diff --git a/ops/terraform/master.tf b/ops/terraform/master.tf index 1ac2069..8725d82 100644 --- a/ops/terraform/master.tf +++ b/ops/terraform/master.tf @@ -35,11 +35,12 @@ resource "aws_key_pair" "terraform_ec2_key" { ########################### resource "aws_instance" "webserver" { - ami = "ami-38a01045" + ami = "ami-969c2deb" instance_type = "t2.micro" key_name = "${aws_key_pair.terraform_ec2_key.id}" vpc_security_group_ids = [ - "${aws_security_group.allow_ssh.id}" + "${aws_security_group.allow_ssh.id}", + "${aws_security_group.allow_http.id}" ] tags { diff --git a/ops/terraform/security.tf b/ops/terraform/security.tf index 5dfe05f..33a7f04 100644 --- a/ops/terraform/security.tf +++ b/ops/terraform/security.tf @@ -1,5 +1,5 @@ ########################### -# SECURITY GROUP +# ALLOW SSH ########################### resource "aws_security_group" "allow_ssh" { @@ -17,16 +17,27 @@ resource "aws_security_group" "allow_ssh" { } } +########################### +# ALLOW HTTP +########################### + resource "aws_security_group" "allow_http" { name = "allow http" - ingress { + egress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } + egress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + lifecycle { create_before_destroy = true } diff --git a/ops/terraform/terraform.tfstate b/ops/terraform/terraform.tfstate new file mode 100644 index 0000000..ae838cc --- /dev/null +++ b/ops/terraform/terraform.tfstate @@ -0,0 +1,232 @@ +{ + "version": 3, + "terraform_version": "0.11.10", + "serial": 5, + "lineage": "40e25136-2a8a-573c-e896-537bfb7f8b22", + "modules": [ + { + "path": [ + "root" + ], + "outputs": {}, + "resources": { + "aws_eip_association.webserver-eip": { + "type": "aws_eip_association", + "depends_on": [ + "aws_instance.webserver", + "data.aws_eip.webserver-ip" + ], + "primary": { + "id": "eipassoc-008af9caa6691c04b", + "attributes": { + "allocation_id": "eipalloc-0f61e902f5f680dc0", + "id": "eipassoc-008af9caa6691c04b", + "instance_id": "i-05ab29acdb857ba07", + "network_interface_id": "eni-04f05313a3fb9d22e", + "private_ip_address": "172.31.33.78", + "public_ip": "35.180.10.123" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_instance.webserver": { + "type": "aws_instance", + "depends_on": [ + "aws_key_pair.terraform_ec2_key", + "aws_security_group.allow_http", + "aws_security_group.allow_ssh" + ], + "primary": { + "id": "i-05ab29acdb857ba07", + "attributes": { + "ami": "ami-969c2deb", + "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-05ab29acdb857ba07", + "associate_public_ip_address": "true", + "availability_zone": "eu-west-3c", + "cpu_core_count": "1", + "cpu_threads_per_core": "1", + "credit_specification.#": "1", + "credit_specification.0.cpu_credits": "standard", + "disable_api_termination": "false", + "ebs_block_device.#": "0", + "ebs_optimized": "false", + "ephemeral_block_device.#": "0", + "get_password_data": "false", + "iam_instance_profile": "", + "id": "i-05ab29acdb857ba07", + "instance_state": "running", + "instance_type": "t2.micro", + "ipv6_addresses.#": "0", + "key_name": "terraform_ec2_key", + "monitoring": "false", + "network_interface.#": "0", + "network_interface_id": "eni-04f05313a3fb9d22e", + "password_data": "", + "placement_group": "", + "primary_network_interface_id": "eni-04f05313a3fb9d22e", + "private_dns": "ip-172-31-33-78.eu-west-3.compute.internal", + "private_ip": "172.31.33.78", + "public_dns": "ec2-35-180-131-72.eu-west-3.compute.amazonaws.com", + "public_ip": "35.180.131.72", + "root_block_device.#": "1", + "root_block_device.0.delete_on_termination": "true", + "root_block_device.0.iops": "100", + "root_block_device.0.volume_id": "vol-0b2c3ade9942b0498", + "root_block_device.0.volume_size": "8", + "root_block_device.0.volume_type": "gp2", + "security_groups.#": "2", + "security_groups.1710041364": "allow ssh", + "security_groups.4237835427": "allow http", + "source_dest_check": "true", + "subnet_id": "subnet-6308d02e", + "tags.%": "1", + "tags.Name": "hifive-webserver", + "tenancy": "default", + "volume_tags.%": "0", + "vpc_security_group_ids.#": "2", + "vpc_security_group_ids.1275660324": "sg-069d406cd5c97a02e", + "vpc_security_group_ids.1919395107": "sg-000fa76bafd2d1490" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 1200000000000, + "update": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_key_pair.terraform_ec2_key": { + "type": "aws_key_pair", + "depends_on": [], + "primary": { + "id": "terraform_ec2_key", + "attributes": { + "fingerprint": "24:c0:bd:83:25:d9:bb:12:0e:88:ab:d0:17:d9:07:74", + "id": "terraform_ec2_key", + "key_name": "terraform_ec2_key", + "public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClFxq0O91KsqPLYWeONMjta9p5XsoP/LjzE1jUayr4n5c7uUb/ND9rab9lD+6DK0fhvN58xfZ4YdqPA1HUubaZtE21TIqL6zcOJ8c2z55iBEpzN6c9x6bmS+ZmOrWMUWsweZa1WWBz6UMDvrCRy+yDysndGOLbHZbjtYPv9Zg/9aCunVYDbQIfStRl9YwrR/wtIAyC5PsXJMoaoGrkh5Ac24upkPXCfm2MDirZuKfeMFh+5gSEzSfXXS1OKSVfXrxh9uL+TyqL1MCOn8QSxHVvdaLql6p0FXZrU53RXg5fVz0OwX2W1iSi/7xJiTcXoqZH7RhsH+gLfi1GdljQ2hCj s0dy@thinkpad" + }, + "meta": { + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_security_group.allow_http": { + "type": "aws_security_group", + "depends_on": [], + "primary": { + "id": "sg-000fa76bafd2d1490", + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-000fa76bafd2d1490", + "description": "Managed by Terraform", + "egress.#": "2", + "egress.2214680975.cidr_blocks.#": "1", + "egress.2214680975.cidr_blocks.0": "0.0.0.0/0", + "egress.2214680975.description": "", + "egress.2214680975.from_port": "80", + "egress.2214680975.ipv6_cidr_blocks.#": "0", + "egress.2214680975.prefix_list_ids.#": "0", + "egress.2214680975.protocol": "tcp", + "egress.2214680975.security_groups.#": "0", + "egress.2214680975.self": "false", + "egress.2214680975.to_port": "80", + "egress.2617001939.cidr_blocks.#": "1", + "egress.2617001939.cidr_blocks.0": "0.0.0.0/0", + "egress.2617001939.description": "", + "egress.2617001939.from_port": "443", + "egress.2617001939.ipv6_cidr_blocks.#": "0", + "egress.2617001939.prefix_list_ids.#": "0", + "egress.2617001939.protocol": "tcp", + "egress.2617001939.security_groups.#": "0", + "egress.2617001939.self": "false", + "egress.2617001939.to_port": "443", + "id": "sg-000fa76bafd2d1490", + "ingress.#": "0", + "name": "allow http", + "owner_id": "116854918046", + "revoke_rules_on_delete": "false", + "tags.%": "0", + "vpc_id": "vpc-8a4b1ae3" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_security_group.allow_ssh": { + "type": "aws_security_group", + "depends_on": [], + "primary": { + "id": "sg-069d406cd5c97a02e", + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-069d406cd5c97a02e", + "description": "Managed by Terraform", + "egress.#": "0", + "id": "sg-069d406cd5c97a02e", + "ingress.#": "1", + "ingress.2541437006.cidr_blocks.#": "1", + "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", + "ingress.2541437006.description": "", + "ingress.2541437006.from_port": "22", + "ingress.2541437006.ipv6_cidr_blocks.#": "0", + "ingress.2541437006.prefix_list_ids.#": "0", + "ingress.2541437006.protocol": "tcp", + "ingress.2541437006.security_groups.#": "0", + "ingress.2541437006.self": "false", + "ingress.2541437006.to_port": "22", + "name": "allow ssh", + "owner_id": "116854918046", + "revoke_rules_on_delete": "false", + "tags.%": "0", + "vpc_id": "vpc-8a4b1ae3" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "data.aws_eip.webserver-ip": { + "type": "aws_eip", + "depends_on": [], + "primary": { + "id": "eipalloc-0f61e902f5f680dc0", + "attributes": { + "id": "eipalloc-0f61e902f5f680dc0", + "public_ip": "35.180.10.123" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + } + }, + "depends_on": [] + } + ] +} diff --git a/ops/terraform/terraform.tfstate.backup b/ops/terraform/terraform.tfstate.backup new file mode 100644 index 0000000..f0f780c --- /dev/null +++ b/ops/terraform/terraform.tfstate.backup @@ -0,0 +1,139 @@ +{ + "version": 3, + "terraform_version": "0.11.10", + "serial": 5, + "lineage": "40e25136-2a8a-573c-e896-537bfb7f8b22", + "modules": [ + { + "path": [ + "root" + ], + "outputs": {}, + "resources": { + "aws_key_pair.terraform_ec2_key": { + "type": "aws_key_pair", + "depends_on": [], + "primary": { + "id": "terraform_ec2_key", + "attributes": { + "fingerprint": "24:c0:bd:83:25:d9:bb:12:0e:88:ab:d0:17:d9:07:74", + "id": "terraform_ec2_key", + "key_name": "terraform_ec2_key", + "public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClFxq0O91KsqPLYWeONMjta9p5XsoP/LjzE1jUayr4n5c7uUb/ND9rab9lD+6DK0fhvN58xfZ4YdqPA1HUubaZtE21TIqL6zcOJ8c2z55iBEpzN6c9x6bmS+ZmOrWMUWsweZa1WWBz6UMDvrCRy+yDysndGOLbHZbjtYPv9Zg/9aCunVYDbQIfStRl9YwrR/wtIAyC5PsXJMoaoGrkh5Ac24upkPXCfm2MDirZuKfeMFh+5gSEzSfXXS1OKSVfXrxh9uL+TyqL1MCOn8QSxHVvdaLql6p0FXZrU53RXg5fVz0OwX2W1iSi/7xJiTcXoqZH7RhsH+gLfi1GdljQ2hCj s0dy@thinkpad" + }, + "meta": { + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_security_group.allow_http": { + "type": "aws_security_group", + "depends_on": [], + "primary": { + "id": "sg-000fa76bafd2d1490", + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-000fa76bafd2d1490", + "description": "Managed by Terraform", + "egress.#": "2", + "egress.2214680975.cidr_blocks.#": "1", + "egress.2214680975.cidr_blocks.0": "0.0.0.0/0", + "egress.2214680975.description": "", + "egress.2214680975.from_port": "80", + "egress.2214680975.ipv6_cidr_blocks.#": "0", + "egress.2214680975.prefix_list_ids.#": "0", + "egress.2214680975.protocol": "tcp", + "egress.2214680975.security_groups.#": "0", + "egress.2214680975.self": "false", + "egress.2214680975.to_port": "80", + "egress.2617001939.cidr_blocks.#": "1", + "egress.2617001939.cidr_blocks.0": "0.0.0.0/0", + "egress.2617001939.description": "", + "egress.2617001939.from_port": "443", + "egress.2617001939.ipv6_cidr_blocks.#": "0", + "egress.2617001939.prefix_list_ids.#": "0", + "egress.2617001939.protocol": "tcp", + "egress.2617001939.security_groups.#": "0", + "egress.2617001939.self": "false", + "egress.2617001939.to_port": "443", + "id": "sg-000fa76bafd2d1490", + "ingress.#": "0", + "name": "allow http", + "owner_id": "116854918046", + "revoke_rules_on_delete": "false", + "tags.%": "0", + "vpc_id": "vpc-8a4b1ae3" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_security_group.allow_ssh": { + "type": "aws_security_group", + "depends_on": [], + "primary": { + "id": "sg-069d406cd5c97a02e", + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-069d406cd5c97a02e", + "description": "Managed by Terraform", + "egress.#": "0", + "id": "sg-069d406cd5c97a02e", + "ingress.#": "1", + "ingress.2541437006.cidr_blocks.#": "1", + "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", + "ingress.2541437006.description": "", + "ingress.2541437006.from_port": "22", + "ingress.2541437006.ipv6_cidr_blocks.#": "0", + "ingress.2541437006.prefix_list_ids.#": "0", + "ingress.2541437006.protocol": "tcp", + "ingress.2541437006.security_groups.#": "0", + "ingress.2541437006.self": "false", + "ingress.2541437006.to_port": "22", + "name": "allow ssh", + "owner_id": "116854918046", + "revoke_rules_on_delete": "false", + "tags.%": "0", + "vpc_id": "vpc-8a4b1ae3" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "data.aws_eip.webserver-ip": { + "type": "aws_eip", + "depends_on": [], + "primary": { + "id": "eipalloc-0f61e902f5f680dc0", + "attributes": { + "id": "eipalloc-0f61e902f5f680dc0", + "public_ip": "35.180.10.123" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + } + }, + "depends_on": [] + } + ] +}