使用Terraform创建VPC、子网和Internet GW
由于使用Terraform创建了ALB和Fargate,因此将工程分为数个步骤进行记录。
需要前提的是,可以使用Terraform命令和AWS CLI,并且设置了希望构建基础设施的AWS_DEFAULT_PROFILE。
生態
Terraform 版本 1.1.6
图纸已经完成。
我先创建了一个VPC,现在将其作为备忘录记录下来。
这次要创建的VPC架构图
Terraform目录结构
.
├── environments
│ └── staging
│ │ ├── backend.tf
│ │ ├── main.tf
│ │ ├── terraform.tfvars
│ │ └── variables.tf
│ └── production
│ │ ├── backend.tf
│ │ ├── main.tf
│ │ ├── terraform.tfvars
│ │ └── variables.tf
| └── script
| └── install.sh
|
└── module_aws
└── vpc
| ├── main.tf
| ├── output.tf
| └── variables.tf
└── ec2
| ├── main.tf
| ├── output.tf
| └── variables.tf
└── alb
├── main.tf
└── variables.tf
创建的代码 le
terraform {
backend "s3" {
bucket = "S3のバケット名"
key = "terraform/XXX.tfstate"
region = "ap-northeast-1"
profile = "XXX"
}
}
provider "aws" {
region = "ap-northeast-1"
}
# vpcモジュールを呼び出す
module "vpc" {
source = "../../module_aws/vpc"
customer_no = var.customer_no
system = var.system
env = var.env
cidr_vpc = var.vpc_cidr
cidr_public_a = var.cidr_public_a
cidr_public_c = var.cidr_public_c
cidr_private_a = var.cidr_private_a
cidr_private_c = var.cidr_private_c
}
customer_no = "001" # 顧客No
system = "WEB" # タグに使用するこの基盤のシステム名称(任意)
env = "STG" # タグに使用する環境の名称(dev|stg|prd)
vpc_cidr = "10.0.0.0/16" # VPCのサイダーブロック
cidr_public_a = "10.0.1.0/24" # サブネットのCIDRブロック
cidr_public_c = "10.0.2.0/24" # サブネットのCIDRブロック
cidr_private_a = "10.0.3.0/24" # サブネットのCIDRブロック
cidr_private_c = "10.0.4.0/24" # サブネットのCIDRブロック
# General
variable "customer_no" {}
variable "system" {}
variable "env" {}
# VPC
variable "vpc_cidr" {}
variable "cidr_public_a" {}
variable "cidr_public_c" {}
variable "cidr_private_a" {}
variable "cidr_private_c" {}
data "aws_availability_zones" "available" {
state = "available"
}
# VPC作成
resource "aws_vpc" "vpc" {
cidr_block = var.cidr_vpc
instance_tenancy = "default"
enable_dns_hostnames = true
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
# IG作成
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.vpc.id
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-igw"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
# サブネット作成
## public_ap_northeast_1a
resource "aws_subnet" "public_ap_northeast_1a" {
vpc_id = aws_vpc.vpc.id
availability_zone = "ap-northeast-1a"
cidr_block = var.cidr_public_a
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-PUB-A"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
## public_ap_northeast_1c
resource "aws_subnet" "public_ap_northeast_1c" {
vpc_id = aws_vpc.vpc.id
availability_zone = "ap-northeast-1c"
cidr_block = var.cidr_public_c
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-PUB-C"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
## private_ap_northeast_1a
resource "aws_subnet" "private_ap_northeast_1a" {
vpc_id = aws_vpc.vpc.id
availability_zone = "ap-northeast-1a"
cidr_block = var.cidr_private_a
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-PRI-A"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
## private_ap_northeast_1c
resource "aws_subnet" "private_ap_northeast_1c" {
vpc_id = aws_vpc.vpc.id
availability_zone = "ap-northeast-1c"
cidr_block = var.cidr_private_c
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-PRI-C"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
# ルートテーブル作成
## public
resource "aws_default_route_table" "public_route" {
default_route_table_id = aws_vpc.vpc.default_route_table_id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
tags = {
Name = "${var.customer_no}-${var.env}-${var.system}-PUB"
"terraform_${var.customer_no}-${var.env}-${var.system}" = "yes"
}
}
variable "customer_no" {}
variable "system" {}
variable "env" {}
variable "cidr_vpc" {}
variable "cidr_public_a" {}
variable "cidr_public_c" {}
variable "cidr_private_a" {}
variable "cidr_private_c" {}
执行步骤 bù
- ワークスペースを初期化
cd /environments/staging
terraform init
- 実行計画確認
terraform plan
- インフラ構築を実行
terraform apply
- 作成したインフラ削除
terraform destroy
