Terraformでリソース構築①:NW周りと変数設定
Gitリポジトリの設定およびTerraformの初期設定が完了したら、AWSリソースをtfファイルを作成してapplyする事で作成していきます。
以下のように、並列にAWSリソースごとのtfファイルを用意して順々に作成します。
ここで作成する順番としては、以下。
AWSリソースを作成する度に正しく作成できたかをマネジメントコンソールから確認しながら行う。
AWSリソース作成手順は以下。
手順
以下①~③をtfファイルごとに繰り返す
①tfファイルの作成/編集
1~5のtfファイルを作成/編集する
②変更内容確認
$ terraform plan
③変更内容適用
$ terraform apply
tfファイルの中身
variables.tf
variable "common" { type = "map" default = { prefix = "sampledirection" region = "ap-northeast-1" az-a = "ap-northeast-1a" az-c = "ap-northeast-1c" } } variable "vpc" { type = "map" default = { cidr = "10.0.0.0/16" } } variable "subnet" { type = "map" default = { public-cidr-a = "10.0.0.0/24" public-cidr-c = "10.0.1.0/24" protected-cidr-a = "10.0.2.0/24" protected-cidr-c = "10.0.3.0/24" private-cidr-a = "10.0.4.0/24" private-cidr-c = "10.0.5.0/24" } }
vpc.tf
resource "aws_vpc" "vpc" { cidr_block = "${var.vpc["cidr"]}" enable_dns_support = "true" enable_dns_hostnames = "true" tags = { Name = "${var.common["prefix"]}-vpc-01" } }
subnet.tf
resource "aws_subnet" "public-subnet-a" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["public-cidr-a"]}" availability_zone = "${var.common["az-a"]}" tags = { Name = "${var.common["prefix"]}-public-a" } } resource "aws_subnet" "public-subnet-c" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["public-cidr-c"]}" availability_zone = "${var.common["az-c"]}" tags = { Name = "${var.common["prefix"]}-public-c" } } resource "aws_subnet" "protected-subnet-a" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["protected-cidr-a"]}" availability_zone = "${var.common["az-a"]}" tags = { Name = "${var.common["prefix"]}-protect-a" } } resource "aws_subnet" "protected-subnet-c" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["protected-cidr-c"]}" availability_zone = "${var.common["az-c"]}" tags = { Name = "${var.common["prefix"]}-protect-c" } } resource "aws_subnet" "private-subnet-a" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["private-cidr-a"]}" availability_zone = "${var.common["az-a"]}" tags = { Name = "${var.common["prefix"]}-private-a" } } resource "aws_subnet" "private-subnet-c" { vpc_id = "${aws_vpc.vpc.id}" cidr_block = "${var.subnet["private-cidr-c"]}" availability_zone = "${var.common["az-c"]}" tags = { Name = "${var.common["prefix"]}-private-c" } }
igw.tf
resource "aws_internet_gateway" "igw" { vpc_id = "${aws_vpc.vpc.id}" tags = { Name = "${var.common["prefix"]}-igw-01" } }
rt.tf
# RouteTable resource "aws_route_table" "rt-public" { vpc_id = "${aws_vpc.vpc.id}" route { cidr_block = "0.0.0.0/0" gateway_id = "${aws_internet_gateway.igw.id}" } tags = { Name = "${var.common["prefix"]}-public-rtb-01" } } resource "aws_route_table" "rt-protected" { vpc_id = "${aws_vpc.vpc.id}" route { cidr_block = "0.0.0.0/0" gateway_id = "${aws_internet_gateway.igw.id}" } tags = { Name = "${var.common["prefix"]}-protect-rtb-01" } } resource "aws_route_table" "rt-private" { vpc_id = "${aws_vpc.vpc.id}" tags = { Name = "${var.common["prefix"]}-private-rtb-01" } } # RouteTableAssociation resource "aws_route_table_association" "public-rta-a" { subnet_id = "${aws_subnet.public-subnet-a.id}" route_table_id = "${aws_route_table.rt-public.id}" } resource "aws_route_table_association" "public-rta-c" { subnet_id = "${aws_subnet.public-subnet-c.id}" route_table_id = "${aws_route_table.rt-public.id}" } resource "aws_route_table_association" "protected-rta-a" { subnet_id = "${aws_subnet.protected-subnet-a.id}" route_table_id = "${aws_route_table.rt-protected.id}" } resource "aws_route_table_association" "protected-rta-c" { subnet_id = "${aws_subnet.protected-subnet-c.id}" route_table_id = "${aws_route_table.rt-protected.id}" } resource "aws_route_table_association" "private-rta-a" { subnet_id = "${aws_subnet.private-subnet-a.id}" route_table_id = "${aws_route_table.rt-private.id}" } resource "aws_route_table_association" "private-rta-c" { subnet_id = "${aws_subnet.private-subnet-c.id}" route_table_id = "${aws_route_table.rt-private.id}" }