From cf02c073ae1f8c74daedb58b16010a75f554db6a Mon Sep 17 00:00:00 2001 From: xartius89 Date: Thu, 31 Jul 2025 17:47:38 +0300 Subject: [PATCH 01/10] Update main.tf updated tag in main.tf --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 9b32ce06bb..12e3bddc67 100644 --- a/main.tf +++ b/main.tf @@ -19,6 +19,6 @@ resource "aws_instance" "web" { instance_type = "t3.nano" tags = { - Name = "HelloWorld" + Name = "HelloWorldXart" } } From f4b7a7d2eeba7ddbbf182a693296f97ea0153999 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Thu, 31 Jul 2025 18:01:19 +0300 Subject: [PATCH 02/10] Update main.tf --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 12e3bddc67..eb938c8efb 100644 --- a/main.tf +++ b/main.tf @@ -16,9 +16,9 @@ data "aws_ami" "app_ami" { resource "aws_instance" "web" { ami = data.aws_ami.app_ami.id - instance_type = "t3.nano" + instance_type = "t3.micro" tags = { - Name = "HelloWorldXart" + Name = "XartTestInstance" } } From 88b5cf2daf70d4b56143c11c14f14be80c488153 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Thu, 31 Jul 2025 18:47:45 +0300 Subject: [PATCH 03/10] Modified variables --- main.tf | 2 +- outputs.tf | 12 ++++++------ variables.tf | 8 ++++---- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/main.tf b/main.tf index eb938c8efb..edce53a53d 100644 --- a/main.tf +++ b/main.tf @@ -16,7 +16,7 @@ data "aws_ami" "app_ami" { resource "aws_instance" "web" { ami = data.aws_ami.app_ami.id - instance_type = "t3.micro" + instance_type = var.instance_type tags = { Name = "XartTestInstance" diff --git a/outputs.tf b/outputs.tf index b35171bef1..c429b19b48 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ -#output "instance_ami" { -# value = aws_instance.web.ami -#} +output "instance_ami" { + value = aws_instance.web.ami +} -#output "instance_arn" { -# value = aws_instance.web.arn -#} +output "instance_arn" { + value = aws_instance.web.arn +} diff --git a/variables.tf b/variables.tf index c750667e0f..36cfe64a08 100644 --- a/variables.tf +++ b/variables.tf @@ -1,4 +1,4 @@ -#variable "instance_type" { -# description = "Type of EC2 instance to provision" -# default = "t3.nano" -#} +variable "instance_type" { + description = "Type of EC2 instance to provision" + default = "t3.micro" +} From 3e2ca825dba3fc998bb6db1dd26cbc3a140d109c Mon Sep 17 00:00:00 2001 From: xartius89 Date: Mon, 4 Aug 2025 11:40:43 +0300 Subject: [PATCH 04/10] Update main.tf --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index edce53a53d..806b75a896 100644 --- a/main.tf +++ b/main.tf @@ -14,7 +14,7 @@ data "aws_ami" "app_ami" { owners = ["979382823631"] # Bitnami } -resource "aws_instance" "web" { +resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type From fa1bc3fbc890173229028e64048639dc21cd7c4e Mon Sep 17 00:00:00 2001 From: xartius89 Date: Mon, 4 Aug 2025 11:41:14 +0300 Subject: [PATCH 05/10] Update outputs.tf --- outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/outputs.tf b/outputs.tf index c429b19b48..7e9410b55c 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ output "instance_ami" { - value = aws_instance.web.ami + value = aws_instance.blog.ami } output "instance_arn" { - value = aws_instance.web.arn + value = aws_instance.blog.arn } From 5daa0674eaafd70107144d66fb2ee102fc78ff81 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Tue, 5 Aug 2025 18:30:11 +0300 Subject: [PATCH 06/10] Add security group --- main.tf | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/main.tf b/main.tf index 806b75a896..a5f2b3748a 100644 --- a/main.tf +++ b/main.tf @@ -14,11 +14,54 @@ data "aws_ami" "app_ami" { owners = ["979382823631"] # Bitnami } +data "aws_vpc" "example" { + default = true +} + resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type + vpc_security_group_ids = [aws_security_group.blog.id] + tags = { Name = "XartTestInstance" } } + +resource "aws_security_group" "blog" { + name = "blog" + description = "Allow http/https inbound. Allow everything out" + + vpc_id = data.aws_vpc.example.id +} + +resource "aws_security_group_rule" "blog_http_in" { + type = "ingress" + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + +resource "aws_security_group_rule" "blog_https_in" { + type = "ingress" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + +resource "aws_security_group_rule" "blog_everything_out" { + type = "ingress" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} \ No newline at end of file From a11d08f13e76e21d910adf3c322c71245c1dfcd7 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Wed, 6 Aug 2025 16:58:28 +0300 Subject: [PATCH 07/10] Added security group from a module --- main.tf | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index a5f2b3748a..4eb5f142a9 100644 --- a/main.tf +++ b/main.tf @@ -22,13 +22,27 @@ resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type - vpc_security_group_ids = [aws_security_group.blog.id] + vpc_security_group_ids = [aws_security_group.blog.id, module.xart_blog_sg.security_group_id] tags = { Name = "XartTestInstance" } } +module "xart_blog_sg" { + source = "terraform-aws-modules/security-group/aws" + version = "5.3.0" + name = "blog_new" + + vpc_id = data.aws_vpc.example.id + + ingress_rules = ["http-80-tcp","https-443-tcp"] + ingress_cidr_blocks = ["0.0.0.0/0"] + + egress_rules = ["all-all"] + egress_cidr_blocks = ["0.0.0.0/0"] +} + resource "aws_security_group" "blog" { name = "blog" description = "Allow http/https inbound. Allow everything out" From ea1730c2ad02d6afbe636ae164791de461d672de Mon Sep 17 00:00:00 2001 From: xartius89 Date: Wed, 6 Aug 2025 17:17:17 +0300 Subject: [PATCH 08/10] Updated security group to use a one from module only --- main.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 4eb5f142a9..36e5179911 100644 --- a/main.tf +++ b/main.tf @@ -22,8 +22,8 @@ resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type - vpc_security_group_ids = [aws_security_group.blog.id, module.xart_blog_sg.security_group_id] - + # vpc_security_group_ids = [aws_security_group.blog.id, module.xart_blog_sg.security_group_id] + vpc_security_group_ids = [module.xart_blog_sg.security_group_id] tags = { Name = "XartTestInstance" } @@ -36,7 +36,7 @@ module "xart_blog_sg" { vpc_id = data.aws_vpc.example.id - ingress_rules = ["http-80-tcp","https-443-tcp"] + ingress_rules = ["http-80-tcp","https-443-tcp", "ssh-tcp"] ingress_cidr_blocks = ["0.0.0.0/0"] egress_rules = ["all-all"] From 0b8e7d6301e7f03f6f56e8564a313cae31cfecc8 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Wed, 6 Aug 2025 17:42:50 +0300 Subject: [PATCH 09/10] Remove ssh from the SGR --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 36e5179911..a7f76c367d 100644 --- a/main.tf +++ b/main.tf @@ -36,7 +36,7 @@ module "xart_blog_sg" { vpc_id = data.aws_vpc.example.id - ingress_rules = ["http-80-tcp","https-443-tcp", "ssh-tcp"] + ingress_rules = ["http-80-tcp","https-443-tcp"] ingress_cidr_blocks = ["0.0.0.0/0"] egress_rules = ["all-all"] From 4a4fb40d1cf14c47bde7ba1933d51277eaf593c9 Mon Sep 17 00:00:00 2001 From: xartius89 Date: Wed, 27 Aug 2025 21:09:58 +0300 Subject: [PATCH 10/10] Some SG update --- main.tf | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/main.tf b/main.tf index a7f76c367d..6f3e43065f 100644 --- a/main.tf +++ b/main.tf @@ -14,7 +14,7 @@ data "aws_ami" "app_ami" { owners = ["979382823631"] # Bitnami } -data "aws_vpc" "example" { +data "aws_vpc" "defvpc" { default = true } @@ -22,19 +22,21 @@ resource "aws_instance" "blog" { ami = data.aws_ami.app_ami.id instance_type = var.instance_type - # vpc_security_group_ids = [aws_security_group.blog.id, module.xart_blog_sg.security_group_id] - vpc_security_group_ids = [module.xart_blog_sg.security_group_id] + #vpc_security_group_ids = [module.xart_blog_secgroup.security_group_id] + vpc_security_group_ids = [resource.aws_security_group.blog.id] + + tags = { Name = "XartTestInstance" } } -module "xart_blog_sg" { +module "xart_blog_secgroup" { source = "terraform-aws-modules/security-group/aws" version = "5.3.0" name = "blog_new" - vpc_id = data.aws_vpc.example.id + vpc_id = data.aws_vpc.defvpc.id ingress_rules = ["http-80-tcp","https-443-tcp"] ingress_cidr_blocks = ["0.0.0.0/0"] @@ -47,7 +49,7 @@ resource "aws_security_group" "blog" { name = "blog" description = "Allow http/https inbound. Allow everything out" - vpc_id = data.aws_vpc.example.id + vpc_id = data.aws_vpc.defvpc.id } resource "aws_security_group_rule" "blog_http_in" { @@ -70,6 +72,16 @@ resource "aws_security_group_rule" "blog_https_in" { security_group_id = aws_security_group.blog.id } +resource "aws_security_group_rule" "ssh_in" { + type = "ingress" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + + security_group_id = aws_security_group.blog.id +} + resource "aws_security_group_rule" "blog_everything_out" { type = "ingress" from_port = 0