Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adriaanbd/tf_aws_network_layout

Deploys a three (3) tiered network layout in AWS replicated in three (3) availability zones (AZs) using Terraform.
https://github.com/adriaanbd/tf_aws_network_layout

aws infrastructure-as-code terraform terraform-aws

Last synced: about 2 months ago
JSON representation

Deploys a three (3) tiered network layout in AWS replicated in three (3) availability zones (AZs) using Terraform.

Host: GitHub
URL: https://github.com/adriaanbd/tf_aws_network_layout
Owner: adriaanbd
Created: 2020-10-19T18:48:24.000Z (over 4 years ago)
Default Branch: dev
Last Pushed: 2020-11-03T02:51:34.000Z (over 4 years ago)
Last Synced: 2024-11-03T08:14:03.870Z (3 months ago)
Topics: aws, infrastructure-as-code, terraform, terraform-aws
Language: HCL
Homepage:
Size: 51.8 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
- Security: security/firewall.tf

Awesome Lists containing this project

README

        # 3-Tiered AWS Network Layout

Deploys a three (3) tiered network layout in three (3) availability zones (AZs).

## Description

It consists of the following main components inside a VPC with an Internet Gateway, replicated in 3 AZs:

- A Public Subnet with a Bastion Host, a public route table and a NAT Gateway.

- A Private Subnet with an App Host and a private route table.

- A Private Subnet for the Database with nothing inside it.

- A Security Group for each instance, with the following specs:

    1. The Bastion Host allows SSH ingress from anywhere

    2. The Bastion Host allows SSH egress to the App Host's Security Group

    3. The Bastion Host allows ICMP egress for Echo Requests

    4. The App Host allows SSH ingress from the Bastion Host's Security Group

    5. The App Host allows TCP egress over HTTP port 80 to perform updates.

    6. The App Host allows ICMP egress for Echo Requests

## Requirements

You'll need the Terraform CLI and AWS CLI. Please read the corresponding documentation online.

## Getting Started

### Initialize and Deploy

```

$ terraform init && terraform plan

$ terraform apply -auto-approve

```

### Login to Bastion Host

#### Setup SSH Agent

```

$ eval `ssh-agent -s`

```

#### Add SSH Key and check it is added:

```

$ ssh-add -k key.pem

$ ssh-add -L

```

#### Access Bastion Host and Ping

```

$ ssh -A ec2-user@public_ip

$ ping google.com

```

#### Access Private Instance, Ping and Yum

```

$ ssh ec2-user@private_ip

$ ping google.com

$ yum check-updates

```

#### Destroy Resources

```

$ terraform destroy -auto-approve

```