LoginSignup
0
0

More than 3 years have passed since last update.

VaporAdvent Calendar 2018Day 20
@takoikatakotako(かびごん 小野)

Terraform で書く CodeBuild -> ECR -> ECS with Vapor その2

Last updated at Posted at 2019-09-05

Terraform で書く CodeBuild -> ECR -> ECS with Vapor その1

次にネットワーク周りと、AlB を作ります。
VPC はデフォルトのものを使っても良いと思いますが、環境を汚さないように新しく作成しました。

########################
## VPC
########################
resource "aws_vpc" "vpc" {
  enable_dns_hostnames = true
  cidr_block           = "10.1.0.0/16"
}

########################
## Internet Gateway
########################
resource "aws_internet_gateway" "my_internet_gateway" {
  vpc_id = "${aws_vpc.vpc.id}"
}

########################
## Subnet
########################
resource "aws_subnet" "public-a" {
  vpc_id            = "${aws_vpc.vpc.id}"
  cidr_block        = "10.1.10.0/24"
  availability_zone = "ap-northeast-1a"
}

resource "aws_subnet" "public-c" {
  vpc_id            = "${aws_vpc.vpc.id}"
  cidr_block        = "10.1.200.0/24"
  availability_zone = "ap-northeast-1c"
}

########################
## Route Table
########################
resource "aws_route_table" "my_route_table" {
  vpc_id = "${aws_vpc.vpc.id}"

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.my_internet_gateway.id}"
  }
}

########################
## Route Table Association
########################
resource "aws_route_table_association" "vpc_main-rta1" {
  subnet_id      = "${aws_subnet.public-a.id}"
  route_table_id = "${aws_route_table.my_route_table.id}"
}

resource "aws_route_table_association" "vpc_main-rta2" {
  subnet_id      = "${aws_subnet.public-c.id}"
  route_table_id = "${aws_route_table.my_route_table.id}"
}

########################
## Security Group
########################
resource "aws_security_group" "my_security_group" {
  name        = "my-security-group"
  vpc_id      = "${aws_vpc.vpc.id}"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


########################
## ALB
########################
resource "aws_s3_bucket" "log_backet" {
  bucket = "log-bucket-sdfjoshrgehgegdddew"
  acl    = "private"
}

resource "aws_alb" "alb" {
  name            = "my-ald"
  security_groups = ["${aws_security_group.my_security_group.id}"]
  subnets = [
    "${aws_subnet.public-a.id}",
    "${aws_subnet.public-c.id}",
  ]
  internal                   = false
  enable_deletion_protection = false

  access_logs {
    bucket = "${aws_s3_bucket.log_backet.id}"
  }
}

########################
## Target Group
########################
resource "aws_alb_target_group" "target_group" {
  name        = "alb-tg"
  port        = 80
  protocol    = "HTTP"
  vpc_id      = "vpc-febaf39b"
  target_type = "ip"

  health_check {
    interval = 60
    path     = "/"
    // NOTE: defaultはtraffic-port
    //port                = 80
    protocol            = "HTTP"
    timeout             = 20
    unhealthy_threshold = 4
    matcher             = 200
  }
}

resource "aws_alb_listener" "alb_listener" {
  load_balancer_arn = "${aws_alb.alb.arn}"
  port              = "80"
  protocol          = "HTTP"

  default_action {
    target_group_arn = "${aws_alb_target_group.target_group.arn}"
    type             = "forward"
  }
}
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0