Go to Qiita Advent Calendar 2024 Top
LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

VaporAdvent Calendar 2018

Day 20
@takoikatakotako(かびごん 小野)

Terraform で書く CodeBuild -> ECR -> ECS with Vapor その2

Last updated at Posted at 2019-09-05

Terraform で書く CodeBuild -> ECR -> ECS with Vapor その1

次にネットワーク周りと、AlB を作ります。
VPC はデフォルトのものを使っても良いと思いますが、環境を汚さないように新しく作成しました。

########################
## VPC
########################
resource "aws_vpc" "vpc" {
  enable_dns_hostnames = true
  cidr_block           = "10.1.0.0/16"
}

########################
## Internet Gateway
########################
resource "aws_internet_gateway" "my_internet_gateway" {
  vpc_id = "${aws_vpc.vpc.id}"
}

########################
## Subnet
########################
resource "aws_subnet" "public-a" {
  vpc_id            = "${aws_vpc.vpc.id}"
  cidr_block        = "10.1.10.0/24"
  availability_zone = "ap-northeast-1a"
}

resource "aws_subnet" "public-c" {
  vpc_id            = "${aws_vpc.vpc.id}"
  cidr_block        = "10.1.200.0/24"
  availability_zone = "ap-northeast-1c"
}

########################
## Route Table
########################
resource "aws_route_table" "my_route_table" {
  vpc_id = "${aws_vpc.vpc.id}"

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.my_internet_gateway.id}"
  }
}

########################
## Route Table Association
########################
resource "aws_route_table_association" "vpc_main-rta1" {
  subnet_id      = "${aws_subnet.public-a.id}"
  route_table_id = "${aws_route_table.my_route_table.id}"
}

resource "aws_route_table_association" "vpc_main-rta2" {
  subnet_id      = "${aws_subnet.public-c.id}"
  route_table_id = "${aws_route_table.my_route_table.id}"
}

########################
## Security Group
########################
resource "aws_security_group" "my_security_group" {
  name        = "my-security-group"
  vpc_id      = "${aws_vpc.vpc.id}"

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}


########################
## ALB
########################
resource "aws_s3_bucket" "log_backet" {
  bucket = "log-bucket-sdfjoshrgehgegdddew"
  acl    = "private"
}

resource "aws_alb" "alb" {
  name            = "my-ald"
  security_groups = ["${aws_security_group.my_security_group.id}"]
  subnets = [
    "${aws_subnet.public-a.id}",
    "${aws_subnet.public-c.id}",
  ]
  internal                   = false
  enable_deletion_protection = false

  access_logs {
    bucket = "${aws_s3_bucket.log_backet.id}"
  }
}

########################
## Target Group
########################
resource "aws_alb_target_group" "target_group" {
  name        = "alb-tg"
  port        = 80
  protocol    = "HTTP"
  vpc_id      = "vpc-febaf39b"
  target_type = "ip"

  health_check {
    interval = 60
    path     = "/"
    // NOTE: defaultはtraffic-port
    //port                = 80
    protocol            = "HTTP"
    timeout             = 20
    unhealthy_threshold = 4
    matcher             = 200
  }
}

resource "aws_alb_listener" "alb_listener" {
  load_balancer_arn = "${aws_alb.alb.arn}"
  port              = "80"
  protocol          = "HTTP"

  default_action {
    target_group_arn = "${aws_alb_target_group.target_group.arn}"
    type             = "forward"
  }
}
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?