UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Select Git revision
  • Add_dynamic_network_policy
  • 2587-update-minimum-hardware-requirements-spreadsheet-to-include-vault
  • master default protected
  • update-mattermost-tag-10.6.1-bb.1
  • update-vault-tag-0.29.1-bb.10
  • 2608-promtail-warning
  • 190-integrate-bbctl-into-bb
  • alloy-move-destinations
  • update-sonarqube-tag-10.7.0-bb.1
  • update-istio-controlplane-tag-1.23.5-bb.1
  • test-only-metrics-server-add-dynamic-network-policy-support
  • bb-2524/observability-operatorless
  • update-fortify-tag-1.1.2320154-bb.23
  • sonarqube-netpol
  • fortify-dynamic-network-policy-148
  • alloy-istio-servicemonitor
  • update-mimir-tag-5.5.1-bb.10
  • all-packages-control-test
  • backstage-arch-doc
  • vault-kyverno-test
  • 2.49.0 protected
  • 2.49.0-rc.2 protected
  • 2.49.0-rc.1 protected
  • 2.49.0-rc.0 protected
  • 2.48.0 protected
  • 2.48.0-rc.4 protected
  • 2.48.0-rc.3 protected
  • 2.48.0-rc.2 protected
  • 2.48.0-rc.1 protected
  • 2.47.0 protected
  • 2.47.0-rc.2 protected
  • 2.47.0-rc.1 protected
  • 2.47.0-rc.0 protected
  • 2.46.0 protected
  • 2.46.0-rc.0 protected
  • 2.45.1 protected
  • 2.45.1-rc.0 protected
  • 2.45.0 protected
  • 2.45.0-rc.0 protected
  • 2.44.0 protected
40 results
Blame Permalink
3
main.tf 2.44 KiB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116 






# Locals
locals {
  az = format("%s%s", var.region_id, "a")
}

# Provider
provider "aws" {
  profile = var.profile_id
  region  = var.region_id
}

# Vpc
resource "aws_vpc" "airgap_vpc" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true

  tags = {
    Name = "${var.cluster_id}-${random_string.random.result}-vpc"
  }
}

# Public subnet
resource "aws_subnet" "public" {
  vpc_id            = aws_vpc.airgap_vpc.id
  cidr_block        = "10.0.0.0/24"
  availability_zone = local.az

  tags = {
    Name = "airgap-public-subnet"
  }
}

# Igw
resource "aws_internet_gateway" "airgap_vpc_igw" {
  vpc_id = aws_vpc.airgap_vpc.id

  tags = {
    Name = "airgap-igw"
  }
}

# Public route table
resource "aws_route_table" "airgap_vpc_region_public" {
  vpc_id = aws_vpc.airgap_vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.airgap_vpc_igw.id
  }

  tags = {
    Name = "airgap-public-rt"
  }
}

# Public route table associations
resource "aws_route_table_association" "airgap_vpc_region_public" {
  subnet_id      = aws_subnet.public.id
  route_table_id = aws_route_table.airgap_vpc_region_public.id
}

# Private subnet
resource "aws_subnet" "private" {
  vpc_id            = aws_vpc.airgap_vpc.id
  cidr_block        = "10.0.2.0/24"
  availability_zone = local.az

  tags = {
    Name = "airgap-private-subnet"
  }
}

# Private routing table
resource "aws_route_table" "airgap_vpc_region_private" {
  vpc_id = aws_vpc.airgap_vpc.id

  tags = {
    Name = "airgap-private-rt"
  }
}

# Private routing table association
resource "aws_route_table_association" "airgap_vpc_region_private" {
  subnet_id      = aws_subnet.private.id
  route_table_id = aws_route_table.airgap_vpc_region_private.id
}

# Output
#output "connection_details" {
#  value = <<EOF

#    Use the following to connect to the bootstrap node and enjoy the ride...

#   ssh -J ${var.image_username}@${aws_instance.staging_instance.public_ip} ${var.image_username}@${aws_instance.bootstrap_instance.private_ip}

#  EOF
#}

#output "public_ip" {
#  description = "List of public IP addresses assigned to the instances, if applicable"
#  value       = "${aws_instance.staging_instance.*.public_ip}"
#}

#output "private_ip" {
#  description = "List of private IP addresses assigned to the instances, if applicable"
#  value       = "${aws_instance.bootstrap_instance.*.private_ip}"
#}

output "follow_up" {
  value = <<EOF
    
    Nothing to see here but I have finished.

    EOF
}

UNCLASSIFIED - NO CUI