cidr_block = "${var.vpc_subnet_prefix}.0.0/16" tags = { @@ -7,90 +7,105 @@ resource "aws_vpc" "vpc" { } } -resource "aws_subnet" "vpc_sub_app1" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "app_1a" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.1.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-app-1a" + Name = "${var.app_name}-app-sub-1a" Environment = var.environment } } -resource "aws_subnet" "vpc_sub_app2" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "app_1b" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.2.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-app-1b" + Name = "${var.app_name}-app-sub-1b" Environment = var.environment } } -resource "aws_subnet" "vpc_sub_db1" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "db_1a" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.10.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-db-1a" + Name = "${var.app_name}-db-sub-1a" Environment = var.environment } } -resource "aws_subnet" "vpc_sub_db2" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "db_1b" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.11.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-db-1b" + Name = "${var.app_name}-db-sub-1b" Environment = var.environment } } -resource "aws_subnet" "vpc_sub_web1" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "web_1a" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.20.0/24" availability_zone = "${var.aws_region}a" tags = { - Name = "${var.app_name}-web-1a" + Name = "${var.app_name}-web-sub-1a" Environment = var.environment } } -resource "aws_subnet" "vpc_sub_web2" { - vpc_id = aws_vpc.vpc.id +resource "aws_subnet" "web_1b" { + vpc_id = aws_vpc.main_vpc.id cidr_block = "${var.vpc_subnet_prefix}.21.0/24" availability_zone = "${var.aws_region}b" tags = { - Name = "${var.app_name}-web-1b" + Name = "${var.app_name}-web-sub-1b" Environment = var.environment } } -resource "aws_internet_gateway" "gw" { - vpc_id = aws_vpc.vpc.id +resource "aws_internet_gateway" "igw" { + vpc_id = aws_vpc.main_vpc.id tags = { - Name = "${var.app_name}-ig" + Name = "${var.app_name}-igw" Environment = var.environment } } resource "aws_default_route_table" "default" { - default_route_table_id = aws_vpc.vpc.default_route_table_id + default_route_table_id = aws_vpc.main_vpc.default_route_table_id route { cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.gw.id + gateway_id = aws_internet_gateway.igw.id } tags = { Name = "${var.app_name}-rtb" Environment = var.environment } +} + +resource "aws_route_table" "private" { + vpc_id = aws_vpc.main_vpc.id + +} + +resource "aws_route_table_association" "private_subnet_db_1a" { + subnet_id = aws_subnet.db_1a.id + route_table_id = aws_route_table.private.id +} + +resource "aws_route_table_association" "private_subnet_db_1b" { + subnet_id = aws_subnet.db_1b.id + route_table_id = aws_route_table.private.id } \ No newline at end of file diff --git a/staging/01-sg.tf b/staging/01-sg.tf index f375bf6..957b45d 100644 --- a/staging/01-sg.tf +++ b/staging/01-sg.tf @@ -1,7 +1,7 @@ -resource "aws_security_group" "web-elb-sg" { +resource "aws_security_group" "web_elb_sg" { name = "${var.app_name}-web-elb-sg" description = "Allow global inbound traffic" - vpc_id = aws_vpc.vpc.id + vpc_id = aws_vpc.main_vpc.id ingress { description = "HTTP" @@ -48,10 +48,10 @@ resource "aws_security_group" "web-elb-sg" { } } -resource "aws_security_group" "web-sg" { +resource "aws_security_group" "web_sg" { name = "${var.app_name}-web-sg" description = "Allow ELB inbound traffic" - vpc_id = aws_vpc.vpc.id + vpc_id = aws_vpc.main_vpc.id ingress { description = "HTTP" @@ -59,7 +59,7 @@ resource "aws_security_group" "web-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.elb-web-sg.id + aws_security_group.web_elb_sg.id ] } @@ -69,7 +69,7 @@ resource "aws_security_group" "web-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.elb-web-sg.id + aws_security_group.web_elb_sg.id ] } @@ -83,15 +83,15 @@ resource "aws_security_group" "web-sg" { } tags = { - Name = "${var.app_name}-SG-WEB" + Name = "${var.app_name}-web-sg" Environment = var.environment } } -resource "aws_security_group" "app-elb-sg" { +resource "aws_security_group" "app_elb_sg" { name = "${var.app_name}-app-elb-sg" description = "Allow inbound traffic from Web instances" - vpc_id = aws_vpc.vpc.id + vpc_id = aws_vpc.main_vpc.id ingress { description = "HTTP" @@ -99,7 +99,7 @@ resource "aws_security_group" "app-elb-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.web-sg.id + aws_security_group.web_sg.id ] } @@ -109,7 +109,7 @@ resource "aws_security_group" "app-elb-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.web-sg.id + aws_security_group.web_sg.id ] } @@ -128,10 +128,10 @@ resource "aws_security_group" "app-elb-sg" { } } -resource "aws_security_group" "app-sg" { +resource "aws_security_group" "app_sg" { name = "${var.app_name}-app-sg" description = "Allow inbound traffic from Web instances" - vpc_id = aws_vpc.vpc.id + vpc_id = aws_vpc.main_vpc.id ingress { description = "HTTP" @@ -139,7 +139,7 @@ resource "aws_security_group" "app-sg" { to_port = 80 protocol = "tcp" security_groups = [ - aws_security_group.elb-app-sg.id + aws_security_group.app_elb_sg.id ] } @@ -149,7 +149,7 @@ resource "aws_security_group" "app-sg" { to_port = 443 protocol = "tcp" security_groups = [ - aws_security_group.elb-app-sg.id + aws_security_group.app_elb_sg.id ] } @@ -168,10 +168,10 @@ resource "aws_security_group" "app-sg" { } } -resource "aws_security_group" "db-sg" { +resource "aws_security_group" "db_sg" { name = "${var.app_name}-db-sg" description = "Allow traffic from APP" - vpc_id = aws_vpc.vpc.id + vpc_id = aws_vpc.main_vpc.id ingress { description = "MySQL" @@ -179,7 +179,7 @@ resource "aws_security_group" "db-sg" { to_port = 3306 protocol = "tcp" security_groups = [ - aws_security_group.app-sg.id + aws_security_group.app_sg.id ] } diff --git a/staging/10-s3.tf b/staging/10-s3.tf index 7211a7d..a4e5f87 100644 --- a/staging/10-s3.tf +++ b/staging/10-s3.tf @@ -1,6 +1,5 @@ -resource "aws_s3_bucket" "tf-s3" { +resource "aws_s3_bucket" "elb_logs_s3" { bucket = "${lower(var.app_name)}-elb-access-logs" - acl = "private" force_destroy = true tags = { @@ -9,8 +8,8 @@ resource "aws_s3_bucket" "tf-s3" { } } -resource "aws_s3_bucket_policy" "tf-s3-policy" { - bucket = aws_s3_bucket.tf-s3.id +resource "aws_s3_bucket_policy" "elb_logs_s3_policy" { + bucket = aws_s3_bucket.elb_logs_s3.id policy = < Date: Fri, 1 Aug 2025 05:22:57 +0000 Subject: [PATCH 3/3] Always fmt before push --- staging/01-sg.tf | 70 +++++++++++++++++++++++------------------------ staging/20-ec2.tf | 20 +++++++------- staging/21-elb.tf | 8 +++--- staging/30-rds.tf | 24 ++++++++-------- staging/_init.tf | 4 +-- staging/_vars.tf | 20 +++++++------- 6 files changed, 72 insertions(+), 74 deletions(-) diff --git a/staging/01-sg.tf b/staging/01-sg.tf index 957b45d..0968ae0 100644 --- a/staging/01-sg.tf +++ b/staging/01-sg.tf @@ -34,9 +34,9 @@ resource "aws_security_group" "web_elb_sg" { } egress { - from_port = 0 - to_port = 0 - protocol = "-1" + from_port = 0 + to_port = 0 + protocol = "-1" cidr_blocks = [ "0.0.0.0/0" ] @@ -54,29 +54,29 @@ resource "aws_security_group" "web_sg" { vpc_id = aws_vpc.main_vpc.id ingress { - description = "HTTP" - from_port = 80 - to_port = 80 - protocol = "tcp" + description = "HTTP" + from_port = 80 + to_port = 80 + protocol = "tcp" security_groups = [ aws_security_group.web_elb_sg.id ] } ingress { - description = "HTTPs" - from_port = 443 - to_port = 443 - protocol = "tcp" + description = "HTTPs" + from_port = 443 + to_port = 443 + protocol = "tcp" security_groups = [ aws_security_group.web_elb_sg.id ] } egress { - from_port = 0 - to_port = 0 - protocol = "-1" + from_port = 0 + to_port = 0 + protocol = "-1" cidr_blocks = [ "0.0.0.0/0" ] @@ -114,9 +114,9 @@ resource "aws_security_group" "app_elb_sg" { } egress { - from_port = 0 - to_port = 0 - protocol = "-1" + from_port = 0 + to_port = 0 + protocol = "-1" cidr_blocks = [ "0.0.0.0/0" ] @@ -134,29 +134,29 @@ resource "aws_security_group" "app_sg" { vpc_id = aws_vpc.main_vpc.id ingress { - description = "HTTP" - from_port = 80 - to_port = 80 - protocol = "tcp" + description = "HTTP" + from_port = 80 + to_port = 80 + protocol = "tcp" security_groups = [ aws_security_group.app_elb_sg.id ] } ingress { - description = "HTTPs" - from_port = 443 - to_port = 443 - protocol = "tcp" + description = "HTTPs" + from_port = 443 + to_port = 443 + protocol = "tcp" security_groups = [ aws_security_group.app_elb_sg.id ] } egress { - from_port = 0 - to_port = 0 - protocol = "-1" + from_port = 0 + to_port = 0 + protocol = "-1" cidr_blocks = [ "0.0.0.0/0" ] @@ -174,19 +174,19 @@ resource "aws_security_group" "db_sg" { vpc_id = aws_vpc.main_vpc.id ingress { - description = "MySQL" - from_port = 3306 - to_port = 3306 - protocol = "tcp" + description = "MySQL" + from_port = 3306 + to_port = 3306 + protocol = "tcp" security_groups = [ aws_security_group.app_sg.id ] } egress { - from_port = 0 - to_port = 0 - protocol = "-1" + from_port = 0 + to_port = 0 + protocol = "-1" cidr_blocks = [ "0.0.0.0/0" ] diff --git a/staging/20-ec2.tf b/staging/20-ec2.tf index 14d2201..6b93717 100644 --- a/staging/20-ec2.tf +++ b/staging/20-ec2.tf @@ -1,11 +1,11 @@ # App resource "aws_instance" "app_ec2" { - count = 2 - ami = data.aws_ami.app_ami.id - instance_type = var.sizing.app_ec2 - subnet_id = aws_subnet.app_1a.id - key_name = aws_key_pair.ssh.key_name + count = 2 + ami = data.aws_ami.app_ami.id + instance_type = var.sizing.app_ec2 + subnet_id = aws_subnet.app_1a.id + key_name = aws_key_pair.ssh.key_name security_groups = [ aws_security_group.app_sg.id ] @@ -18,11 +18,11 @@ resource "aws_instance" "app_ec2" { # Web resource "aws_instance" "web_ec2" { - count = 2 - ami = data.aws_ami.app_ami.id - instance_type = var.sizing.web_ec2 - subnet_id = aws_subnet.web_1a.id - key_name = aws_key_pair.ssh.key_name + count = 2 + ami = data.aws_ami.app_ami.id + instance_type = var.sizing.web_ec2 + subnet_id = aws_subnet.web_1a.id + key_name = aws_key_pair.ssh.key_name security_groups = [ aws_security_group.web_sg.id ] diff --git a/staging/21-elb.tf b/staging/21-elb.tf index 9f8b75f..fff31b3 100644 --- a/staging/21-elb.tf +++ b/staging/21-elb.tf @@ -3,10 +3,10 @@ resource "aws_lb" "app_elb" { name = "${var.app_name}-app-elb" internal = true load_balancer_type = "application" - security_groups = [ + security_groups = [ aws_security_group.app_elb_sg.id ] - subnets = [ + subnets = [ aws_subnet.app_1a.id, aws_subnet.app_1b.id ] @@ -58,10 +58,10 @@ resource "aws_lb" "web_elb" { name = "${var.app_name}-web-elb" internal = false load_balancer_type = "application" - security_groups = [ + security_groups = [ aws_security_group.web_elb_sg.id ] - subnets = [ + subnets = [ aws_subnet.web_1a.id, aws_subnet.web_1b.id ] diff --git a/staging/30-rds.tf b/staging/30-rds.tf index 8688dd7..89a414a 100644 --- a/staging/30-rds.tf +++ b/staging/30-rds.tf @@ -1,18 +1,16 @@ resource "aws_db_instance" "db" { - allocated_storage = 20 - storage_type = "gp3" - engine = "mysql" - engine_version = "8.0" - instance_class = "db.${var.sizing.rds_master}" - identifier = "${lower(var.app_name)}-${lower(var.rds_config.database)}-${lower(random_string.rand_db_name.result)}" - username = var.rds_config.username - password = var.rds_config.password - parameter_group_name = "default.mysql8.0" - - skip_final_snapshot = true - + allocated_storage = 20 + storage_type = "gp3" + engine = "mysql" + engine_version = "8.0" + instance_class = "db.${var.sizing.rds_master}" + identifier = "${lower(var.app_name)}-${lower(var.rds_config.database)}-${lower(random_string.rand_db_name.result)}" + username = var.rds_config.username + password = var.rds_config.password + parameter_group_name = "default.mysql8.0" + skip_final_snapshot = true vpc_security_group_ids = [aws_security_group.db_sg.id] - db_subnet_group_name = aws_db_subnet_group.db_subnet_group.name + db_subnet_group_name = aws_db_subnet_group.db_subnet_group.name } resource "aws_db_subnet_group" "db_subnet_group" { diff --git a/staging/_init.tf b/staging/_init.tf index 58ddd7a..ec54226 100644 --- a/staging/_init.tf +++ b/staging/_init.tf @@ -1,14 +1,14 @@ terraform { required_providers { aws = { - source = "hashicorp/aws" + source = "hashicorp/aws" version = "6.7.0" } } } provider "aws" { - region = var.aws_region + region = var.aws_region shared_credentials_files = ["../.secret/staging_keys"] } diff --git a/staging/_vars.tf b/staging/_vars.tf index a21eda2..4ab07df 100644 --- a/staging/_vars.tf +++ b/staging/_vars.tf @@ -15,32 +15,32 @@ variable "aws_region" { variable "sizing" { type = object({ - app_ec2 = string - web_ec2 = string + app_ec2 = string + web_ec2 = string rds_master = string - rds_read = string + rds_read = string }) default = { - app_ec2 = "t4g.nano" - web_ec2 = "t4g.nano" + app_ec2 = "t4g.nano" + web_ec2 = "t4g.nano" rds_master = "t4g.micro" - rds_read = "t4g.micro" + rds_read = "t4g.micro" } } variable "elb_log_prefix" { type = object({ - public = string + public = string private = string }) default = { - public = "PublicLBLogs" + public = "PublicLBLogs" private = "PrivateLBLogs" } } variable "vpc_subnet_prefix" { - type = string + type = string # Or 10.0 or 10.100 or whatever you want default = "172.29" } @@ -59,6 +59,6 @@ variable "rds_config" { } resource "random_string" "rand_db_name" { - length = 8 + length = 8 special = false } \ No newline at end of file