From b7552fb6f33d0b00f22cc956046a706702c5fe85 Mon Sep 17 00:00:00 2001 From: mamraj yadav Date: Mon, 5 Jun 2023 18:58:38 +0530 Subject: [PATCH] fix: added versions.tf and updated vpc tag --- .github/workflows/terraform.yml | 4 +- README.yaml | 100 ++++++++++++------------ _example/alb/example.tf | 24 ++++++ _example/clb/example.tf | 24 ++++++ _example/clb/versions.tf | 11 --- _example/nlb/example.tf | 25 +++++- _example/nlb/versions.tf | 11 --- main.tf | 58 +++++++------- _example/alb/versions.tf => versions.tf | 6 +- 9 files changed, 160 insertions(+), 103 deletions(-) delete mode 100644 _example/clb/versions.tf delete mode 100644 _example/nlb/versions.tf rename _example/alb/versions.tf => versions.tf (64%) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 2d2f380..9597ceb 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,7 +31,9 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/ + - _example/alb + - _example/clb + - _example/nlb steps: - name: Checkout diff --git a/README.yaml b/README.yaml index a909d31..a0d273d 100644 --- a/README.yaml +++ b/README.yaml @@ -46,21 +46,26 @@ usage : |- source = "clouddrove/alb/aws" version = "1.3.0" name = "alb" - internal = false + enable = true + internal = true load_balancer_type = "application" instance_count = module.ec2.instance_count - security_groups = [module.ssh.security_group_ids, module.http-https.security_group_ids] + security_groups = [module.ssh.security_group_ids, module.http_https.security_group_ids] subnets = module.public_subnets.public_subnet_id enable_deletion_protection = false - target_id = module.ec2.instance_id - vpc_id = module.vpc.vpc_id - https_enabled = true - http_enabled = true - https_port = 443 - listener_type = "forward" - listener_certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf" - target_group_port = 80 - target_groups = [ + with_target_group = true + + target_id = module.ec2.instance_id + vpc_id = module.vpc.vpc_id + + https_enabled = true + http_enabled = true + https_port = 443 + listener_type = "forward" + listener_certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf" + target_group_port = 80 + + target_groups = [ { backend_protocol = "HTTP" backend_port = 80 @@ -84,17 +89,21 @@ usage : |- ### NLB Example ```hcl - module "alb" { + module "nlb" { source = "clouddrove/alb/aws" version = "1.3.0" name = "nlb" - internal = false - load_balancer_type = "application" + enable = true + internal = true + load_balancer_type = "network" instance_count = module.ec2.instance_count subnets = module.public_subnets.public_subnet_id enable_deletion_protection = false - target_id = module.ec2.instance_id - vpc_id = module.vpc.vpc_id + with_target_group = true + + target_id = module.ec2.instance_id + vpc_id = module.vpc.vpc_id + http_tcp_listeners = [ { port = 80 @@ -102,16 +111,8 @@ usage : |- target_group_index = 0 }, ] - - https_listeners = [ - { - port = 443 - protocol = "TLS" - certificate_arn = "arn:aws:acm:eu-west-1:924144197303:certificate/0418d2ba-91f7-4196-991b-28b5c60cd4cf" - target_group_index = 1 - }, - ] - + + target_groups = [ { backend_protocol = "TCP" @@ -132,35 +133,36 @@ usage : |- module "clb" { source = "clouddrove/alb/aws" version = "1.3.0" - name = "clb" - + name = "clb" load_balancer_type = "classic" - internal = false - target_id = module.ec2.instance_id - security_groups = [module.ssh.security_group_ids, module.http_https.security_group_ids] - subnets = module.public_subnets.public_subnet_id - + clb_enable = true + internal = true + target_id = module.ec2.instance_id + security_groups = [module.ssh.security_group_ids, module.http_https.security_group_ids] + subnets = module.public_subnets.public_subnet_id + with_target_group = true + listeners = [ - { - lb_port = 22000 - lb_protocol = "TCP" - instance_port = 22000 - instance_protocol = "TCP" - ssl_certificate_id = null - }, - { - lb_port = 4444 - lb_protocol = "TCP" - instance_port = 4444 - instance_protocol = "TCP" - ssl_certificate_id = null - } + { + lb_port = 22000 + lb_protocol = "TCP" + instance_port = 22000 + instance_protocol = "TCP" + ssl_certificate_id = null + }, + { + lb_port = 4444 + lb_protocol = "TCP" + instance_port = 4444 + instance_protocol = "TCP" + ssl_certificate_id = null + } ] - + health_check_target = "TCP:4444" health_check_timeout = 10 health_check_interval = 30 health_check_unhealthy_threshold = 5 health_check_healthy_threshold = 5 - } + } ``` diff --git a/_example/alb/example.tf b/_example/alb/example.tf index dacabc3..41c39d0 100644 --- a/_example/alb/example.tf +++ b/_example/alb/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -13,6 +19,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -30,6 +39,9 @@ module "public_subnets" { ipv6_cidr_block = module.vpc.ipv6_cidr_block } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http_https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -44,6 +56,9 @@ module "http_https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -58,6 +73,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## When your trusted identities assume IAM roles, they are granted only the permissions scoped by those IAM roles. +##----------------------------------------------------- module "iam-role" { source = "clouddrove/iam-role/aws" version = "1.3.0" @@ -96,6 +114,9 @@ data "aws_iam_policy_document" "iam-policy" { } } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -126,6 +147,9 @@ module "ec2" { ebs_volume_size = 30 } +##----------------------------------------------------------------------------- +## alb module call. +##----------------------------------------------------------------------------- module "alb" { source = "./../../" diff --git a/_example/clb/example.tf b/_example/clb/example.tf index 5e40270..539e76b 100644 --- a/_example/clb/example.tf +++ b/_example/clb/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -13,6 +19,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -29,6 +38,9 @@ module "public_subnets" { ipv6_cidr_block = module.vpc.ipv6_cidr_block } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http_https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -43,6 +55,9 @@ module "http_https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -56,6 +71,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## When your trusted identities assume IAM roles, they are granted only the permissions scoped by those IAM roles. +##----------------------------------------------------- module "iam-role" { source = "clouddrove/iam-role/aws" version = "1.3.0" @@ -94,6 +112,9 @@ data "aws_iam_policy_document" "iam-policy" { } } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -124,6 +145,9 @@ module "ec2" { ebs_volume_size = 30 } +##----------------------------------------------------------------------------- +## clb module call. +##----------------------------------------------------------------------------- module "clb" { source = "./../../" diff --git a/_example/clb/versions.tf b/_example/clb/versions.tf deleted file mode 100644 index cbc6f9c..0000000 --- a/_example/clb/versions.tf +++ /dev/null @@ -1,11 +0,0 @@ -# Terraform version -terraform { - required_version = ">= 1.3.6" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.48.0" - } - } -} \ No newline at end of file diff --git a/_example/nlb/example.tf b/_example/nlb/example.tf index d451030..aa05ce1 100644 --- a/_example/nlb/example.tf +++ b/_example/nlb/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -13,6 +19,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -29,6 +38,9 @@ module "public_subnets" { ipv6_cidr_block = module.vpc.ipv6_cidr_block } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http-https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -43,6 +55,9 @@ module "http-https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -56,6 +71,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## When your trusted identities assume IAM roles, they are granted only the permissions scoped by those IAM roles. +##----------------------------------------------------- module "iam-role" { source = "clouddrove/iam-role/aws" version = "1.3.0" @@ -94,6 +112,9 @@ data "aws_iam_policy_document" "iam-policy" { } } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -123,7 +144,9 @@ module "ec2" { ebs_volume_size = 30 } - +##----------------------------------------------------------------------------- +## nlb module call. +##----------------------------------------------------------------------------- module "nlb" { source = "./../../" diff --git a/_example/nlb/versions.tf b/_example/nlb/versions.tf deleted file mode 100644 index cbc6f9c..0000000 --- a/_example/nlb/versions.tf +++ /dev/null @@ -1,11 +0,0 @@ -# Terraform version -terraform { - required_version = ">= 1.3.6" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.48.0" - } - } -} \ No newline at end of file diff --git a/main.tf b/main.tf index ef1be23..b0aa5d9 100644 --- a/main.tf +++ b/main.tf @@ -1,11 +1,6 @@ -## Managed By : CloudDrove -## Description : This Script is used to create Aws Loadbalancer,Aws Loadbalancer Listeners. -## Copyright @ CloudDrove. All Right Reserved. - -#Module : label -#Description : This terraform module is designed to generate consistent label names and -# tags for resources. You can use terraform-labels to implement a strict -# naming convention. +##----------------------------------------------------------------------------- +## Labels module callled that will be used for naming and tags. +##----------------------------------------------------------------------------- module "labels" { source = "clouddrove/labels/aws" version = "1.3.0" @@ -17,8 +12,9 @@ module "labels" { label_order = var.label_order } -# Module : APPLICATION LOAD BALANCER -# Description : This terraform module is used to create ALB on AWS. +##----------------------------------------------------------------------------- +## A load balancer serves as the single point of contact for clients. The load balancer distributes incoming application traffic across multiple targets. +##----------------------------------------------------------------------------- resource "aws_lb" "main" { count = var.enable ? 1 : 0 name = module.labels.id @@ -56,9 +52,10 @@ resource "aws_lb" "main" { } } - -# Module : LOAD BALANCER LISTENER HTTPS -# Description : Provides a Load Balancer Listener resource. +##----------------------------------------------------------------------------- +## A listener is a process that checks for connection requests. +## It is configured with a protocol and a port for front-end (client to load balancer) connections, and a protocol and a port for back-end (load balancer to back-end instance) connections. +##----------------------------------------------------------------------------- resource "aws_lb_listener" "https" { count = var.enable == true && var.with_target_group && var.https_enabled == true && var.load_balancer_type == "application" ? 1 : 0 @@ -82,8 +79,10 @@ resource "aws_lb_listener" "https" { } } -# Module : LOAD BALANCER LISTENER HTTP -# Description : Provides a Load Balancer Listener resource. +##----------------------------------------------------------------------------- +## A listener is a process that checks for connection requests. +## It is configured with a protocol and a port for front-end (client to load balancer) connections, and a protocol and a port for back-end (load balancer to back-end instance) connections. +##----------------------------------------------------------------------------- resource "aws_lb_listener" "http" { count = var.enable == true && var.with_target_group && var.http_enabled == true && var.load_balancer_type == "application" ? 1 : 0 @@ -101,8 +100,10 @@ resource "aws_lb_listener" "http" { } } -# Module : LOAD BALANCER LISTENER HTTPS -# Description : Provides a Load Balancer Listener resource. +##----------------------------------------------------------------------------- +## A listener is a process that checks for connection requests. +## It is configured with a protocol and a port for front-end (client to load balancer) connections, and a protocol and a port for back-end (load balancer to back-end instance) connections. +##----------------------------------------------------------------------------- resource "aws_lb_listener" "nhttps" { count = var.enable == true && var.with_target_group && var.https_enabled == true && var.load_balancer_type == "network" ? length(var.https_listeners) : 0 @@ -117,8 +118,10 @@ resource "aws_lb_listener" "nhttps" { } } -# Module : LOAD BALANCER LISTENER HTTP -# Description : Provides a Load Balancer Listener resource. +##----------------------------------------------------------------------------- +## A listener is a process that checks for connection requests. +## It is configured with a protocol and a port for front-end (client to load balancer) connections, and a protocol and a port for back-end (load balancer to back-end instance) connections. +##----------------------------------------------------------------------------- resource "aws_lb_listener" "nhttp" { count = var.enable == true && var.with_target_group && var.load_balancer_type == "network" ? length(var.http_tcp_listeners) : 0 @@ -131,8 +134,9 @@ resource "aws_lb_listener" "nhttp" { } } -# Module : LOAD BALANCER TARGET GROUP -# Description : Provides a Target Group resource for use with Load Balancer resources. +##----------------------------------------------------------------------------- +## aws_lb_target_group. Provides a Target Group resource for use with Load Balancer resources. +##----------------------------------------------------------------------------- resource "aws_lb_target_group" "main" { count = var.enable && var.with_target_group ? length(var.target_groups) : 0 name = format("%s-%s", module.labels.id, count.index) @@ -173,9 +177,9 @@ resource "aws_lb_target_group" "main" { } } -# Module : TARGET GROUP ATTACHMENT -# Description : Provides the ability to register instances and containers with an -# Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. +##----------------------------------------------------------------------------- +## For attaching resources with Elastic Load Balancer (ELB), see the aws_elb_attachment resource. +##----------------------------------------------------------------------------- resource "aws_lb_target_group_attachment" "attachment" { count = var.enable && var.with_target_group && var.load_balancer_type == "application" && var.target_type == "" ? var.instance_count : 0 @@ -192,9 +196,9 @@ resource "aws_lb_target_group_attachment" "nattachment" { port = lookup(var.target_groups[count.index], "backend_port", null) } - -# Module : Classic LOAD BALANCER -# Description : This terraform module is used to create classic Load Balancer on AWS. +##----------------------------------------------------------------------------- +## Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple targets and virtual appliances in one or more Availability Zones (AZs) +##----------------------------------------------------------------------------- resource "aws_elb" "main" { count = var.clb_enable && var.load_balancer_type == "classic" == true ? 1 : 0 diff --git a/_example/alb/versions.tf b/versions.tf similarity index 64% rename from _example/alb/versions.tf rename to versions.tf index cbc6f9c..c3cde87 100644 --- a/_example/alb/versions.tf +++ b/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.3.6" + required_version = ">= 1.4.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.48.0" + version = ">= 5.1.0" } } -} \ No newline at end of file +}