diff --git a/modules/alb/main.tf b/modules/alb/main.tf new file mode 100755 index 0000000..2053f6f --- /dev/null +++ b/modules/alb/main.tf @@ -0,0 +1,61 @@ +resource "aws_security_group" "this" { + name = "demo-app-alb-sg" + + vpc_id = var.VPC_ID + + ingress { + description = "HTTP" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_lb" "this" { + name = "demo-app-alb" + + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.this.id] + subnets = var.ALB_SUBNETS_IDS + + tags = { + Project = var.PROJECT_TAG + } +} + +resource "aws_lb_target_group" "this" { + name = "demo-app-alb-tg" + port = 80 + protocol = "HTTP" + vpc_id = var.VPC_ID + + health_check { + protocol = "HTTP" + port = 80 + path = "/healthcheck.html" + healthy_threshold = 2 + unhealthy_threshold = 2 + interval = 90 + timeout = 20 + } +} + +resource "aws_lb_listener" "this" { + load_balancer_arn = aws_lb.this.arn + port = 80 + protocol = "HTTP" + + default_action { + target_group_arn = aws_lb_target_group.this.arn + type = "forward" + } +} \ No newline at end of file diff --git a/modules/alb/outputs.tf b/modules/alb/outputs.tf new file mode 100755 index 0000000..4ca7eb9 --- /dev/null +++ b/modules/alb/outputs.tf @@ -0,0 +1,3 @@ +output "alb_tg" { + value = aws_lb_target_group.this +} \ No newline at end of file diff --git a/modules/alb/variables.tf b/modules/alb/variables.tf new file mode 100755 index 0000000..4602f27 --- /dev/null +++ b/modules/alb/variables.tf @@ -0,0 +1,11 @@ +variable "VPC_ID" { + type = string +} + +variable "PROJECT_TAG" { + type = string +} + +variable "ALB_SUBNETS_IDS" { + type = list(string) +} \ No newline at end of file diff --git a/modules/app/main.tf b/modules/app/main.tf index 8754079..2757721 100755 --- a/modules/app/main.tf +++ b/modules/app/main.tf @@ -27,14 +27,6 @@ resource "aws_security_group" "this" { cidr_blocks = ["0.0.0.0/0"] } - ingress { - description = "HTTPS" - from_port = 443 - to_port = 443 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - egress { from_port = 0 to_port = 0 @@ -72,6 +64,7 @@ resource "aws_autoscaling_group" "this" { vpc_zone_identifier = var.VPC_SUBNETS_IDS health_check_type = "ELB" health_check_grace_period = "90" + target_group_arns = var.ALB_TARGET_GROUP_ARNS tag { key = "Name" diff --git a/modules/app/variables.tf b/modules/app/variables.tf index 2f01576..7bb68bf 100755 --- a/modules/app/variables.tf +++ b/modules/app/variables.tf @@ -27,4 +27,9 @@ variable "ASG_MIN_SIZE" { variable "ASG_MAX_SIZE" { type = number +} + +# ALB +variable "ALB_TARGET_GROUP_ARNS" { + type = list(string) } \ No newline at end of file diff --git a/prod/main.tf b/prod/main.tf index 4bd7b79..3e17088 100755 --- a/prod/main.tf +++ b/prod/main.tf @@ -12,8 +12,8 @@ module "vpc" { cidr = var.DEMO_VPC_CIDR azs = var.DEMO_VPC_AVAILABILITY_ZONES - private_subnets = var.DEMO_VPC_PRIVATE_SUBNET_CIDRS - public_subnets = var.DEMO_VPC_PUBLIC_SUBNET_CIDRS + private_subnets = var.DEMO_VPC_PRIVATE_SUBNETS_CIDRS + public_subnets = var.DEMO_VPC_PUBLIC_SUBNETS_CIDRS enable_nat_gateway = true single_nat_gateway = true @@ -52,6 +52,15 @@ module "bastion_host" { EC2_KEY_NAME = var.DEMO_BASTION_HOST_KEY_NAME } +# Create ALB +module "alb" { + source = "../modules/alb" + + VPC_ID = module.vpc_data.vpc.id + PROJECT_TAG = var.PROJECT_TAG + ALB_SUBNETS_IDS = module.vpc_data.public_subnets.ids +} + # Create demo app module "app" { source = "../modules/app" @@ -65,4 +74,6 @@ module "app" { ASG_MIN_SIZE = var.DEMO_APP_ASG_MIN_SIZE ASG_MAX_SIZE = var.DEMO_APP_ASG_MAX_SIZE + + ALB_TARGET_GROUP_ARNS = [module.alb.alb_tg.arn] } diff --git a/prod/variables.tf b/prod/variables.tf index ffaef1f..0146c2b 100755 --- a/prod/variables.tf +++ b/prod/variables.tf @@ -22,11 +22,11 @@ variable "DEMO_VPC_AVAILABILITY_ZONES" { type = list(string) } -variable "DEMO_VPC_PRIVATE_SUBNET_CIDRS" { +variable "DEMO_VPC_PRIVATE_SUBNETS_CIDRS" { type = list(string) } -variable "DEMO_VPC_PUBLIC_SUBNET_CIDRS" { +variable "DEMO_VPC_PUBLIC_SUBNETS_CIDRS" { type = list(string) }