DevOps Classroom notes 24/Dec/2023

Ntier in AWS

Security group

  • The terraform template which we created
variable "security_group_info" {
  type = object({
    name        = string
    description = string
    vpc_id      = string
    rules = list(object({
      from_port   = string
      to_port     = string
      type        = string
      protocol    = string
      cidr_blocks = list(string)
    }))
  })

  default = {
    name        = "web"
    description = "this is web security group"
    vpc_id      = ""
    rules = [{
      from_port   = "22"
      to_port     = "22"
      type        = "ingress"
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
      },
      {
        from_port   = "80"
        to_port     = "80"
        type        = "ingress"
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      },
      {
        from_port   = "443"
        to_port     = "443"
        type        = "ingress"
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }
    ]
  }

}



resource "aws_security_group" "web" {
  description = var.security_group_info.description
  name        = var.security_group_info.name
  vpc_id      = var.security_group_info.vpc_id


}

resource "aws_security_group_rule" "allowssh" {
  count             = length(var.security_group_info.rules)
  from_port         = var.security_group_info.rules[count.index].from_port
  to_port           = var.security_group_info.rules[count.index].to_port
  type              = var.security_group_info.rules[count.index].type
  security_group_id = aws_security_group.web.id
  protocol          = var.security_group_info.rules[count.index].protocol
  cidr_blocks       = var.security_group_info.rules[count.index].cidr_blocks
}

output "security_group_id" {
  value = aws_security_group.web.id
}

output "security_group_name" {
    value = aws_security_group.web.name

}

Module

  • Module is reusable terraform template.
  • Modules can be created from existing templates
  • Modules can be picked up from
    • local filesystem
    • url
    • git
    • terraform registry
  • demo of module:
  • Refer Here for usage of module
  • Refer Here for official docs on terraform modules
  • Refer Here for the changes done to create a local module and using the module to create web security group
  • Now lets try creating the business security group and data security
    Preview
  • Exercise: Make azure’s network security group also a module

Taints and replace in terraform

  • Taint: Deleting a particlular resource during next execution Refer Here
  • Replace: It is recommended to use replace as taint is deprecated.

Terraform graph

  • Refer Here
  • Graph view created from the template written by us
    Preview

Activities:

  • Write a terraform template or use existing module
    • Create a linux vm in azure (standard_b1s)
    • Creating an ubuntu ec2 instance in aws. (t2.micro)

Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Animated Social Media Icons by Acurax Responsive Web Designing Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube