From f01979749a395c7983abdba91b89e1f4d7f3cc98 Mon Sep 17 00:00:00 2001 From: s0dy Date: Thu, 1 Nov 2018 12:05:54 +0100 Subject: [PATCH] Change security groups --- ops/terraform/main.tf | 26 +-- ops/terraform/security-groups.tf | 14 ++ ops/terraform/terraform.tfstate | 79 ++++++--- ops/terraform/terraform.tfstate.backup | 232 +------------------------ 4 files changed, 80 insertions(+), 271 deletions(-) diff --git a/ops/terraform/main.tf b/ops/terraform/main.tf index fdda812..dd8bd54 100644 --- a/ops/terraform/main.tf +++ b/ops/terraform/main.tf @@ -11,33 +11,17 @@ resource "aws_eip_association" "webserver-eip" { allocation_id = "${data.aws_eip.webserver-ip.id}" } - ########################### -# INSTANCE WEBSERVER +# INSTANCE ########################### -data "aws_ami" "ubuntu" { - most_recent = true - - filter { - name = "name" - values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"] - } - - filter { - name = "virtualization-type" - values = ["hvm"] - } - - owners = ["099720109477"] # Canonical - -} - resource "aws_instance" "webserver" { - ami = "ami-04992646d54c69ef4" + ami = "ami-38a01045" instance_type = "t2.micro" key_name = "${aws_key_pair.terraform_ec2_key.id}" - vpc_security_group_ids = ["${aws_security_group.allow_ssh.id}"] + vpc_security_group_ids = [ + "${aws_security_group.allow_ssh.id}" + ] tags { Name = "hifive-webserver" diff --git a/ops/terraform/security-groups.tf b/ops/terraform/security-groups.tf index 7d7c4a2..fe1caa0 100644 --- a/ops/terraform/security-groups.tf +++ b/ops/terraform/security-groups.tf @@ -17,3 +17,17 @@ resource "aws_security_group" "allow_ssh" { } } +resource "aws_security_group" "allow_http" { + name = "allow http" + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + lifecycle { + create_before_destroy = true + } +} diff --git a/ops/terraform/terraform.tfstate b/ops/terraform/terraform.tfstate index e7542cf..ad4c05e 100644 --- a/ops/terraform/terraform.tfstate +++ b/ops/terraform/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.10", - "serial": 3, + "serial": 6, "lineage": "4559bbe1-495e-5de2-cb83-77e241ef9eac", "modules": [ { @@ -17,13 +17,13 @@ "data.aws_eip.webserver-ip" ], "primary": { - "id": "eipassoc-01df35e4fb2455c9a", + "id": "eipassoc-0f0b99dc7d0160ee9", "attributes": { "allocation_id": "eipalloc-0f61e902f5f680dc0", - "id": "eipassoc-01df35e4fb2455c9a", - "instance_id": "i-0c9eae21a3130cc41", - "network_interface_id": "eni-07011ea41afb09dec", - "private_ip_address": "172.31.46.198", + "id": "eipassoc-0f0b99dc7d0160ee9", + "instance_id": "i-06a306ae30d2e0ce1", + "network_interface_id": "eni-02cda3577fdab8135", + "private_ip_address": "172.31.37.211", "public_ip": "35.180.10.123" }, "meta": {}, @@ -39,10 +39,10 @@ "aws_security_group.allow_ssh" ], "primary": { - "id": "i-0c9eae21a3130cc41", + "id": "i-06a306ae30d2e0ce1", "attributes": { "ami": "ami-04992646d54c69ef4", - "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-0c9eae21a3130cc41", + "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-06a306ae30d2e0ce1", "associate_public_ip_address": "true", "availability_zone": "eu-west-3c", "cpu_core_count": "1", @@ -55,25 +55,25 @@ "ephemeral_block_device.#": "0", "get_password_data": "false", "iam_instance_profile": "", - "id": "i-0c9eae21a3130cc41", + "id": "i-06a306ae30d2e0ce1", "instance_state": "running", "instance_type": "t2.micro", "ipv6_addresses.#": "0", "key_name": "terraform_ec2_key", "monitoring": "false", "network_interface.#": "0", - "network_interface_id": "eni-07011ea41afb09dec", + "network_interface_id": "eni-02cda3577fdab8135", "password_data": "", "placement_group": "", - "primary_network_interface_id": "eni-07011ea41afb09dec", - "private_dns": "ip-172-31-46-198.eu-west-3.compute.internal", - "private_ip": "172.31.46.198", - "public_dns": "ec2-35-180-10-123.eu-west-3.compute.amazonaws.com", - "public_ip": "35.180.10.123", + "primary_network_interface_id": "eni-02cda3577fdab8135", + "private_dns": "ip-172-31-37-211.eu-west-3.compute.internal", + "private_ip": "172.31.37.211", + "public_dns": "ec2-35-180-34-103.eu-west-3.compute.amazonaws.com", + "public_ip": "35.180.34.103", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "100", - "root_block_device.0.volume_id": "vol-0fb06f24a4cfdcad0", + "root_block_device.0.volume_id": "vol-00f34daa7c6e64690", "root_block_device.0.volume_size": "8", "root_block_device.0.volume_type": "gp2", "security_groups.#": "1", @@ -85,7 +85,7 @@ "tenancy": "default", "volume_tags.%": "0", "vpc_security_group_ids.#": "1", - "vpc_security_group_ids.1567020715": "sg-091ed62f53cbe7b39" + "vpc_security_group_ids.2701339168": "sg-0825bc82dcc6b975f" }, "meta": { "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { @@ -119,16 +119,55 @@ "deposed": [], "provider": "provider.aws" }, + "aws_security_group.allow_http": { + "type": "aws_security_group", + "depends_on": [], + "primary": { + "id": "sg-0e91647397b0e53da", + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-0e91647397b0e53da", + "description": "Managed by Terraform", + "egress.#": "0", + "id": "sg-0e91647397b0e53da", + "ingress.#": "1", + "ingress.2214680975.cidr_blocks.#": "1", + "ingress.2214680975.cidr_blocks.0": "0.0.0.0/0", + "ingress.2214680975.description": "", + "ingress.2214680975.from_port": "80", + "ingress.2214680975.ipv6_cidr_blocks.#": "0", + "ingress.2214680975.prefix_list_ids.#": "0", + "ingress.2214680975.protocol": "tcp", + "ingress.2214680975.security_groups.#": "0", + "ingress.2214680975.self": "false", + "ingress.2214680975.to_port": "80", + "name": "allow http", + "owner_id": "116854918046", + "revoke_rules_on_delete": "false", + "tags.%": "0", + "vpc_id": "vpc-8a4b1ae3" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_security_group.allow_ssh": { "type": "aws_security_group", "depends_on": [], "primary": { - "id": "sg-091ed62f53cbe7b39", + "id": "sg-0825bc82dcc6b975f", "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-091ed62f53cbe7b39", + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-0825bc82dcc6b975f", "description": "Managed by Terraform", "egress.#": "0", - "id": "sg-091ed62f53cbe7b39", + "id": "sg-0825bc82dcc6b975f", "ingress.#": "1", "ingress.2541437006.cidr_blocks.#": "1", "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", diff --git a/ops/terraform/terraform.tfstate.backup b/ops/terraform/terraform.tfstate.backup index 8de8161..8247e01 100644 --- a/ops/terraform/terraform.tfstate.backup +++ b/ops/terraform/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.10", - "serial": 3, + "serial": 6, "lineage": "4559bbe1-495e-5de2-cb83-77e241ef9eac", "modules": [ { @@ -9,235 +9,7 @@ "root" ], "outputs": {}, - "resources": { - "aws_eip_association.webserver-eip": { - "type": "aws_eip_association", - "depends_on": [ - "aws_instance.webserver", - "data.aws_eip.webserver-ip" - ], - "primary": { - "id": "eipassoc-01df35e4fb2455c9a", - "attributes": { - "allocation_id": "eipalloc-0f61e902f5f680dc0", - "id": "eipassoc-01df35e4fb2455c9a", - "instance_id": "i-0c9eae21a3130cc41", - "network_interface_id": "eni-07011ea41afb09dec", - "private_ip_address": "172.31.46.198", - "public_ip": "35.180.10.123" - }, - "meta": {}, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - }, - "aws_instance.webserver": { - "type": "aws_instance", - "depends_on": [ - "aws_key_pair.terraform_ec2_key", - "aws_security_group.allow_ssh" - ], - "primary": { - "id": "i-0c9eae21a3130cc41", - "attributes": { - "ami": "ami-04992646d54c69ef4", - "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-0c9eae21a3130cc41", - "associate_public_ip_address": "true", - "availability_zone": "eu-west-3c", - "cpu_core_count": "1", - "cpu_threads_per_core": "1", - "credit_specification.#": "1", - "credit_specification.0.cpu_credits": "standard", - "disable_api_termination": "false", - "ebs_block_device.#": "0", - "ebs_optimized": "false", - "ephemeral_block_device.#": "0", - "get_password_data": "false", - "iam_instance_profile": "", - "id": "i-0c9eae21a3130cc41", - "instance_state": "running", - "instance_type": "t2.micro", - "ipv6_addresses.#": "0", - "key_name": "terraform_ec2_key", - "monitoring": "false", - "network_interface.#": "0", - "network_interface_id": "eni-07011ea41afb09dec", - "password_data": "", - "placement_group": "", - "primary_network_interface_id": "eni-07011ea41afb09dec", - "private_dns": "ip-172-31-46-198.eu-west-3.compute.internal", - "private_ip": "172.31.46.198", - "public_dns": "ec2-35-180-189-234.eu-west-3.compute.amazonaws.com", - "public_ip": "35.180.189.234", - "root_block_device.#": "1", - "root_block_device.0.delete_on_termination": "true", - "root_block_device.0.iops": "100", - "root_block_device.0.volume_id": "vol-0fb06f24a4cfdcad0", - "root_block_device.0.volume_size": "8", - "root_block_device.0.volume_type": "gp2", - "security_groups.#": "1", - "security_groups.3705046556": "terraform-example-instance", - "source_dest_check": "true", - "subnet_id": "subnet-6308d02e", - "tags.%": "1", - "tags.Name": "hifive-webserver", - "tenancy": "default", - "volume_tags.%": "0", - "vpc_security_group_ids.#": "1", - "vpc_security_group_ids.3229956732": "sg-0d04233f1196d8c4c" - }, - "meta": { - "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { - "create": 600000000000, - "delete": 1200000000000, - "update": 600000000000 - }, - "schema_version": "1" - }, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - }, - "aws_key_pair.terraform_ec2_key": { - "type": "aws_key_pair", - "depends_on": [], - "primary": { - "id": "terraform_ec2_key", - "attributes": { - "fingerprint": "24:c0:bd:83:25:d9:bb:12:0e:88:ab:d0:17:d9:07:74", - "id": "terraform_ec2_key", - "key_name": "terraform_ec2_key", - "public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClFxq0O91KsqPLYWeONMjta9p5XsoP/LjzE1jUayr4n5c7uUb/ND9rab9lD+6DK0fhvN58xfZ4YdqPA1HUubaZtE21TIqL6zcOJ8c2z55iBEpzN6c9x6bmS+ZmOrWMUWsweZa1WWBz6UMDvrCRy+yDysndGOLbHZbjtYPv9Zg/9aCunVYDbQIfStRl9YwrR/wtIAyC5PsXJMoaoGrkh5Ac24upkPXCfm2MDirZuKfeMFh+5gSEzSfXXS1OKSVfXrxh9uL+TyqL1MCOn8QSxHVvdaLql6p0FXZrU53RXg5fVz0OwX2W1iSi/7xJiTcXoqZH7RhsH+gLfi1GdljQ2hCj s0dy@thinkpad" - }, - "meta": { - "schema_version": "1" - }, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - }, - "aws_security_group.allow_ssh": { - "type": "aws_security_group", - "depends_on": [], - "primary": { - "id": "sg-0d04233f1196d8c4c", - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-0d04233f1196d8c4c", - "description": "Managed by Terraform", - "egress.#": "0", - "id": "sg-0d04233f1196d8c4c", - "ingress.#": "1", - "ingress.2541437006.cidr_blocks.#": "1", - "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", - "ingress.2541437006.description": "", - "ingress.2541437006.from_port": "22", - "ingress.2541437006.ipv6_cidr_blocks.#": "0", - "ingress.2541437006.prefix_list_ids.#": "0", - "ingress.2541437006.protocol": "tcp", - "ingress.2541437006.security_groups.#": "0", - "ingress.2541437006.self": "false", - "ingress.2541437006.to_port": "22", - "name": "terraform-example-instance", - "owner_id": "116854918046", - "revoke_rules_on_delete": "false", - "tags.%": "0", - "vpc_id": "vpc-8a4b1ae3" - }, - "meta": { - "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { - "create": 600000000000, - "delete": 600000000000 - }, - "schema_version": "1" - }, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - }, - "data.aws_ami.ubuntu": { - "type": "aws_ami", - "depends_on": [], - "primary": { - "id": "ami-0a2ca21adb4a04084", - "attributes": { - "architecture": "x86_64", - "block_device_mappings.#": "3", - "block_device_mappings.1634610537.device_name": "/dev/sdb", - "block_device_mappings.1634610537.ebs.%": "0", - "block_device_mappings.1634610537.no_device": "", - "block_device_mappings.1634610537.virtual_name": "ephemeral0", - "block_device_mappings.2547816212.device_name": "/dev/sda1", - "block_device_mappings.2547816212.ebs.%": "6", - "block_device_mappings.2547816212.ebs.delete_on_termination": "true", - "block_device_mappings.2547816212.ebs.encrypted": "false", - "block_device_mappings.2547816212.ebs.iops": "0", - "block_device_mappings.2547816212.ebs.snapshot_id": "snap-0ed1c0001fd1991b0", - "block_device_mappings.2547816212.ebs.volume_size": "8", - "block_device_mappings.2547816212.ebs.volume_type": "gp2", - "block_device_mappings.2547816212.no_device": "", - "block_device_mappings.2547816212.virtual_name": "", - "block_device_mappings.3850042718.device_name": "/dev/sdc", - "block_device_mappings.3850042718.ebs.%": "0", - "block_device_mappings.3850042718.no_device": "", - "block_device_mappings.3850042718.virtual_name": "ephemeral1", - "creation_date": "2018-10-13T15:11:50.000Z", - "description": "Canonical, Ubuntu, 18.04 LTS, amd64 bionic image build on 2018-10-12", - "filter.#": "2", - "filter.490168357.name": "virtualization-type", - "filter.490168357.values.#": "1", - "filter.490168357.values.0": "hvm", - "filter.942818600.name": "name", - "filter.942818600.values.#": "1", - "filter.942818600.values.0": "ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*", - "hypervisor": "xen", - "id": "ami-0a2ca21adb4a04084", - "image_id": "ami-0a2ca21adb4a04084", - "image_location": "099720109477/ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20181012", - "image_type": "machine", - "most_recent": "true", - "name": "ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20181012", - "owner_id": "099720109477", - "owners.#": "1", - "owners.0": "099720109477", - "product_codes.#": "0", - "public": "true", - "root_device_name": "/dev/sda1", - "root_device_type": "ebs", - "root_snapshot_id": "snap-0ed1c0001fd1991b0", - "sriov_net_support": "simple", - "state": "available", - "state_reason.%": "2", - "state_reason.code": "UNSET", - "state_reason.message": "UNSET", - "tags.%": "0", - "virtualization_type": "hvm" - }, - "meta": {}, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - }, - "data.aws_eip.webserver-ip": { - "type": "aws_eip", - "depends_on": [], - "primary": { - "id": "eipalloc-0f61e902f5f680dc0", - "attributes": { - "id": "eipalloc-0f61e902f5f680dc0", - "public_ip": "35.180.10.123" - }, - "meta": {}, - "tainted": false - }, - "deposed": [], - "provider": "provider.aws" - } - }, + "resources": {}, "depends_on": [] } ]