# VPC
module "vpc" {
source = "registry.patterneddesigns.ca/patterneddesigns/vpc/aws"
version = "1.2.0"
vpc_cidr = "10.0.0.0/16"
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
tags = {
Application = "my-app"
Environment = "production"
}
}
# Security Groups
resource "aws_security_group" "alb" {
name_prefix = "alb-"
vpc_id = module.vpc.vpc_id
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "app" {
name_prefix = "app-"
vpc_id = module.vpc.vpc_id
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
security_groups = [aws_security_group.alb.id]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_security_group" "db" {
name_prefix = "db-"
vpc_id = module.vpc.vpc_id
ingress {
from_port = 5432
to_port = 5432
protocol = "tcp"
security_groups = [aws_security_group.app.id]
}
}
# Application Load Balancer
resource "aws_lb" "main" {
name = "my-app"
load_balancer_type = "application"
subnets = module.vpc.public_subnet_ids
security_groups = [aws_security_group.alb.id]
}
# Database
resource "aws_db_subnet_group" "main" {
name = "my-app"
subnet_ids = module.vpc.private_subnet_ids
}
resource "aws_db_instance" "main" {
identifier = "my-app"
engine = "postgres"
engine_version = "15"
instance_class = "db.t3.micro"
allocated_storage = 20
db_subnet_group_name = aws_db_subnet_group.main.name
vpc_security_group_ids = [aws_security_group.db.id]
}