Initial commit

2025-07-01 12:35:33 +02:00 · 2022-08-24 14:14:42 +02:00
parent c1e58f922e
commit 180ae13b94
12 changed files with 293 additions and 0 deletions
--- a/modules/bastion_host/main.tf
+++ b/modules/bastion_host/main.tf
@ -0,0 +1,65 @@
+data "aws_ami" "amazon-linux" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["amzn2-ami-*-gp2"]
+  }
+
+  filter {
+    name   = "architecture"
+    values = ["x86_64"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["amazon"]
+}
+
+resource "aws_security_group" "this" {
+  name = "bastion-host-sg"
+
+  vpc_id = var.VPC_ID
+
+  ingress {
+    description = "SSH"
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+resource "aws_network_interface" "this" {
+  subnet_id = var.SUBNET_ID
+  security_groups = [aws_security_group.this.id]
+
+  tags = {
+    Name = "bastion-host-nic"
+  }
+}
+
+resource "aws_instance" "this" {
+  ami           = data.aws_ami.amazon-linux.id
+  instance_type = var.INSTANCE_TYPE
+  key_name = var.KEY_NAME
+
+  network_interface {
+    network_interface_id = aws_network_interface.this.id
+    device_index         = 0
+  }
+
+  tags = {
+    Name = var.INSTANCE_NAME
+  }
+}
--- a/modules/bastion_host/outputs.tf
+++ b/modules/bastion_host/outputs.tf
@ -0,0 +1,11 @@
+output "bastion_host_name" {
+  value = aws_instance.this.id
+}
+
+output "bastion_host_private_ip" {
+  value = aws_instance.this.private_ip
+}
+
+output "bastion_host_public_ip" {
+  value = aws_instance.this.public_ip
+}
--- a/modules/bastion_host/variables.tf
+++ b/modules/bastion_host/variables.tf
@ -0,0 +1,20 @@
+variable "VPC_ID" {
+  type = string
+}
+
+variable "SUBNET_ID" {
+  type = string
+}
+
+variable "INSTANCE_TYPE" {
+  type = string
+  default = "t2.micro"
+}
+
+variable "INSTANCE_NAME" {
+  type = string
+}
+
+variable "KEY_NAME" {
+  type = string
+}
--- a/modules/vpc_data/main.tf
+++ b/modules/vpc_data/main.tf
@ -0,0 +1,41 @@
+data "aws_vpc" "vpc" {
+  tags = {
+    Name = var.VPC_NAME
+  }
+}
+
+data "aws_subnets" "private_subnets" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.vpc.id]
+  }
+
+  filter {
+    name   = "tag:Name"
+    values = ["${var.VPC_NAME}-private*"]
+  }
+}
+
+data "aws_subnets" "public_subnets" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.vpc.id]
+  }
+
+  filter {
+    name   = "tag:Name"
+    values = ["${var.VPC_NAME}-public*"]
+  }
+}
+
+data "aws_subnet" "bastion_host_subnet" {
+  filter {
+    name   = "vpc-id"
+    values = [data.aws_vpc.vpc.id]
+  }
+
+  filter {
+    name   = "tag:Name"
+    values = ["${var.VPC_NAME}-public-${var.BASTION_HOST_AZ}"]
+  }
+}
--- a/modules/vpc_data/outputs.tf
+++ b/modules/vpc_data/outputs.tf
@ -0,0 +1,15 @@
+output "vpc" {
+  value = data.aws_vpc.vpc
+}
+
+output "public_subnets" {
+  value = data.aws_subnets.public_subnets
+}
+
+output "private_subnets" {
+  value = data.aws_subnets.private_subnets
+}
+
+output "bastion_host_subnet" {
+  value = data.aws_subnet.bastion_host_subnet
+}
--- a/modules/vpc_data/variables.tf
+++ b/modules/vpc_data/variables.tf
@ -0,0 +1,7 @@
+variable "VPC_NAME" {
+  type = string
+}
+
+variable "BASTION_HOST_AZ" {
+  type = string
+}