From f649e15b473b82984ec76db04907efa951b00036 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 29 Jun 2025 15:42:21 +0000 Subject: [PATCH 01/22] test --- test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.txt b/test.txt index 460a86046..426537219 100644 --- a/test.txt +++ b/test.txt @@ -1 +1 @@ -testing commit 07:02:17 +testing commit 15:42:21 From d6e6029d1e78835eefac5aa8bb3affc5fae93619 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 29 Jun 2025 18:35:02 +0000 Subject: [PATCH 02/22] lab numbers 1-2 --- Maor-Labs/main.tf | 48 ++++++++++++++++++++++++++ Maor-Labs/modules/vm/main.tf | 57 +++++++++++++++++++++++++++++++ Maor-Labs/modules/vm/output.tf | 5 +++ Maor-Labs/modules/vm/variables.tf | 24 +++++++++++++ Maor-Labs/providers.tf | 8 +++++ Maor-Labs/variables.tf | 19 +++++++++++ user_info.txt | 4 +-- 7 files changed, 163 insertions(+), 2 deletions(-) create mode 100644 Maor-Labs/main.tf create mode 100644 Maor-Labs/modules/vm/main.tf create mode 100644 Maor-Labs/modules/vm/output.tf create mode 100644 Maor-Labs/modules/vm/variables.tf create mode 100644 Maor-Labs/providers.tf create mode 100644 Maor-Labs/variables.tf diff --git a/Maor-Labs/main.tf b/Maor-Labs/main.tf new file mode 100644 index 000000000..459e3aaff --- /dev/null +++ b/Maor-Labs/main.tf @@ -0,0 +1,48 @@ +provider "azurerm" { + features {} +} + + + +resource "azurerm_resource_group" "rg-Maor" { + name = "Maor-resources" + location = var.location +} + + +resource "azurerm_virtual_network" "vnet-Maor" { + name = "Maor-vnet" + address_space = ["10.0.0.0/16"] + location = var.location + resource_group_name = azurerm_resource_group.rg-Maor.name + +} + + +resource "azurerm_subnet" "subnet-Maor" { + name = "Maor-subnet" + resource_group_name = azurerm_resource_group.rg-Maor.name + virtual_network_name = azurerm_virtual_network.vnet-Maor.name + address_prefixes = ["10.0.1.0/24"] +} + + + +module "Maor_VM_1" { + source = "./modules/vm" + name = "Maor_VM_1" + location = azurerm_resource_group.rg-Maor.location + resource_group_name = azurerm_resource_group.rg-Maor.name + subnet_id = azurerm_subnet.subnet-Maor.id + admin_username = "testadmin" + admin_password = "Password1234!" # In real use, move to secrets! + vm_size = "Standard_B1ms" +} + + + + + + + + diff --git a/Maor-Labs/modules/vm/main.tf b/Maor-Labs/modules/vm/main.tf new file mode 100644 index 000000000..a1af8ff97 --- /dev/null +++ b/Maor-Labs/modules/vm/main.tf @@ -0,0 +1,57 @@ + + +resource "azurerm_public_ip" "pip-Maor" { + name = "Maor-pip" + location = var.location + resource_group_name = var.name + allocation_method = "Dynamic" # Dynamic IP allocation for Basic SKU + sku = "Basic" +} + +resource "azurerm_network_interface" "nic-Maor" { + name = "Maor-nic" + location = var.location + resource_group_name = var.name + + ip_configuration { + name = "Maor-ipconfig" + subnet_id = var.subnet_id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = "azurerm_public_ip.pip-Maor" + } +} + + +resource "azurerm_linux_virtual_machine" "vm-Maor" { + name = "Maor-vm" + location = var.location + resource_group_name = var.name + network_interface_ids = [azurerm_network_interface.nic-Maor.id] + size = var.vm_size + + os_disk { + name = "Maor-os-disk" + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + + admin_username = var.admin_username + admin_password = var.admin_password + + disable_password_authentication = false + + source_image_reference { + publisher = "Canonical" + offer = "UbuntuServer" + sku = "18.04-LTS" + version = "latest" + } + + computer_name = "Maor-vm" +} + + +resource "time_sleep" "wait_for_ip" { + create_duration = "30s" # Wait for 30 seconds +} + diff --git a/Maor-Labs/modules/vm/output.tf b/Maor-Labs/modules/vm/output.tf new file mode 100644 index 000000000..4b8f811b7 --- /dev/null +++ b/Maor-Labs/modules/vm/output.tf @@ -0,0 +1,5 @@ +output "vm_public_ip" { + value = azurerm_public_ip.pip-Maor.ip_address + depends_on = [time_sleep.wait_for_ip] # Wait for the time_sleep resource to complete + description = "Public IP address of the VM" +} diff --git a/Maor-Labs/modules/vm/variables.tf b/Maor-Labs/modules/vm/variables.tf new file mode 100644 index 000000000..c3f048feb --- /dev/null +++ b/Maor-Labs/modules/vm/variables.tf @@ -0,0 +1,24 @@ +variable "name" { + description = "this is the name default" + default = "Maor_VM" + validation { + condition = contains(["Maor_VM_1", "Maor_VM_2"], var.name) + error_message = "Environment must be either Maor_VM_1 or Maor_VM_2." + } + +} +variable "location" { + description = "this is the location default" + default = "West Europe" +} +variable "resource_group_name" { + description = "this is the location default" + default = "test" +} +variable "subnet_id" {} +variable "admin_username" {} +variable "admin_password" {} + +variable "vm_size" { + default = "Standard_B1ms" +} diff --git a/Maor-Labs/providers.tf b/Maor-Labs/providers.tf new file mode 100644 index 000000000..9fe5338c6 --- /dev/null +++ b/Maor-Labs/providers.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "4.34.0" + } + } +} \ No newline at end of file diff --git a/Maor-Labs/variables.tf b/Maor-Labs/variables.tf new file mode 100644 index 000000000..6ea4189fa --- /dev/null +++ b/Maor-Labs/variables.tf @@ -0,0 +1,19 @@ + +variable "location" { + default = "East US" +} + +variable "vm_size" { + default = "Standard_B1ms" +} + + + +variable "admin_username" { + default = "adminuser-Maor" +} + +variable "admin_password" { + default = "Password123!" +} + diff --git a/user_info.txt b/user_info.txt index a960c0097..ecc4325bb 100644 --- a/user_info.txt +++ b/user_info.txt @@ -1,3 +1,3 @@ GITBRANCH=workshop/terraform -GITURL=github.com/yanivomc/devopshift-welcome.git -GITUSERNAME=yanivomc +GITURL=github.com/MaorShtern/devopshift-welcome-Terraform-labs.git +GITUSERNAME=MaorShtern From 8f83cb86ece35581f5a69261bdf1e160dba3c559 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 2 Jul 2025 14:47:40 +0000 Subject: [PATCH 03/22] test --- test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.txt b/test.txt index 426537219..6a111cd20 100644 --- a/test.txt +++ b/test.txt @@ -1 +1 @@ -testing commit 15:42:21 +testing commit 14:47:40 From 4bb71cb2ec9fd498421fcbb5aa47955ece97d313 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 14:46:11 +0000 Subject: [PATCH 04/22] test --- test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.txt b/test.txt index 6a111cd20..b5a83001c 100644 --- a/test.txt +++ b/test.txt @@ -1 +1 @@ -testing commit 14:47:40 +testing commit 14:46:11 From 79fd467622a8b9ff33ecd9e905acdbdf1aab4e99 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 15:15:10 +0000 Subject: [PATCH 05/22] I solved lab number 103 (a comprehensive review of the material from the previous lesson), last lesson I did not save lab number 102, must be completed in free time. --- Maor-Labs/103-lab/apache_install.tf | 35 +++++++++++++++++++++ Maor-Labs/103-lab/firewall.tf | 37 ++++++++++++++++++++++ Maor-Labs/103-lab/global.tf | 42 +++++++++++++++++++++++++ Maor-Labs/103-lab/network.tf | 48 +++++++++++++++++++++++++++++ Maor-Labs/103-lab/validate_ip.tf | 35 +++++++++++++++++++++ Maor-Labs/103-lab/vm.tf | 36 ++++++++++++++++++++++ 6 files changed, 233 insertions(+) create mode 100644 Maor-Labs/103-lab/apache_install.tf create mode 100644 Maor-Labs/103-lab/firewall.tf create mode 100644 Maor-Labs/103-lab/global.tf create mode 100644 Maor-Labs/103-lab/network.tf create mode 100644 Maor-Labs/103-lab/validate_ip.tf create mode 100644 Maor-Labs/103-lab/vm.tf diff --git a/Maor-Labs/103-lab/apache_install.tf b/Maor-Labs/103-lab/apache_install.tf new file mode 100644 index 000000000..96d26e5d7 --- /dev/null +++ b/Maor-Labs/103-lab/apache_install.tf @@ -0,0 +1,35 @@ + +# Null Resource for Apache Installation +resource "null_resource" "provision_apache" { + depends_on = [azurerm_linux_virtual_machine.vm] + + # Trigger to force rerun whenever timestamp changes + triggers = { + always_run = timestamp() + } + + provisioner "remote-exec" { + inline = [ + "sudo apt update", + "sudo apt install -y apache2", + "echo '

Welcome to \"${azurerm_linux_virtual_machine.vm.computer_name}\" Web Server!

' | sudo tee /var/www/html/welcome.html", + "sudo systemctl start apache2", + "sudo systemctl enable apache2" + ] + + connection { + type = "ssh" + user = var.admin_username + password = var.admin_password + host = data.azurerm_public_ip.example.ip_address + timeout = "1m" + } + } +} + +# Updated Output for Server Information to use data source +output "server_info" { + value = "Please browse: http://${data.azurerm_public_ip.example.ip_address}/welcome.html" + description = "Browse the above link" +} + diff --git a/Maor-Labs/103-lab/firewall.tf b/Maor-Labs/103-lab/firewall.tf new file mode 100644 index 000000000..ca983e3ea --- /dev/null +++ b/Maor-Labs/103-lab/firewall.tf @@ -0,0 +1,37 @@ + +# Network Security Rule to Allow SSH (Port 22) But Block HTTP (Port 80) +resource "azurerm_network_security_rule" "block_http" { + name = "allow-ssh-block-http-${var.vm_name}" + priority = 100 + direction = "Inbound" + access = "Allow" # "Deny" + protocol = "Tcp" + source_port_range = "*" + destination_port_ranges = ["80"] + source_address_prefix = "*" + destination_address_prefix = "*" + resource_group_name = azurerm_resource_group.rg.name + network_security_group_name = azurerm_network_security_group.nsg.name +} + +resource "azurerm_network_security_rule" "allow_ssh" { + name = "allow-ssh-${var.vm_name}" + priority = 200 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_ranges = ["22"] + source_address_prefix = "*" + destination_address_prefix = "*" + resource_group_name = azurerm_resource_group.rg.name + network_security_group_name = azurerm_network_security_group.nsg.name +} + + +# Associate NSG with the Network Interface +resource "azurerm_network_interface_security_group_association" "nic_nsg_association" { + network_interface_id = azurerm_network_interface.nic.id + network_security_group_id = azurerm_network_security_group.nsg.id +} + diff --git a/Maor-Labs/103-lab/global.tf b/Maor-Labs/103-lab/global.tf new file mode 100644 index 000000000..f0d75973d --- /dev/null +++ b/Maor-Labs/103-lab/global.tf @@ -0,0 +1,42 @@ +# Define the provider and global variables + + +provider "azurerm" { + features {} +} + +variable "yourname" { + default = "Maor" + description = "Change it to your first name and the first letter of your family name: ex. yanivc - for yaniv cohen" +} + +variable "vm_name" { + default = "vm-Maor" + description = "Change it to your first name and the first letter of your family name: ex. yanivc - for yaniv cohen" +} + +variable "admin_username" { + default = "adminuser" + description = "Username for the admin user on the VM" +} + +variable "admin_password" { + default = "Password123!" + description = "Password for the admin user on the VM" +} + +variable "location" { + default = "East US" + description = "Azure region where resources will be deployed" +} + +variable "vm_size" { + default = "Standard_B1ms" + description = "Size of the virtual machine" +} + +# Resource Group +resource "azurerm_resource_group" "rg" { + name = "rg-${var.yourname}" + location = var.location +} diff --git a/Maor-Labs/103-lab/network.tf b/Maor-Labs/103-lab/network.tf new file mode 100644 index 000000000..9e258c72a --- /dev/null +++ b/Maor-Labs/103-lab/network.tf @@ -0,0 +1,48 @@ + + +# Network Security Group +resource "azurerm_network_security_group" "nsg" { + name = "nsg-${var.yourname}" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name +} + +# Public IP for the VM +resource "azurerm_public_ip" "pip" { + name = "pip-${var.yourname}" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + allocation_method = "Dynamic" + sku = "Basic" +} + +# Network Interface for the VM +resource "azurerm_network_interface" "nic" { + name = "nic-${var.yourname}" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + + ip_configuration { + name = "internal-${var.yourname}" + subnet_id = azurerm_subnet.subnet.id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = azurerm_public_ip.pip.id + } +} + +# Virtual Network for the subnet +resource "azurerm_virtual_network" "vnet" { + name = "vnet-${var.yourname}" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + address_space = ["10.0.0.0/16"] +} + +# Subnet within the Virtual Network +resource "azurerm_subnet" "subnet" { + name = "subnet-${var.yourname}" + resource_group_name = azurerm_resource_group.rg.name + virtual_network_name = azurerm_virtual_network.vnet.name + address_prefixes = ["10.0.1.0/24"] +} + diff --git a/Maor-Labs/103-lab/validate_ip.tf b/Maor-Labs/103-lab/validate_ip.tf new file mode 100644 index 000000000..e288809fa --- /dev/null +++ b/Maor-Labs/103-lab/validate_ip.tf @@ -0,0 +1,35 @@ + +# Wait for IP Allocation +resource "time_sleep" "wait_for_ip" { + create_duration = "1m" # Wait for 1 minute to allow Azure to allocate the IP +} + +# Null Resource to Validate IP Allocation +resource "null_resource" "validate_ip" { + provisioner "local-exec" { + command = <&2 + exit 1 + EOT + } + depends_on = [time_sleep.wait_for_ip] +} + +# Data Source to Reference Public IP after Validation +data "azurerm_public_ip" "example" { + name = azurerm_public_ip.pip.name + resource_group_name = azurerm_resource_group.rg.name + depends_on = [null_resource.validate_ip] +} + diff --git a/Maor-Labs/103-lab/vm.tf b/Maor-Labs/103-lab/vm.tf new file mode 100644 index 000000000..b68ac0fe3 --- /dev/null +++ b/Maor-Labs/103-lab/vm.tf @@ -0,0 +1,36 @@ + +# Linux Virtual Machine configuration +resource "azurerm_linux_virtual_machine" "vm" { + name = var.vm_name + location = var.location + resource_group_name = azurerm_resource_group.rg.name + network_interface_ids = [azurerm_network_interface.nic.id] + size = var.vm_size + + os_disk { + name = "os-disk-${var.yourname}" + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + + admin_username = var.admin_username + admin_password = var.admin_password + + disable_password_authentication = false + computer_name = var.vm_name + + source_image_reference { + publisher = "Canonical" + offer = "UbuntuServer" + sku = "18.04-LTS" + version = "latest" + } + + # Ignore changes to the network interface to avoid unnecessary recreation of the VM + lifecycle { + ignore_changes = [network_interface_ids] + } + + depends_on = [azurerm_network_interface.nic, azurerm_public_ip.pip] +} + From 21bad4012d519ba037dc1751678896de35d4b50b Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 16:14:52 +0000 Subject: [PATCH 06/22] I solved lab number 104 (a comprehensive review of the material from the previous lesson), last lesson I did not save lab number 102, must be completed in free time. --- Maor-Labs/104-lab/mock_outputs.tf | 42 +++++++++++++++++++++++++++++++ Maor-Labs/104-lab/variables.tf | 24 ++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 Maor-Labs/104-lab/mock_outputs.tf create mode 100644 Maor-Labs/104-lab/variables.tf diff --git a/Maor-Labs/104-lab/mock_outputs.tf b/Maor-Labs/104-lab/mock_outputs.tf new file mode 100644 index 000000000..42e0119fd --- /dev/null +++ b/Maor-Labs/104-lab/mock_outputs.tf @@ -0,0 +1,42 @@ + +# Mock the number of virtual machines needed +output "vm_count" { + value = var.high_availability ? 3 : 1 + description = "Number of VMs required for the environment. If high availability is true, 3 VMs are needed; otherwise, 1." +} + +# Mocking network requirements based on environment +output "network_configuration" { + value = var.environment == "prod" ? "Production Network - Full Scale" : "Development/Staging Network - Limited Scale" + description = "Provides the network configuration type based on the environment." +} + +# Example of conditional logic using a ternary operator +output "ha_status_message" { + value = var.high_availability ? "High availability is enabled - multiple VMs are needed." : "High availability is disabled - a single VM is sufficient." + description = "A message indicating if high availability is enabled or disabled." +} + +# Mocking subnet creation using for_each +locals { + subnets = var.high_availability ? ["subnet-a", "subnet-b", "subnet-c"] : ["subnet-a"] +} + +output "mock_subnet_list" { + value = [for subnet in local.subnets : "Configured ${subnet}"] + description = "A mocked list of subnets that would be created based on high availability." +} + +output "Mock_Database_Output" { + description = "Use an output block to print a message based on the create_database variable" + value = var.create_database ? "A mock database will be created for this environment." : "No database needed for this environment." +} + +locals { + database_value = var.create_database ? ["web", "api", "database"] : ["web", "api"] +} + +output "Add_Another_Output_Using_For_each" { + description = "Use for_each to create a list of mock services based on the create_database value" + value = [ for db_value in local.database_value : "Value: ${db_value}"] +} \ No newline at end of file diff --git a/Maor-Labs/104-lab/variables.tf b/Maor-Labs/104-lab/variables.tf new file mode 100644 index 000000000..29e032e45 --- /dev/null +++ b/Maor-Labs/104-lab/variables.tf @@ -0,0 +1,24 @@ +variable "environment" { + description = "Define the environment type: dev, staging, or prod" + type = string + default = "dev" +} + +variable "high_availability" { + description = "Whether to enable high availability (true or false)" + type = bool + default = false +} + +variable "create_database" { + description = "This should be a boolean (true or false) that decides if a mock database should be created" + type = bool + default = true +} + +# variable "database_value" { +# description = "database_value" +# type = set(string) +# default = ["web", "api", "database"] + +# } \ No newline at end of file From e88041f159ace7f7c50cccea69217e8b6990dec7 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 17:02:41 +0000 Subject: [PATCH 07/22] yes --- Maor-Labs/104-lab/mock_outputs.tf | 2 +- Maor-Labs/104-lab/variables.tf | 12 +++--------- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/Maor-Labs/104-lab/mock_outputs.tf b/Maor-Labs/104-lab/mock_outputs.tf index 42e0119fd..3ee9e995c 100644 --- a/Maor-Labs/104-lab/mock_outputs.tf +++ b/Maor-Labs/104-lab/mock_outputs.tf @@ -38,5 +38,5 @@ locals { output "Add_Another_Output_Using_For_each" { description = "Use for_each to create a list of mock services based on the create_database value" - value = [ for db_value in local.database_value : "Value: ${db_value}"] + value = [ for db_value in local.database_value : "Create: ${db_value}"] } \ No newline at end of file diff --git a/Maor-Labs/104-lab/variables.tf b/Maor-Labs/104-lab/variables.tf index 29e032e45..cde9a8349 100644 --- a/Maor-Labs/104-lab/variables.tf +++ b/Maor-Labs/104-lab/variables.tf @@ -1,24 +1,18 @@ variable "environment" { description = "Define the environment type: dev, staging, or prod" type = string - default = "dev" + default = "prod" # dev } variable "high_availability" { description = "Whether to enable high availability (true or false)" type = bool - default = false + default = true # false } variable "create_database" { description = "This should be a boolean (true or false) that decides if a mock database should be created" type = bool - default = true + default = true # false } -# variable "database_value" { -# description = "database_value" -# type = set(string) -# default = ["web", "api", "database"] - -# } \ No newline at end of file From adbbfd9b54ec76e2e0242762e212b505673f4ae6 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 17:28:23 +0000 Subject: [PATCH 08/22] Azure Load Balancer lab --- Maor-Labs/Load_Balancing_lab/main.tf | 66 +++++++++++++++++++++++ Maor-Labs/Load_Balancing_lab/varuables.tf | 12 +++++ 2 files changed, 78 insertions(+) create mode 100644 Maor-Labs/Load_Balancing_lab/main.tf create mode 100644 Maor-Labs/Load_Balancing_lab/varuables.tf diff --git a/Maor-Labs/Load_Balancing_lab/main.tf b/Maor-Labs/Load_Balancing_lab/main.tf new file mode 100644 index 000000000..2fe0956a3 --- /dev/null +++ b/Maor-Labs/Load_Balancing_lab/main.tf @@ -0,0 +1,66 @@ + +resource "azurerm_resource_group" "rg-Maor" { + name = "${var.yourname}-resources" + location = var.location +} + + +# Provides a public IP address for the Load Balancer, allowing clients from the internet to access the resources behind it. +resource "azurerm_public_ip" "lb_pip" { + name = "lb-pip-${var.yourname}" # The name of the public IP resource, uniquely generated using the user's name. + location = azurerm_resource_group.rg-Maor.location # location and resource_group_name: The location and resource group where the public IP is deployed, ensuring consistency with other resources. + resource_group_name = azurerm_resource_group.rg-Maor.name + allocation_method = "Static" # allocation_method: Set to Static, meaning the IP will remain constant, which is useful for reliable access. + sku = "Standard" # Set to Standard, which is necessary to work with a Standard Load Balancer. +} + + +# Creates the actual Load Balancer, which distributes incoming traffic among multiple virtual machines (VMs). +resource "azurerm_lb" "lb" { + name = "lb-${var.yourname}" + location = azurerm_resource_group.rg-Maor.location + resource_group_name = azurerm_resource_group.rg-Maor.name + sku = "Standard" + + # Defines the entry point for incoming traffic. + frontend_ip_configuration { + name = "LoadBalancerFrontEnd" + public_ip_address_id = azurerm_public_ip.lb_pip.id + } +} + +# Defines the Backend Address Pool, which contains the VMs that will receive the traffic distributed by the load balancer. +resource "azurerm_lb_backend_address_pool" "lb_pool" { + loadbalancer_id = azurerm_lb.lb.id # Associates the backend pool with the previously created Load Balancer. + name = "backend-pool-${var.yourname}" +} + + +# A Health Probe is used to check the health of the VMs in the backend pool. It helps decide if a VM can handle traffic or should be temporarily removed from the pool. +resource "azurerm_lb_probe" "lb_probe" { + loadbalancer_id = azurerm_lb.lb.id # Links the probe to the Load Balancer. + name = "http-probe-${var.yourname}" + protocol = "Http" + port = 80 + request_path = "/welcome.html" + interval_in_seconds = 15 + number_of_probes = 3 +} + + +# Defines how incoming traffic is handled by the load balancer. The Load Balancer Rule determines how requests to a specific port are routed to the backend pool. +resource "azurerm_lb_rule" "lb_rule" { + loadbalancer_id = azurerm_lb.lb.id + name = "http-rule-${var.yourname}" + protocol = "Tcp" + frontend_port = 80 + backend_port = 80 + frontend_ip_configuration_name = "LoadBalancerFrontEnd" # References the Frontend IP configuration created earlier. + backend_address_pool_ids = [azurerm_lb_backend_address_pool.lb_pool.id] # Points to the Backend Address Pool (azurerm_lb_backend_address_pool.lb_pool.id), defining which VMs will receive the incoming traffic. + probe_id = azurerm_lb_probe.lb_probe.id # References the Health Probe to determine if a backend VM is healthy and can serve traffic. +} + + + + + diff --git a/Maor-Labs/Load_Balancing_lab/varuables.tf b/Maor-Labs/Load_Balancing_lab/varuables.tf new file mode 100644 index 000000000..bae0e2d8a --- /dev/null +++ b/Maor-Labs/Load_Balancing_lab/varuables.tf @@ -0,0 +1,12 @@ +provider "azurerm" { + features {} +} + +variable "yourname" { + default = "Maor" + description = "Change it to your first name and the first letter of your family name: ex. yanivc - for yaniv cohen" +} + +variable "location" { + default = "East US" +} \ No newline at end of file From cb387e51bb013e5be110dfd064efbf5294a8967c Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 6 Jul 2025 18:28:59 +0000 Subject: [PATCH 09/22] AWS --- AWS-Maor-Labs/main.tf | 55 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 AWS-Maor-Labs/main.tf diff --git a/AWS-Maor-Labs/main.tf b/AWS-Maor-Labs/main.tf new file mode 100644 index 000000000..9247f60ba --- /dev/null +++ b/AWS-Maor-Labs/main.tf @@ -0,0 +1,55 @@ + +# Define Provider Configuration +provider "aws" { + region = var.region +} + +variable "region" { + default = "us-east-1" +} + + +# Define a security group to allow SSH access to the VM +resource "aws_security_group" "sg-Maor" { + +ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + + +# create an EC2 instance +resource "aws_instance" "vm" { + ami = "ami-0c02fb55956c7d316" # Amazon Linux 2 AMI in us-east-1 + instance_type = "t2.micro" + + vpc_security_group_ids = [aws_security_group.sg-Maor.id] + + tags = { + Name = "Maor-vm" + } +} + + +# To retrieve the public IP of the virtual machine, use the following output configuration: +output "vm_public_ip" { + value = aws_instance.vm.public_ip + description = "Public IP address of the VM" +} + + + + + + + From 4da4bd550d138c6b07e840e5b266cd7962150742 Mon Sep 17 00:00:00 2001 From: MaorShtern <93667425+MaorShtern@users.noreply.github.com> Date: Fri, 11 Jul 2025 12:52:27 +0300 Subject: [PATCH 10/22] =?UTF-8?q?11/7=20=D7=94=D7=A9=D7=9C=D7=9E=D7=AA=20?= =?UTF-8?q?=D7=A9=D7=99=D7=A2=D7=95=D7=A8=20=D7=94=D7=A7=D7=9C=D7=98=D7=94?= =?UTF-8?q?=20(=D7=94=D7=95=D7=90=20=D7=9C=D7=90=20=D7=9E=D7=A8=D7=90?= =?UTF-8?q?=D7=94=20=D7=A4=D7=99=D7=AA=D7=A8=D7=95=D7=9F)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- AWS-Maor-Labs/{ => 101-lab}/main.tf | 0 AWS-Maor-Labs/102-lab/main.tf | 58 +++++++++++++++++++++++++++++ AWS-Maor-Labs/102-lab/output.tf | 6 +++ AWS-Maor-Labs/102-lab/provider.tf | 4 ++ 4 files changed, 68 insertions(+) rename AWS-Maor-Labs/{ => 101-lab}/main.tf (100%) create mode 100644 AWS-Maor-Labs/102-lab/main.tf create mode 100644 AWS-Maor-Labs/102-lab/output.tf create mode 100644 AWS-Maor-Labs/102-lab/provider.tf diff --git a/AWS-Maor-Labs/main.tf b/AWS-Maor-Labs/101-lab/main.tf similarity index 100% rename from AWS-Maor-Labs/main.tf rename to AWS-Maor-Labs/101-lab/main.tf diff --git a/AWS-Maor-Labs/102-lab/main.tf b/AWS-Maor-Labs/102-lab/main.tf new file mode 100644 index 000000000..5075d0343 --- /dev/null +++ b/AWS-Maor-Labs/102-lab/main.tf @@ -0,0 +1,58 @@ + +# Define Provider Configuration +provider "aws" { + region = var.region +} + +variable "region" { + default = "us-east-1" +} + + + +# Define a security group to allow SSH access to the VM +resource "aws_security_group" "sg-Maor" { + +ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + + +# create an EC2 instance +resource "aws_instance" "vm" { + ami = "ami-0c02fb55956c7d316" # Amazon Linux 2 AMI in us-east-1 + instance_type = "t2.micro" + subnet_id = "subnet-06acd0b316280afeb" + vpc_security_group_ids = [aws_security_group.sg-Maor.id] + + tags = { + Name = "Maor-vm" + } +} + + +resource "time_sleep" "wait_for_ip" { + create_duration = "10s" # Wait for 10 seconds + depends_on = [ aws_instance.vm ] +} + + + + + + + + + + diff --git a/AWS-Maor-Labs/102-lab/output.tf b/AWS-Maor-Labs/102-lab/output.tf new file mode 100644 index 000000000..37a0c1eff --- /dev/null +++ b/AWS-Maor-Labs/102-lab/output.tf @@ -0,0 +1,6 @@ +# To retrieve the public IP of the virtual machine, use the following output configuration: +output "vm_public_ip" { + value = aws_instance.vm.public_ip + description = "Public IP address of the VM" +} + diff --git a/AWS-Maor-Labs/102-lab/provider.tf b/AWS-Maor-Labs/102-lab/provider.tf new file mode 100644 index 000000000..ad42cd7fe --- /dev/null +++ b/AWS-Maor-Labs/102-lab/provider.tf @@ -0,0 +1,4 @@ +module "iam" { + source = "terraform-aws-modules/iam/aws" + version = "5.59.0" +} From 1213267247f48bb8ba9a29d99aac1ba505583d0e Mon Sep 17 00:00:00 2001 From: MaorShtern <93667425+MaorShtern@users.noreply.github.com> Date: Fri, 11 Jul 2025 13:21:10 +0300 Subject: [PATCH 11/22] =?UTF-8?q?11/7=20=D7=94=D7=A9=D7=9C=D7=9E=D7=AA=20?= =?UTF-8?q?=D7=A9=D7=99=D7=A2=D7=95=D7=A8=20=D7=94=D7=A7=D7=9C=D7=98=D7=94?= =?UTF-8?q?=20(=D7=94=D7=95=D7=90=20=D7=9C=D7=90=20=D7=9E=D7=A8=D7=90?= =?UTF-8?q?=D7=94=20=D7=A4=D7=99=D7=AA=D7=A8=D7=95=D7=9F)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- AWS-Maor-Labs/102-lab/main.tf | 17 +++++++++ AWS-Maor-Labs/102-lab/output.tf | 3 +- AWS-Maor-Labs/103-lab/apache_install.tf | 38 +++++++++++++++++++ AWS-Maor-Labs/103-lab/global.tf | 30 +++++++++++++++ AWS-Maor-Labs/103-lab/network.tf | 30 +++++++++++++++ AWS-Maor-Labs/103-lab/validate_ip.tf | 28 ++++++++++++++ AWS-Maor-Labs/103-lab/vm.tf | 50 +++++++++++++++++++++++++ 7 files changed, 195 insertions(+), 1 deletion(-) create mode 100644 AWS-Maor-Labs/103-lab/apache_install.tf create mode 100644 AWS-Maor-Labs/103-lab/global.tf create mode 100644 AWS-Maor-Labs/103-lab/network.tf create mode 100644 AWS-Maor-Labs/103-lab/validate_ip.tf create mode 100644 AWS-Maor-Labs/103-lab/vm.tf diff --git a/AWS-Maor-Labs/102-lab/main.tf b/AWS-Maor-Labs/102-lab/main.tf index 5075d0343..70a54652f 100644 --- a/AWS-Maor-Labs/102-lab/main.tf +++ b/AWS-Maor-Labs/102-lab/main.tf @@ -49,6 +49,23 @@ resource "time_sleep" "wait_for_ip" { +# This command checks if the public IP address (${aws_instance.vm.public_ip}) is empty (-z). +resource "null_resource" "check_public_ip" { + + # If it is empty, it outputs an error message and terminates with an exit code status 1, causing Terraform to stop with an error. + provisioner "local-exec" { + command = <&2 + exit 1 + fi + EOT + } + + depends_on = [aws_instance.vm] +} + + diff --git a/AWS-Maor-Labs/102-lab/output.tf b/AWS-Maor-Labs/102-lab/output.tf index 37a0c1eff..8bde3d0d4 100644 --- a/AWS-Maor-Labs/102-lab/output.tf +++ b/AWS-Maor-Labs/102-lab/output.tf @@ -1,6 +1,7 @@ # To retrieve the public IP of the virtual machine, use the following output configuration: output "vm_public_ip" { - value = aws_instance.vm.public_ip + value = aws_instance.vm.public_ip + depends_on = [null_resource.check_public_ip] description = "Public IP address of the VM" } diff --git a/AWS-Maor-Labs/103-lab/apache_install.tf b/AWS-Maor-Labs/103-lab/apache_install.tf new file mode 100644 index 000000000..1c0dc03b2 --- /dev/null +++ b/AWS-Maor-Labs/103-lab/apache_install.tf @@ -0,0 +1,38 @@ + + + +# Null Resource for Apache Installation +resource "null_resource" "provision_apache" { + depends_on = [aws_instance.vm] + + # Trigger to force rerun whenever timestamp changes + # This will force terraform to rerun the provisioner and update the welcome.html file if changed + triggers = { + always_run = timestamp() + } + + provisioner "remote-exec" { + inline = [ + "sudo apt update", + "sudo apt install -y apache2", + "echo '

Welcome to the Web Server!

' | sudo tee /var/www/html/welcome.html", + "sudo systemctl start apache2", + "sudo systemctl enable apache2" + ] + + connection { + type = "ssh" + user = "ubuntu" + password = var.admin_password + host = aws_instance.vm.public_ip + timeout = "1m" + } + } +} + + +# Updated Output for Server Information to use data source +output "server_info" { + value = "Please browse: http://${aws_instance.vm.public_ip}/welcome.html" + description = "Instructions to access the server, note that port 80 is currently blocked." +} \ No newline at end of file diff --git a/AWS-Maor-Labs/103-lab/global.tf b/AWS-Maor-Labs/103-lab/global.tf new file mode 100644 index 000000000..830b5c0c0 --- /dev/null +++ b/AWS-Maor-Labs/103-lab/global.tf @@ -0,0 +1,30 @@ +# This file defines the provider (AWS) and the global variables for your configuration. + + +provider "aws" { + region = var.region +} + +variable "region" { + default = "us-west-2" +} + + +variable "ami" { + default = "ami-04feae287ec8b0244" + } +variable "vm_name" { + default = "vm-Maor" +} + +variable "admin_username" { + default = "admin-user" +} + +variable "admin_password" { + default = "Password123!" +} + +variable "vm_size" { + default = "t2.micro" +} diff --git a/AWS-Maor-Labs/103-lab/network.tf b/AWS-Maor-Labs/103-lab/network.tf new file mode 100644 index 000000000..55a710d51 --- /dev/null +++ b/AWS-Maor-Labs/103-lab/network.tf @@ -0,0 +1,30 @@ + + +# Network Configuration File + + +resource "aws_security_group" "sg" { + # allow port 22 to be open + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + # allow port 80 to be open + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + # All outbound traffic (egress) to the internet — no restriction. + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} \ No newline at end of file diff --git a/AWS-Maor-Labs/103-lab/validate_ip.tf b/AWS-Maor-Labs/103-lab/validate_ip.tf new file mode 100644 index 000000000..2304d7888 --- /dev/null +++ b/AWS-Maor-Labs/103-lab/validate_ip.tf @@ -0,0 +1,28 @@ +resource "time_sleep" "wait_for_ip" { + create_duration = "1m" # Wait for 1 minute to allow AWS to allocate the IP +} + + +# The null_resource runs a local script to validate the IP allocation, retrying a few times if needed. +# The data source fetches the latest IP once the validation completes successfully. + +resource "null_resource" "validate_ip" { + provisioner "local-exec" { + command = <&2 + exit 1 + EOT + } + depends_on = [time_sleep.wait_for_ip] +} diff --git a/AWS-Maor-Labs/103-lab/vm.tf b/AWS-Maor-Labs/103-lab/vm.tf new file mode 100644 index 000000000..2a63aa53f --- /dev/null +++ b/AWS-Maor-Labs/103-lab/vm.tf @@ -0,0 +1,50 @@ +resource "aws_instance" "vm" { + ami = var.ami + instance_type = var.vm_size + vpc_security_group_ids = [aws_security_group.sg.id] + + tags = { + Name = var.vm_name + } + + user_data = <<-EOF + #cloud-config + users: + - name: ${var.admin_username} + groups: sudo + shell: /bin/bash + sudo: ["ALL=(ALL) NOPASSWD:ALL"] + lock_passwd: false + passwd: $(echo ${var.admin_password} | openssl passwd -6 -stdin) + EOF + + } + +output "vm_public_ip" { + value = aws_instance.vm.public_ip +} + + +# ----------------------------------------------------------- +# Notes regarding the user login configuration: +# +# Explanation: +# 1. Cloud-Init: +# - user_data allows you to pass initialization scripts to the EC2 instance during boot. +# - The #cloud-config syntax is used to create users and set passwords. +# +# 2. Password Encryption: +# - The `passwd` field requires a hashed password. +# - Use `openssl passwd -6` to generate a secure hash for the password. +# - Replace the hash generation dynamically if needed (e.g., in CI/CD pipelines). +# +# 3. Locking SSH: +# - By not specifying an SSH key and relying on user_data, you enable user/password login. +# - Ensure the AWS security group allows SSH (port 22) if required for initial configuration. +# +# 4. Security Considerations (TBD): +# - Avoid hardcoding sensitive credentials in your Terraform code. +# - Use secure methods to pass secrets, such as: +# - Terraform variables stored in encrypted state files +# - A secrets management solution (e.g., AWS Secrets Manager) +# ----------------------------------------------------------- From c69d578229397a7bb3b4102dc479656bf479236c Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 13 Jul 2025 15:16:23 +0000 Subject: [PATCH 12/22] test --- test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.txt b/test.txt index b5a83001c..5edcb678d 100644 --- a/test.txt +++ b/test.txt @@ -1 +1 @@ -testing commit 14:46:11 +testing commit 15:16:23 From cefb52b8952de0ed20b27cd3ccefc11ec12b77e2 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 13 Jul 2025 18:14:08 +0000 Subject: [PATCH 13/22] 13/07 --- Terraform-Graded-Class-Exercise/main.py | 105 ++++++++++ .../terraform/main.tf | 98 +++++++++ .../terraform_executor.py | 64 ++++++ .../terraform_template.py | 194 ++++++++++++++++++ 4 files changed, 461 insertions(+) create mode 100755 Terraform-Graded-Class-Exercise/main.py create mode 100644 Terraform-Graded-Class-Exercise/terraform/main.tf create mode 100755 Terraform-Graded-Class-Exercise/terraform_executor.py create mode 100755 Terraform-Graded-Class-Exercise/terraform_template.py diff --git a/Terraform-Graded-Class-Exercise/main.py b/Terraform-Graded-Class-Exercise/main.py new file mode 100755 index 000000000..eee1b1966 --- /dev/null +++ b/Terraform-Graded-Class-Exercise/main.py @@ -0,0 +1,105 @@ +import re +import sys +import jinja2 +from terraform_template import render_template +from terraform_executor import execute_terraform + + + +def Get_User_Variables(): + # --- AMI selection --- + ami_choice = input("Choose between Ubuntu or Amazon Linux: ").strip().lower() + if ami_choice == "ubuntu": + ami_choice = "ubuntu" + elif ami_choice in ["amazon linux", "linux"]: + ami_choice = "amazon linux" + else: + sys.exit("❌ You must choose either 'Ubuntu' or 'Amazon Linux'!") + + + # --- Instance type selection --- + instance_type_choice = input("Choose instance type (t3.small / t3.medium): ").strip() + if instance_type_choice == "t3.small": + instance_type_choice = "t3.small" + elif instance_type_choice == "t3.medium": + instance_type_choice = "t3.medium" + else: + sys.exit("❌ You must choose either 't3.small' or 't3.medium'!") + + + # --- Region selection --- + region = input("Select region (only 'us-east-2' is allowed, others will be defaulted): ").strip() + if region != "us-east-2": + print(f"⚠️ Region '{region}' is not allowed. Defaulting to 'us-east-2'.") + region = "us-east-2" + + # --- Load Balancer name --- + alb_name = input("Enter a name for your Load Balancer (ALB): ").strip() + + if not re.match(r'^[a-zA-Z0-9\-]+$', alb_name): + sys.exit("❌ Invalid ALB name. Use only letters, numbers, and hyphens (-).") + + print("\n✅ Summary of your configuration:") + print(f" AMI: {ami_choice}") + print(f" Instance Type: {instance_type_choice}") + print(f" Region: {region}") + print(f" ALB Name: {alb_name}") + + # --- Store all values in a dictionary --- + context = { + "ami": ami_choice, + "instance_type": instance_type_choice, + "region": region, + "availability_zone": "us-east-2", + "lb_name": alb_name + } + + print("\n✅ Configuration collected successfully!") + print("Context to pass into Jinja2 template:") + print(context) + + # --- Jinja2 template usage --- + template_str = """ + resource "aws_instance" "example" { + ami = "{{ ami }}" + instance_type = "{{ instance_type }}" + region = "{{ region }}" + } + + resource "aws_lb" "example" { + name = "{{ lb_name }}" + internal = false + load_balancer_type = "application" + subnets = ["subnet-xyz"] # Replace with real subnet IDs + } + """ + + # Render the template + try: + template = jinja2.Template(template_str) + rendered_output = template.render(context) + + print("\n📄 Rendered Terraform Configuration:") + print(rendered_output) + return context + + except jinja2.exceptions.TemplateError as e: + print("\n❌ Jinja2 template rendering failed!") + print(f"Error: {e}") + + + + +if __name__ == '__main__': + print("Build a Python-based AWS Infrastructure as Code (IaC) tool!") + print("Please enter the following details to create your infrastructure.\n") + + context = Get_User_Variables() + + rendered_tf = render_template(context) + + + execute_terraform(rendered_tf, "./terraform/main.tf") + validate_resources("./terraform") + + diff --git a/Terraform-Graded-Class-Exercise/terraform/main.tf b/Terraform-Graded-Class-Exercise/terraform/main.tf new file mode 100644 index 000000000..79a4bdb69 --- /dev/null +++ b/Terraform-Graded-Class-Exercise/terraform/main.tf @@ -0,0 +1,98 @@ + + + provider "aws" { + region = "us-east-2" + } + + resource "aws_instance" "web_server" { + ami = "ami-0abcdef1234567890" + instance_type = "t3.small" + subnet_id = aws_subnet.public[0].id + availability_zone = "us-east-2" + vpc_security_group_ids = [aws_security_group.lb_sg.id] + + tags = { + Name = "WebServer" + } + } + + resource "aws_lb" "application_lb" { + name = "Maor-lb" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.lb_sg.id] + subnets = aws_subnet.public[*].id + } + + resource "aws_security_group" "lb_sg" { + name = "lb_security_group" + description = "Allow HTTP inbound traffic" + vpc_id = aws_vpc.main.id + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + } + + resource "aws_lb_listener" "http_listener" { + load_balancer_arn = aws_lb.application_lb.arn + port = 80 + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.web_target_group.arn + } + } + + resource "aws_lb_target_group" "web_target_group" { + name = "web-target-group" + port = 80 + protocol = "HTTP" + vpc_id = aws_vpc.main.id + + health_check { + healthy_threshold = 2 + unhealthy_threshold = 2 + timeout = 5 + interval = 30 + path = "/" + protocol = "HTTP" + } + } + + resource "aws_lb_target_group_attachment" "web_instance_attachment" { + target_group_arn = aws_lb_target_group.web_target_group.arn + target_id = aws_instance.web_server.id + port = 80 + } + + resource "aws_subnet" "public" { + count = 2 + vpc_id = aws_vpc.main.id + cidr_block = "10.0.${count.index}.0/24" + availability_zone = element(["us-east-2a", "us-east-2b"], count.index) + } + + + resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" + } + + output "instance_id" { + value = aws_instance.web_server.id + } + + output "lb_dns_name" { + value = aws_lb.application_lb.dns_name + } diff --git a/Terraform-Graded-Class-Exercise/terraform_executor.py b/Terraform-Graded-Class-Exercise/terraform_executor.py new file mode 100755 index 000000000..76ed64abe --- /dev/null +++ b/Terraform-Graded-Class-Exercise/terraform_executor.py @@ -0,0 +1,64 @@ + +import os +import sys +from python_terraform import Terraform + + + +def execute_terraform(tf_content, output_path): + os.makedirs(os.path.dirname(output_path), exist_ok=True) + + with open(output_path, "w") as f: + f.write(tf_content) + print(f"✅ Terraform config written to {output_path}") + + tf = Terraform(working_dir=os.path.dirname(output_path)) + + + # ---- terraform init ---- + print("\n🔧 Running: terraform init") + code, _, init_err = tf.init(capture_output=False) + if code != 0: + print("❌ Init failed:\n", init_err) + sys.exit(1) + + + # ---- terraform plan ---- + print("\n📝 Running: terraform plan") + code, plan_out, plan_err = tf.plan(capture_output=True) + + if code != 0 and "No changes" not in plan_out and "+" not in plan_out: + print("❌ Plan failed!") + print("STDOUT:\n", plan_out) + print("STDERR:\n", plan_err) + sys.exit(1) + else: + print("✅ Plan succeeded.\n", plan_out) + + + + # ---- terraform apply ---- + print("\n🚀 Running: terraform apply") + code, apply_out, apply_err = tf.apply(skip_plan=True, capture_output=True) + if code != 0: + print("❌ Apply failed!") + print("STDOUT:\n", apply_out) + print("STDERR:\n", apply_err) + sys.exit(1) + print("✅ Apply succeeded.\n", apply_out) + + + # ---- terraform output ---- + print("\n📤 Fetching Terraform outputs") + code, tf_outputs, output_err = tf.output() + if code == 0: + for key, val in tf_outputs.items(): + print(f"{key}: {val['value']}") + else: + print("⚠️ Failed to fetch outputs:\n", output_err) + + + + + + diff --git a/Terraform-Graded-Class-Exercise/terraform_template.py b/Terraform-Graded-Class-Exercise/terraform_template.py new file mode 100755 index 000000000..99fec7845 --- /dev/null +++ b/Terraform-Graded-Class-Exercise/terraform_template.py @@ -0,0 +1,194 @@ +import jinja2 + +# Extract user inputs from the context dictionary +ami_options = { + "ubuntu": "ami-0c995fbcf99222492", + "amazon linux": "ami-0915e09cc7ceee3ab" +} + +instance_types = { + "t3.small": "t3.small", + "t3.medium": "t3.medium" +} + + + +AVAILABILITY_ZONES = ["us-east-1a", "us-east-1b"] +ALLOWED_REGION = "us-east-1" + + + +terraform_template = """ +######################### +# Terraform Template # +######################### + +provider "aws" { + region = "{{ region }}" +} + +##################### +# Existing Network # +##################### +# משתמשים ב-IDs שמועברים מה-context +# vpc_id = {{ vpc_id }} +# subnet_id_1/2 = {{ subnet_id_1 }} , {{ subnet_id_2 }} +# security_group = {{ security_group_id }} + +##################### +# EC2 Web Server # +##################### +resource "aws_instance" "web_server" { + ami = "{{ ami }}" + instance_type = "{{ instance_type }}" + subnet_id = "{{ subnet_id_1 }}" + vpc_security_group_ids = ["{{ security_group_id }}"] + + user_data = <<-EOF + #!/bin/bash + yum update -y + yum install -y httpd + systemctl start httpd + systemctl enable httpd + echo "

Hello from $(hostname -f)

" > /var/www/html/index.html + EOF + + tags = { + Name = "WebServer" + } +} + +################################# +# Application Load Balancer # +################################# +resource "aws_lb" "application_lb" { + name = "{{ load_balancer_name | lower }}" + internal = false + load_balancer_type = "application" + security_groups = ["{{ security_group_id }}"] + subnets = ["{{ subnet_id_1 }}", "{{ subnet_id_2 }}"] + + enable_deletion_protection = false + + tags = { + Name = "{{ load_balancer_name | lower }}" + } +} + +################## +# Target Group # +################## +resource "aws_lb_target_group" "web_target_group" { + name = "{{ load_balancer_name | lower }}-tg" + port = 80 + protocol = "HTTP" + vpc_id = "{{ vpc_id }}" + + health_check { + enabled = true + healthy_threshold = 2 + unhealthy_threshold = 2 + timeout = 5 + interval = 30 + path = "/" + matcher = "200" + } +} + +############################## +# Attach EC2 → TargetGroup # +############################## +resource "aws_lb_target_group_attachment" "web_instance_attachment" { + target_group_arn = aws_lb_target_group.web_target_group.arn + target_id = aws_instance.web_server.id + port = 80 +} + +################# +# LB Listener # +################# +resource "aws_lb_listener" "http_listener" { + load_balancer_arn = aws_lb.application_lb.arn + port = 80 + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.web_target_group.arn + } +} + +############ +# Outputs # +############ +output "instance_id" { + description = "ID of the EC2 instance" + value = aws_instance.web_server.id +} + +output "instance_public_ip" { + description = "Public IP address of the EC2 instance" + value = aws_instance.web_server.public_ip +} + +output "load_balancer_dns" { + description = "DNS name of the load balancer" + value = aws_lb.application_lb.dns_name +} +""" + + + + + +# terraform_template = """ + + + + +# """ + + + + +def render_template(context): + + # print(context) + + ami_key = context["ami"].lower() + ami_id = ami_options.get(ami_key) + + if not ami_id: + sys.exit("❌ No valid AMI ID found for your choice.") + + + ami_key = context["ami"].lower() + ami_id = ami_options.get(ami_key) + + if not ami_id: + raise ValueError(f"❌ Invalid AMI name '{ami_key}'. Must be one of: {list(ami_options.keys())}") + + # print(f"✅ AMI ID for '{ami_key}': {ami_id}") + + + instance_type = instance_types.get(context["instance_type"].lower(), "t3.small") + + template_context = { + "ami": ami_id, + "instance_type": instance_type, + "region": context["region"], + "availability_zone": context["availability_zone"], + "load_balancer_name": context["lb_name"] , + "security_group_id": "sg-0123456789abcdef0", # ← SG קיים + "subnet_id_1": "subnet-09a9b4fe4e74051b3", # AZ: us-east-2a + "subnet_id_2": "subnet-0fa3e3e7dad301962", # AZ: us-east-2b + "vpc_id": "vpc-0a691b1cda1dea4be" # VPC קיים + } + + # print(template_context) + + template = jinja2.Template(terraform_template) + + rendered = template.render(template_context) + + return rendered \ No newline at end of file From 341786d87643ce900450337a967ff364c2d310b5 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 13 Jul 2025 18:31:45 +0000 Subject: [PATCH 14/22] 13/07 --- .../terraform_template.py | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/Terraform-Graded-Class-Exercise/terraform_template.py b/Terraform-Graded-Class-Exercise/terraform_template.py index 99fec7845..ed0eb3469 100755 --- a/Terraform-Graded-Class-Exercise/terraform_template.py +++ b/Terraform-Graded-Class-Exercise/terraform_template.py @@ -13,8 +13,8 @@ -AVAILABILITY_ZONES = ["us-east-1a", "us-east-1b"] -ALLOWED_REGION = "us-east-1" +AVAILABILITY_ZONES = ["us-east-2a", "us-east-2b"] +ALLOWED_REGION = "us-east-2" @@ -141,14 +141,6 @@ -# terraform_template = """ - - - - -# """ - - def render_template(context): From d08d4503539fd206a830596bf33a55a5c28a9285 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 13 Jul 2025 18:31:56 +0000 Subject: [PATCH 15/22] 13/07 --- .../terraform/main.tf | 173 ++++++++---------- .../terraform_template.py | 137 +++++--------- Terraform-Graded-Class-Exercise/validature.py | 53 ++++++ 3 files changed, 176 insertions(+), 187 deletions(-) create mode 100644 Terraform-Graded-Class-Exercise/validature.py diff --git a/Terraform-Graded-Class-Exercise/terraform/main.tf b/Terraform-Graded-Class-Exercise/terraform/main.tf index 79a4bdb69..136c791db 100644 --- a/Terraform-Graded-Class-Exercise/terraform/main.tf +++ b/Terraform-Graded-Class-Exercise/terraform/main.tf @@ -1,98 +1,77 @@ - - provider "aws" { - region = "us-east-2" - } - - resource "aws_instance" "web_server" { - ami = "ami-0abcdef1234567890" - instance_type = "t3.small" - subnet_id = aws_subnet.public[0].id - availability_zone = "us-east-2" - vpc_security_group_ids = [aws_security_group.lb_sg.id] - - tags = { - Name = "WebServer" - } - } - - resource "aws_lb" "application_lb" { - name = "Maor-lb" - internal = false - load_balancer_type = "application" - security_groups = [aws_security_group.lb_sg.id] - subnets = aws_subnet.public[*].id - } - - resource "aws_security_group" "lb_sg" { - name = "lb_security_group" - description = "Allow HTTP inbound traffic" - vpc_id = aws_vpc.main.id - - ingress { - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - } - - resource "aws_lb_listener" "http_listener" { - load_balancer_arn = aws_lb.application_lb.arn - port = 80 - protocol = "HTTP" - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.web_target_group.arn - } - } - - resource "aws_lb_target_group" "web_target_group" { - name = "web-target-group" - port = 80 - protocol = "HTTP" - vpc_id = aws_vpc.main.id - - health_check { - healthy_threshold = 2 - unhealthy_threshold = 2 - timeout = 5 - interval = 30 - path = "/" - protocol = "HTTP" - } - } - - resource "aws_lb_target_group_attachment" "web_instance_attachment" { - target_group_arn = aws_lb_target_group.web_target_group.arn - target_id = aws_instance.web_server.id - port = 80 - } - - resource "aws_subnet" "public" { - count = 2 - vpc_id = aws_vpc.main.id - cidr_block = "10.0.${count.index}.0/24" - availability_zone = element(["us-east-2a", "us-east-2b"], count.index) - } - - - resource "aws_vpc" "main" { - cidr_block = "10.0.0.0/16" - } - - output "instance_id" { - value = aws_instance.web_server.id - } - - output "lb_dns_name" { - value = aws_lb.application_lb.dns_name - } +provider "aws" { + region = "us-east-2" +} + +variable "vpc_id" { + default = "vpc-0a691b1cda1dea4be" +} + +variable "subnet_ids" { + default = ["subnet-09a9b4fe4e74051b3", "subnet-05860172a9327d826"] +} + +resource "aws_instance" "web_server" { + ami = "ami-0c995fbcf99222492" + instance_type = "t3.small" + availability_zone = "us-east-2" + subnet_id = var.subnet_ids[0] + vpc_security_group_ids = [aws_security_group.lb_sg.id] + + tags = { + Name = "WebServer" + } +} + +resource "aws_security_group" "lb_sg" { + name = "lb_security_group_Maor-lb" + description = "Allow HTTP inbound traffic" + vpc_id = var.vpc_id + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_lb" "application_lb" { + name = "Maor-lb" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.lb_sg.id] + subnets = var.subnet_ids +} + +resource "aws_lb_listener" "http_listener" { + load_balancer_arn = aws_lb.application_lb.arn + port = 80 + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.web_target_group.arn + } +} + +resource "aws_lb_target_group" "web_target_group" { + name = "web-target-group-Maor-lb" + port = 80 + protocol = "HTTP" + vpc_id = var.vpc_id +} + +resource "aws_lb_target_group_attachment" "web_instance_attachment" { + target_group_arn = aws_lb_target_group.web_target_group.arn + target_id = aws_instance.web_server.id +} + + +output "instance_id" { + value = aws_instance.web_server.id +} + +output "load_balancer_dns" { + value = aws_lb.application_lb.dns_name +} \ No newline at end of file diff --git a/Terraform-Graded-Class-Exercise/terraform_template.py b/Terraform-Graded-Class-Exercise/terraform_template.py index ed0eb3469..3c9fef784 100755 --- a/Terraform-Graded-Class-Exercise/terraform_template.py +++ b/Terraform-Graded-Class-Exercise/terraform_template.py @@ -18,122 +18,82 @@ -terraform_template = """ -######################### -# Terraform Template # -######################### - +terraform_template = """ provider "aws" { region = "{{ region }}" } -##################### -# Existing Network # -##################### -# משתמשים ב-IDs שמועברים מה-context -# vpc_id = {{ vpc_id }} -# subnet_id_1/2 = {{ subnet_id_1 }} , {{ subnet_id_2 }} -# security_group = {{ security_group_id }} - -##################### -# EC2 Web Server # -##################### +variable "vpc_id" { + default = "vpc-0a691b1cda1dea4be" +} + +variable "subnet_ids" { + default = ["subnet-09a9b4fe4e74051b3", "subnet-05860172a9327d826"] +} + resource "aws_instance" "web_server" { ami = "{{ ami }}" instance_type = "{{ instance_type }}" - subnet_id = "{{ subnet_id_1 }}" - vpc_security_group_ids = ["{{ security_group_id }}"] - - user_data = <<-EOF - #!/bin/bash - yum update -y - yum install -y httpd - systemctl start httpd - systemctl enable httpd - echo "

Hello from $(hostname -f)

" > /var/www/html/index.html - EOF + availability_zone = "{{ availability_zone }}" + subnet_id = var.subnet_ids[0] + vpc_security_group_ids = [aws_security_group.lb_sg.id] tags = { Name = "WebServer" } } -################################# -# Application Load Balancer # -################################# +resource "aws_security_group" "lb_sg" { + name = "lb_security_group_{{ load_balancer_name }}" + description = "Allow HTTP inbound traffic" + vpc_id = var.vpc_id + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} + resource "aws_lb" "application_lb" { - name = "{{ load_balancer_name | lower }}" + name = "{{ load_balancer_name }}" internal = false load_balancer_type = "application" - security_groups = ["{{ security_group_id }}"] - subnets = ["{{ subnet_id_1 }}", "{{ subnet_id_2 }}"] + security_groups = [aws_security_group.lb_sg.id] + subnets = var.subnet_ids +} - enable_deletion_protection = false +resource "aws_lb_listener" "http_listener" { + load_balancer_arn = aws_lb.application_lb.arn + port = 80 + protocol = "HTTP" - tags = { - Name = "{{ load_balancer_name | lower }}" + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.web_target_group.arn } } -################## -# Target Group # -################## resource "aws_lb_target_group" "web_target_group" { - name = "{{ load_balancer_name | lower }}-tg" + name = "web-target-group-{{ load_balancer_name }}" port = 80 protocol = "HTTP" - vpc_id = "{{ vpc_id }}" - - health_check { - enabled = true - healthy_threshold = 2 - unhealthy_threshold = 2 - timeout = 5 - interval = 30 - path = "/" - matcher = "200" - } + vpc_id = var.vpc_id } -############################## -# Attach EC2 → TargetGroup # -############################## resource "aws_lb_target_group_attachment" "web_instance_attachment" { target_group_arn = aws_lb_target_group.web_target_group.arn target_id = aws_instance.web_server.id - port = 80 } -################# -# LB Listener # -################# -resource "aws_lb_listener" "http_listener" { - load_balancer_arn = aws_lb.application_lb.arn - port = 80 - protocol = "HTTP" - - default_action { - type = "forward" - target_group_arn = aws_lb_target_group.web_target_group.arn - } -} -############ -# Outputs # -############ output "instance_id" { - description = "ID of the EC2 instance" - value = aws_instance.web_server.id -} - -output "instance_public_ip" { - description = "Public IP address of the EC2 instance" - value = aws_instance.web_server.public_ip + value = aws_instance.web_server.id } output "load_balancer_dns" { - description = "DNS name of the load balancer" - value = aws_lb.application_lb.dns_name + value = aws_lb.application_lb.dns_name } """ @@ -166,16 +126,13 @@ def render_template(context): instance_type = instance_types.get(context["instance_type"].lower(), "t3.small") template_context = { - "ami": ami_id, - "instance_type": instance_type, - "region": context["region"], - "availability_zone": context["availability_zone"], - "load_balancer_name": context["lb_name"] , - "security_group_id": "sg-0123456789abcdef0", # ← SG קיים - "subnet_id_1": "subnet-09a9b4fe4e74051b3", # AZ: us-east-2a - "subnet_id_2": "subnet-0fa3e3e7dad301962", # AZ: us-east-2b - "vpc_id": "vpc-0a691b1cda1dea4be" # VPC קיים - } + "ami": ami_id, + "instance_type": instance_type, + "region": context["region"], + "availability_zone": context["availability_zone"], + "load_balancer_name": context["lb_name"] + # Do NOT pass vpc_id or subnet_ids here, since they're defined as Terraform variables +} # print(template_context) diff --git a/Terraform-Graded-Class-Exercise/validature.py b/Terraform-Graded-Class-Exercise/validature.py new file mode 100644 index 000000000..ce703b8c8 --- /dev/null +++ b/Terraform-Graded-Class-Exercise/validature.py @@ -0,0 +1,53 @@ + + +import boto3 +import json + +def validate_with_boto3(instance_id: str, alb_dns: str, region: str = "us-east-2"): + try: + ec2 = boto3.client("ec2", region_name=region) + elbv2 = boto3.client("elbv2", region_name=region) + + # get instance details + ec2_response = ec2.describe_instances(InstanceIds=[instance_id]) + reservations = ec2_response.get("Reservations", []) + if not reservations or not reservations[0]["Instances"]: + raise Exception("EC2 instance not found.") + + instance = reservations[0]["Instances"][0] + instance_state = instance["State"]["Name"] + public_ip = instance.get("PublicIpAddress", "N/A") + + # get ALB details + lb_response = elbv2.describe_load_balancers() + lb_dns_name = None + for lb in lb_response["LoadBalancers"]: + if alb_dns in lb["DNSName"]: + lb_dns_name = lb["DNSName"] + break + + if not lb_dns_name: + raise Exception("ALB not found.") + + # Store to JSON + validation_data = { + "instance_id": instance_id, + "instance_state": instance_state, + "public_ip": public_ip, + "load_balancer_dns": lb_dns_name + } + + with open("aws_validation.json", "w") as f: + json.dump(validation_data, f, indent=4) + + print("AWS resource validation complete. Output written to aws_validation.json") + + except Exception as e: + print(f"Boto3 validation failed: {str(e)}") + + +validate_with_boto3( + instance_id="i-014c78c8124d22438", + alb_dns="tomer-lb-1577578029.us-east-2.elb.amazonaws.com" +) + From 798a8f68ccb61adb2697f28a81e3f461fb344e7a Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 14:49:47 +0000 Subject: [PATCH 16/22] test --- test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.txt b/test.txt index 5edcb678d..abad81bf1 100644 --- a/test.txt +++ b/test.txt @@ -1 +1 @@ -testing commit 15:16:23 +testing commit 14:49:47 From afe4ca90cde0bd08fededc3a94ad4a338bd62d97 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 15:05:06 +0000 Subject: [PATCH 17/22] 103 --- AWS-Maor-Labs/103-lab/network.tf | 54 ++++++++++++++++++++-------- AWS-Maor-Labs/103-lab/validate_ip.tf | 2 +- AWS-Maor-Labs/104-lab/variables.tf | 0 3 files changed, 40 insertions(+), 16 deletions(-) create mode 100644 AWS-Maor-Labs/104-lab/variables.tf diff --git a/AWS-Maor-Labs/103-lab/network.tf b/AWS-Maor-Labs/103-lab/network.tf index 55a710d51..97c867bf1 100644 --- a/AWS-Maor-Labs/103-lab/network.tf +++ b/AWS-Maor-Labs/103-lab/network.tf @@ -1,30 +1,54 @@ -# Network Configuration File - - resource "aws_security_group" "sg" { - # allow port 22 to be open - ingress { + ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] - } + } - # allow port 80 to be open - ingress { - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - # All outbound traffic (egress) to the internet — no restriction. egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } -} \ No newline at end of file +} + + + + + + + + +# # Network Configuration File + + +# resource "aws_security_group" "sg" { +# # allow port 22 to be open +# ingress { +# from_port = 22 +# to_port = 22 +# protocol = "tcp" +# cidr_blocks = ["0.0.0.0/0"] +# } + +# # allow port 80 to be open +# ingress { +# from_port = 80 +# to_port = 80 +# protocol = "tcp" +# cidr_blocks = ["0.0.0.0/0"] +# } + +# # All outbound traffic (egress) to the internet — no restriction. +# egress { +# from_port = 0 +# to_port = 0 +# protocol = "-1" +# cidr_blocks = ["0.0.0.0/0"] +# } +# } \ No newline at end of file diff --git a/AWS-Maor-Labs/103-lab/validate_ip.tf b/AWS-Maor-Labs/103-lab/validate_ip.tf index 2304d7888..17144b32c 100644 --- a/AWS-Maor-Labs/103-lab/validate_ip.tf +++ b/AWS-Maor-Labs/103-lab/validate_ip.tf @@ -9,7 +9,7 @@ resource "time_sleep" "wait_for_ip" { resource "null_resource" "validate_ip" { provisioner "local-exec" { command = < Date: Sun, 20 Jul 2025 15:11:56 +0000 Subject: [PATCH 18/22] 104 --- AWS-Maor-Labs/104-lab/mock_outputs.tf | 35 +++++++++++++++++++ .../104-lab/studentExtension/mock_outputs.tf | 23 ++++++++++++ .../104-lab/studentExtension/mock_services.tf | 10 ++++++ .../studentExtension/optional_services.tf | 11 ++++++ .../104-lab/studentExtension/variables.tf | 23 ++++++++++++ AWS-Maor-Labs/104-lab/variables.tf | 16 +++++++++ 6 files changed, 118 insertions(+) create mode 100644 AWS-Maor-Labs/104-lab/mock_outputs.tf create mode 100644 AWS-Maor-Labs/104-lab/studentExtension/mock_outputs.tf create mode 100644 AWS-Maor-Labs/104-lab/studentExtension/mock_services.tf create mode 100644 AWS-Maor-Labs/104-lab/studentExtension/optional_services.tf create mode 100644 AWS-Maor-Labs/104-lab/studentExtension/variables.tf diff --git a/AWS-Maor-Labs/104-lab/mock_outputs.tf b/AWS-Maor-Labs/104-lab/mock_outputs.tf new file mode 100644 index 000000000..8feec75ca --- /dev/null +++ b/AWS-Maor-Labs/104-lab/mock_outputs.tf @@ -0,0 +1,35 @@ + + +# Mock the number of virtual machines needed +output "vm_count" { + value = var.high_availability ? 3 : 1 + description = "Number of VMs required for the environment. If high availability is true, 3 VMs are needed; otherwise, 1." +} + +# Mocking network requirements based on environment +output "network_configuration" { + value = var.environment == "prod" ? "Production Network - Full Scale" : "Development/Staging Network - Limited Scale" + description = "Provides the network configuration type based on the environment." +} + +# Example of conditional logic using a ternary operator +output "ha_status_message" { + value = var.high_availability ? "High availability is enabled - multiple VMs are needed." : "High availability is disabled - a single VM is sufficient." + description = "A message indicating if high availability is enabled or disabled." +} + +# Mocking subnet creation using for_each +locals { + subnets = var.high_availability ? ["subnet-a", "subnet-b", "subnet-c"] : ["subnet-a"] +} + +output "mock_subnet_list" { + value = [for subnet in local.subnets : "Configured ${subnet}"] + description = "A mocked list of subnets that would be created based on high availability." +} + + + + + + diff --git a/AWS-Maor-Labs/104-lab/studentExtension/mock_outputs.tf b/AWS-Maor-Labs/104-lab/studentExtension/mock_outputs.tf new file mode 100644 index 000000000..e0c5e48c3 --- /dev/null +++ b/AWS-Maor-Labs/104-lab/studentExtension/mock_outputs.tf @@ -0,0 +1,23 @@ +# Output to show how many VMs would be created +output "vm_count" { + value = var.high_availability ? 3 : 1 + description = "Number of VMs required for the environment. If high availability is true, 3 VMs are needed; otherwise, 1." +} + +# Output to show the environment network configuration +output "network_configuration" { + value = var.environment == "prod" ? "Production Network - Full Scale" : "Development/Staging Network - Limited Scale" + description = "Provides the network configuration type based on the environment." +} + +# Output to indicate high availability status +output "ha_status_message" { + value = var.high_availability ? "High availability is enabled - multiple VMs are needed." : "High availability is disabled - a single VM is sufficient." + description = "A message indicating if high availability is enabled or disabled." +} + +# Output to mock database creation +output "mock_database_creation" { + value = var.create_database ? "A mock database will be created for this environment." : "No database needed for this environment." + description = "Indicates whether a mock database should be created." +} \ No newline at end of file diff --git a/AWS-Maor-Labs/104-lab/studentExtension/mock_services.tf b/AWS-Maor-Labs/104-lab/studentExtension/mock_services.tf new file mode 100644 index 000000000..a0642c433 --- /dev/null +++ b/AWS-Maor-Labs/104-lab/studentExtension/mock_services.tf @@ -0,0 +1,10 @@ +# Local variable to manage the list of services based on `create_database` +locals { + services = var.create_database ? ["web", "api", "database"] : ["web", "api"] +} + +# Output the mock list of services +output "mock_services_list" { + value = [for service in local.services : "Configured ${service} service"] + description = "A mocked list of services that would be created based on the create_database variable." +} \ No newline at end of file diff --git a/AWS-Maor-Labs/104-lab/studentExtension/optional_services.tf b/AWS-Maor-Labs/104-lab/studentExtension/optional_services.tf new file mode 100644 index 000000000..7a21fd8db --- /dev/null +++ b/AWS-Maor-Labs/104-lab/studentExtension/optional_services.tf @@ -0,0 +1,11 @@ +# Local variable to manage the list of services including cache if applicable +locals { + # Adding "cache" to the list if `environment` is "prod" and `create_database` is true + extended_services = var.environment == "prod" && var.create_database ? concat(local.services, ["cache"]) : local.services +} + +# Output the extended list of services +output "extended_services_list" { + value = [for service in local.extended_services : "Configured ${service} service"] + description = "A mocked list of services that would be created, optionally including cache for production." +} \ No newline at end of file diff --git a/AWS-Maor-Labs/104-lab/studentExtension/variables.tf b/AWS-Maor-Labs/104-lab/studentExtension/variables.tf new file mode 100644 index 000000000..f2772138e --- /dev/null +++ b/AWS-Maor-Labs/104-lab/studentExtension/variables.tf @@ -0,0 +1,23 @@ + + + +# Variable to control environment type +variable "environment" { + description = "Define the environment type: dev, staging, or prod" + type = string + default = "dev" +} + +# Variable to control high availability +variable "high_availability" { + description = "Whether to enable high availability (true or false)" + type = bool + default = false +} + +# Variable to control mock database creation +variable "create_database" { + description = "Whether to create a mock database (true or false)" + type = bool + default = true +} \ No newline at end of file diff --git a/AWS-Maor-Labs/104-lab/variables.tf b/AWS-Maor-Labs/104-lab/variables.tf index e69de29bb..87e9193c2 100644 --- a/AWS-Maor-Labs/104-lab/variables.tf +++ b/AWS-Maor-Labs/104-lab/variables.tf @@ -0,0 +1,16 @@ + + +variable "environment" { + description = "Define the environment type: dev, staging, or prod" + type = string + default = "dev" +} + +variable "high_availability" { + description = "Whether to enable high availability (true or false)" + type = bool + default = false +} + + + From 347c6e516d0bad7de97d1c29b6f10e01a399805c Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 17:01:28 +0000 Subject: [PATCH 19/22] 105 part 1 --- AWS-Maor-Labs/105-lab/ec2.tf | 11 +++++++ AWS-Maor-Labs/105-lab/main.tf | 39 ++++++++++++++++++++++++ AWS-Maor-Labs/105-lab/outputs.tf | 12 ++++++++ AWS-Maor-Labs/105-lab/provider.tf | 4 +++ AWS-Maor-Labs/105-lab/routes.tf | 14 +++++++++ AWS-Maor-Labs/105-lab/security_groups.tf | 27 ++++++++++++++++ 6 files changed, 107 insertions(+) create mode 100644 AWS-Maor-Labs/105-lab/ec2.tf create mode 100644 AWS-Maor-Labs/105-lab/main.tf create mode 100644 AWS-Maor-Labs/105-lab/outputs.tf create mode 100644 AWS-Maor-Labs/105-lab/provider.tf create mode 100644 AWS-Maor-Labs/105-lab/routes.tf create mode 100644 AWS-Maor-Labs/105-lab/security_groups.tf diff --git a/AWS-Maor-Labs/105-lab/ec2.tf b/AWS-Maor-Labs/105-lab/ec2.tf new file mode 100644 index 000000000..217efb876 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/ec2.tf @@ -0,0 +1,11 @@ +resource "aws_instance" "web_server" { + ami = "ami-0c02fb55956c7d316" + instance_type = "t2.micro" + subnet_id = aws_subnet.public_subnet.id + vpc_security_group_ids = [aws_security_group.ec2_sg.id] + associate_public_ip_address = true + + tags = { + Name = "Web-Server" + } +} diff --git a/AWS-Maor-Labs/105-lab/main.tf b/AWS-Maor-Labs/105-lab/main.tf new file mode 100644 index 000000000..feddc4c54 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/main.tf @@ -0,0 +1,39 @@ +resource "aws_vpc" "lab_vpc" { + cidr_block = "10.0.0.0/16" + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = "Lab-VPC" + } +} + +resource "aws_subnet" "public_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = true + availability_zone = "us-east-1a" + + tags = { + Name = "Public-Subnet" + } +} + +resource "aws_subnet" "private_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.2.0/24" + availability_zone = "us-east-1a" + + tags = { + Name = "Private-Subnet" + } +} + +resource "aws_internet_gateway" "igw" { + vpc_id = aws_vpc.lab_vpc.id + + tags = { + Name = "Lab-IGW" + } +} + diff --git a/AWS-Maor-Labs/105-lab/outputs.tf b/AWS-Maor-Labs/105-lab/outputs.tf new file mode 100644 index 000000000..b5bc75869 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/outputs.tf @@ -0,0 +1,12 @@ +# outputs.tf +output "ec2_instance_id" { + value = aws_instance.web_server.id +} + +output "ec2_public_ip" { + value = aws_instance.web_server.public_ip +} + +output "vpc_id" { + value = aws_vpc.lab_vpc.id +} \ No newline at end of file diff --git a/AWS-Maor-Labs/105-lab/provider.tf b/AWS-Maor-Labs/105-lab/provider.tf new file mode 100644 index 000000000..2a4e09908 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/provider.tf @@ -0,0 +1,4 @@ +# provider.tf +provider "aws" { + region = "us-east-1" +} \ No newline at end of file diff --git a/AWS-Maor-Labs/105-lab/routes.tf b/AWS-Maor-Labs/105-lab/routes.tf new file mode 100644 index 000000000..7f700fac0 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/routes.tf @@ -0,0 +1,14 @@ +resource "aws_route_table" "public_rt" { + vpc_id = aws_vpc.lab_vpc.id + + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.igw.id + } +} + +resource "aws_route_table_association" "public_assoc" { + subnet_id = aws_subnet.public_subnet.id + route_table_id = aws_route_table.public_rt.id +} + diff --git a/AWS-Maor-Labs/105-lab/security_groups.tf b/AWS-Maor-Labs/105-lab/security_groups.tf new file mode 100644 index 000000000..ec65e054b --- /dev/null +++ b/AWS-Maor-Labs/105-lab/security_groups.tf @@ -0,0 +1,27 @@ +resource "aws_security_group" "ec2_sg" { + vpc_id = aws_vpc.lab_vpc.id + name = "ec2-security-group" + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + + From ed5ff0c3f06bc62b4cd46d5f11362db860888d7d Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 17:24:44 +0000 Subject: [PATCH 20/22] 105 part 1 --- AWS-Maor-Labs/105-lab/ec2.tf | 9 +++-- AWS-Maor-Labs/105-lab/main.tf | 1 + AWS-Maor-Labs/105-lab/modules/ec2/main.tf | 6 +++ .../105-lab/modules/ec2/variables.tf | 3 ++ AWS-Maor-Labs/105-lab/modules/vpc/main.tf | 38 +++++++++++++++++++ AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf | 12 ++++++ .../105-lab/modules/vpc/variables.tf | 15 ++++++++ AWS-Maor-Labs/105-lab/outputs.tf | 2 +- AWS-Maor-Labs/105-lab/routes.tf | 2 +- AWS-Maor-Labs/105-lab/security_groups.tf | 3 +- 10 files changed, 83 insertions(+), 8 deletions(-) create mode 100644 AWS-Maor-Labs/105-lab/modules/ec2/main.tf create mode 100644 AWS-Maor-Labs/105-lab/modules/ec2/variables.tf create mode 100644 AWS-Maor-Labs/105-lab/modules/vpc/main.tf create mode 100644 AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf create mode 100644 AWS-Maor-Labs/105-lab/modules/vpc/variables.tf diff --git a/AWS-Maor-Labs/105-lab/ec2.tf b/AWS-Maor-Labs/105-lab/ec2.tf index 217efb876..a887e44b8 100644 --- a/AWS-Maor-Labs/105-lab/ec2.tf +++ b/AWS-Maor-Labs/105-lab/ec2.tf @@ -1,8 +1,9 @@ +# ec2.tf resource "aws_instance" "web_server" { - ami = "ami-0c02fb55956c7d316" - instance_type = "t2.micro" - subnet_id = aws_subnet.public_subnet.id - vpc_security_group_ids = [aws_security_group.ec2_sg.id] + ami = "ami-0c02fb55956c7d316" + instance_type = "t2.micro" + subnet_id = aws_subnet.public_subnet.id + vpc_security_group_ids = [aws_security_group.ec2_sg.id] associate_public_ip_address = true tags = { diff --git a/AWS-Maor-Labs/105-lab/main.tf b/AWS-Maor-Labs/105-lab/main.tf index feddc4c54..c3d92657b 100644 --- a/AWS-Maor-Labs/105-lab/main.tf +++ b/AWS-Maor-Labs/105-lab/main.tf @@ -37,3 +37,4 @@ resource "aws_internet_gateway" "igw" { } } + diff --git a/AWS-Maor-Labs/105-lab/modules/ec2/main.tf b/AWS-Maor-Labs/105-lab/modules/ec2/main.tf new file mode 100644 index 000000000..47f6b4d94 --- /dev/null +++ b/AWS-Maor-Labs/105-lab/modules/ec2/main.tf @@ -0,0 +1,6 @@ +resource "aws_instance" "instance" { + ami = var.ami + instance_type = var.instance_type + subnet_id = var.subnet_id +} + diff --git a/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf b/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf new file mode 100644 index 000000000..7de6068ef --- /dev/null +++ b/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf @@ -0,0 +1,3 @@ +variable "ami" {} +variable "instance_type" {} +variable "subnet_id" {} diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/main.tf b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf new file mode 100644 index 000000000..38aca62bd --- /dev/null +++ b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf @@ -0,0 +1,38 @@ +resource "aws_vpc" "lab_vpc" { + cidr_block = var.cidr_block + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = var.name + } +} + +resource "aws_internet_gateway" "igw" { + vpc_id = aws_vpc.lab_vpc.id + + tags = { + Name = "${var.name}-igw" + } +} + +resource "aws_subnet" "public_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.1.0/24" + availability_zone = var.az1 + map_public_ip_on_launch = true + + tags = { + Name = "${var.name}-public" + } +} + +resource "aws_subnet" "private_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.2.0/24" + availability_zone = var.az2 + + tags = { + Name = "${var.name}-private" + } +} \ No newline at end of file diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf b/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf new file mode 100644 index 000000000..b5607d1eb --- /dev/null +++ b/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf @@ -0,0 +1,12 @@ +# outputs.tf +output "ec2_instance_id" { + value = aws_instance.web_server.id +} + +output "ec2_public_ip" { + value = aws_instance.web_server.public_ip +} + +output "vpc_id" { + value = aws_vpc.lab_vpc.id +} diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf new file mode 100644 index 000000000..f00f17b3f --- /dev/null +++ b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf @@ -0,0 +1,15 @@ +variable "cidr_block" { + type = string +} + +variable "name" { + type = string +} + +variable "az1" { + type = string +} + +variable "az2" { + type = string +} diff --git a/AWS-Maor-Labs/105-lab/outputs.tf b/AWS-Maor-Labs/105-lab/outputs.tf index b5bc75869..b5607d1eb 100644 --- a/AWS-Maor-Labs/105-lab/outputs.tf +++ b/AWS-Maor-Labs/105-lab/outputs.tf @@ -9,4 +9,4 @@ output "ec2_public_ip" { output "vpc_id" { value = aws_vpc.lab_vpc.id -} \ No newline at end of file +} diff --git a/AWS-Maor-Labs/105-lab/routes.tf b/AWS-Maor-Labs/105-lab/routes.tf index 7f700fac0..cb1821f27 100644 --- a/AWS-Maor-Labs/105-lab/routes.tf +++ b/AWS-Maor-Labs/105-lab/routes.tf @@ -1,3 +1,4 @@ +# routes.tf resource "aws_route_table" "public_rt" { vpc_id = aws_vpc.lab_vpc.id @@ -11,4 +12,3 @@ resource "aws_route_table_association" "public_assoc" { subnet_id = aws_subnet.public_subnet.id route_table_id = aws_route_table.public_rt.id } - diff --git a/AWS-Maor-Labs/105-lab/security_groups.tf b/AWS-Maor-Labs/105-lab/security_groups.tf index ec65e054b..5fa8a0a06 100644 --- a/AWS-Maor-Labs/105-lab/security_groups.tf +++ b/AWS-Maor-Labs/105-lab/security_groups.tf @@ -1,3 +1,4 @@ +# security_groups.tf resource "aws_security_group" "ec2_sg" { vpc_id = aws_vpc.lab_vpc.id name = "ec2-security-group" @@ -23,5 +24,3 @@ resource "aws_security_group" "ec2_sg" { cidr_blocks = ["0.0.0.0/0"] } } - - From d50cc4322e975f5af7210844e949c31a64e2dce1 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 17:49:27 +0000 Subject: [PATCH 21/22] 105 part 2 --- AWS-Maor-Labs/105-lab/ec2.tf | 3 +- AWS-Maor-Labs/105-lab/main.tf | 86 +++++++++++-------- AWS-Maor-Labs/105-lab/modules/ec2/main.tf | 8 ++ .../105-lab/modules/ec2/variables.tf | 5 ++ AWS-Maor-Labs/105-lab/modules/vpc/main.tf | 72 +++++++++------- AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf | 29 +++++-- .../105-lab/modules/vpc/variables.tf | 28 +++--- AWS-Maor-Labs/105-lab/outputs.tf | 3 +- AWS-Maor-Labs/105-lab/routes.tf | 7 +- AWS-Maor-Labs/105-lab/security_groups.tf | 5 +- 10 files changed, 152 insertions(+), 94 deletions(-) diff --git a/AWS-Maor-Labs/105-lab/ec2.tf b/AWS-Maor-Labs/105-lab/ec2.tf index a887e44b8..ba80f0793 100644 --- a/AWS-Maor-Labs/105-lab/ec2.tf +++ b/AWS-Maor-Labs/105-lab/ec2.tf @@ -2,7 +2,8 @@ resource "aws_instance" "web_server" { ami = "ami-0c02fb55956c7d316" instance_type = "t2.micro" - subnet_id = aws_subnet.public_subnet.id + subnet_id = module.vpc.public_subnet_id + # subnet_id = aws_subnet.public_subnet.id vpc_security_group_ids = [aws_security_group.ec2_sg.id] associate_public_ip_address = true diff --git a/AWS-Maor-Labs/105-lab/main.tf b/AWS-Maor-Labs/105-lab/main.tf index c3d92657b..88224aea8 100644 --- a/AWS-Maor-Labs/105-lab/main.tf +++ b/AWS-Maor-Labs/105-lab/main.tf @@ -1,40 +1,52 @@ -resource "aws_vpc" "lab_vpc" { - cidr_block = "10.0.0.0/16" - enable_dns_support = true - enable_dns_hostnames = true - - tags = { - Name = "Lab-VPC" - } +# resource "aws_vpc" "lab_vpc" { +# cidr_block = "10.0.0.0/16" +# enable_dns_support = true +# enable_dns_hostnames = true + +# tags = { +# Name = "Lab-VPC" +# } +# } + +# resource "aws_subnet" "public_subnet" { +# vpc_id = aws_vpc.lab_vpc.id +# cidr_block = "10.0.1.0/24" +# map_public_ip_on_launch = true +# availability_zone = "us-east-1a" + +# tags = { +# Name = "Public-Subnet" +# } +# } + +# resource "aws_subnet" "private_subnet" { +# vpc_id = aws_vpc.lab_vpc.id +# cidr_block = "10.0.2.0/24" +# availability_zone = "us-east-1a" + +# tags = { +# Name = "Private-Subnet" +# } +# } + +# resource "aws_internet_gateway" "igw" { +# vpc_id = aws_vpc.lab_vpc.id + +# tags = { +# Name = "Lab-IGW" +# } +# } + + +module "vpc" { + source = "./modules/vpc" + vpc_cidr = "10.0.0.0/16" + public_subnet_cidr = "10.0.1.0/24" } -resource "aws_subnet" "public_subnet" { - vpc_id = aws_vpc.lab_vpc.id - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = true - availability_zone = "us-east-1a" - - tags = { - Name = "Public-Subnet" - } +module "ec2" { + source = "./modules/ec2" + ami = "ami-055e3d4f0bbeb5878" + instance_type = "t2.micro" + subnet_id = module.vpc.public_subnet_id } - -resource "aws_subnet" "private_subnet" { - vpc_id = aws_vpc.lab_vpc.id - cidr_block = "10.0.2.0/24" - availability_zone = "us-east-1a" - - tags = { - Name = "Private-Subnet" - } -} - -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.lab_vpc.id - - tags = { - Name = "Lab-IGW" - } -} - - diff --git a/AWS-Maor-Labs/105-lab/modules/ec2/main.tf b/AWS-Maor-Labs/105-lab/modules/ec2/main.tf index 47f6b4d94..894dd27a7 100644 --- a/AWS-Maor-Labs/105-lab/modules/ec2/main.tf +++ b/AWS-Maor-Labs/105-lab/modules/ec2/main.tf @@ -1,3 +1,11 @@ +# resource "aws_instance" "instance" { +# ami = var.ami +# instance_type = var.instance_type +# subnet_id = var.subnet_id +# } + + + resource "aws_instance" "instance" { ami = var.ami instance_type = var.instance_type diff --git a/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf b/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf index 7de6068ef..65a023fa8 100644 --- a/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf +++ b/AWS-Maor-Labs/105-lab/modules/ec2/variables.tf @@ -1,3 +1,8 @@ +# variable "ami" {} +# variable "instance_type" {} +# variable "subnet_id" {} + + variable "ami" {} variable "instance_type" {} variable "subnet_id" {} diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/main.tf b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf index 38aca62bd..a4b33fdfe 100644 --- a/AWS-Maor-Labs/105-lab/modules/vpc/main.tf +++ b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf @@ -1,38 +1,48 @@ -resource "aws_vpc" "lab_vpc" { - cidr_block = var.cidr_block - enable_dns_support = true - enable_dns_hostnames = true - - tags = { - Name = var.name - } -} +# resource "aws_vpc" "lab_vpc" { +# cidr_block = var.cidr_block +# enable_dns_support = true +# enable_dns_hostnames = true -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.lab_vpc.id +# tags = { +# Name = var.name +# } +# } - tags = { - Name = "${var.name}-igw" - } -} +# resource "aws_internet_gateway" "igw" { +# vpc_id = aws_vpc.lab_vpc.id -resource "aws_subnet" "public_subnet" { - vpc_id = aws_vpc.lab_vpc.id - cidr_block = "10.0.1.0/24" - availability_zone = var.az1 - map_public_ip_on_launch = true +# tags = { +# Name = "${var.name}-igw" +# } +# } - tags = { - Name = "${var.name}-public" - } -} +# resource "aws_subnet" "public_subnet" { +# vpc_id = aws_vpc.lab_vpc.id +# cidr_block = "10.0.1.0/24" +# availability_zone = var.az1 +# map_public_ip_on_launch = true + +# tags = { +# Name = "${var.name}-public" +# } +# } -resource "aws_subnet" "private_subnet" { - vpc_id = aws_vpc.lab_vpc.id - cidr_block = "10.0.2.0/24" - availability_zone = var.az2 +# resource "aws_subnet" "private_subnet" { +# vpc_id = aws_vpc.lab_vpc.id +# cidr_block = "10.0.2.0/24" +# availability_zone = var.az2 + +# tags = { +# Name = "${var.name}-private" +# } +# } + + +resource "aws_vpc" "main" { + cidr_block = var.vpc_cidr +} - tags = { - Name = "${var.name}-private" - } +resource "aws_subnet" "public" { + vpc_id = aws_vpc.main.id + cidr_block = var.public_subnet_cidr } \ No newline at end of file diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf b/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf index b5607d1eb..03d19b3e9 100644 --- a/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf +++ b/AWS-Maor-Labs/105-lab/modules/vpc/outputs.tf @@ -1,12 +1,27 @@ -# outputs.tf -output "ec2_instance_id" { - value = aws_instance.web_server.id +# # outputs.tf +# output "ec2_instance_id" { +# value = aws_instance.web_server.id +# } + +# output "ec2_public_ip" { +# value = aws_instance.web_server.public_ip +# } + +# output "vpc_id" { +# value = aws_vpc.lab_vpc.id +# } + + +output "vpc_id" { + value = aws_vpc.main.id } -output "ec2_public_ip" { - value = aws_instance.web_server.public_ip + +output "public_subnet_id" { + value = aws_internet_gateway.igw.id } -output "vpc_id" { - value = aws_vpc.lab_vpc.id +output "igw_id" { + value = aws_internet_gateway.igw.id } + diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf index f00f17b3f..38d1c5121 100644 --- a/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf +++ b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf @@ -1,15 +1,19 @@ -variable "cidr_block" { - type = string -} +# variable "cidr_block" { +# type = string +# } -variable "name" { - type = string -} +# variable "name" { +# type = string +# } -variable "az1" { - type = string -} +# variable "az1" { +# type = string +# } -variable "az2" { - type = string -} +# variable "az2" { +# type = string +# } + + +variable "vpc_cidr" {} +variable "public_subnet_cidr" {} \ No newline at end of file diff --git a/AWS-Maor-Labs/105-lab/outputs.tf b/AWS-Maor-Labs/105-lab/outputs.tf index b5607d1eb..6ad046fa1 100644 --- a/AWS-Maor-Labs/105-lab/outputs.tf +++ b/AWS-Maor-Labs/105-lab/outputs.tf @@ -8,5 +8,6 @@ output "ec2_public_ip" { } output "vpc_id" { - value = aws_vpc.lab_vpc.id + value = module.vpc.public_subnet_id + # value = aws_vpc.lab_vpc.id } diff --git a/AWS-Maor-Labs/105-lab/routes.tf b/AWS-Maor-Labs/105-lab/routes.tf index cb1821f27..5e7bbb29c 100644 --- a/AWS-Maor-Labs/105-lab/routes.tf +++ b/AWS-Maor-Labs/105-lab/routes.tf @@ -1,14 +1,15 @@ # routes.tf resource "aws_route_table" "public_rt" { - vpc_id = aws_vpc.lab_vpc.id + vpc_id = module.vpc.vpc_id + # vpc_id = aws_vpc.lab_vpc.id route { cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.igw.id + gateway_id = module.vpc.igw_id } } resource "aws_route_table_association" "public_assoc" { - subnet_id = aws_subnet.public_subnet.id + subnet_id = module.vpc.public_subnet.id route_table_id = aws_route_table.public_rt.id } diff --git a/AWS-Maor-Labs/105-lab/security_groups.tf b/AWS-Maor-Labs/105-lab/security_groups.tf index 5fa8a0a06..ee2408af6 100644 --- a/AWS-Maor-Labs/105-lab/security_groups.tf +++ b/AWS-Maor-Labs/105-lab/security_groups.tf @@ -1,6 +1,5 @@ -# security_groups.tf resource "aws_security_group" "ec2_sg" { - vpc_id = aws_vpc.lab_vpc.id + vpc_id = module.vpc.vpc_id name = "ec2-security-group" ingress { @@ -24,3 +23,5 @@ resource "aws_security_group" "ec2_sg" { cidr_blocks = ["0.0.0.0/0"] } } + + From 28ce11f70cb875e5c1b57c75eb5d799c391d1910 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sun, 20 Jul 2025 18:01:47 +0000 Subject: [PATCH 22/22] 105 part 2 --- AWS-Maor-Labs/105-lab/modules/vpc/main.tf | 76 +++++++++---------- .../105-lab/modules/vpc/variables.tf | 24 +++--- AWS-Maor-Labs/105-lab/routes.tf | 2 +- 3 files changed, 51 insertions(+), 51 deletions(-) diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/main.tf b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf index a4b33fdfe..c7b93d858 100644 --- a/AWS-Maor-Labs/105-lab/modules/vpc/main.tf +++ b/AWS-Maor-Labs/105-lab/modules/vpc/main.tf @@ -1,41 +1,41 @@ -# resource "aws_vpc" "lab_vpc" { -# cidr_block = var.cidr_block -# enable_dns_support = true -# enable_dns_hostnames = true - -# tags = { -# Name = var.name -# } -# } - -# resource "aws_internet_gateway" "igw" { -# vpc_id = aws_vpc.lab_vpc.id - -# tags = { -# Name = "${var.name}-igw" -# } -# } - -# resource "aws_subnet" "public_subnet" { -# vpc_id = aws_vpc.lab_vpc.id -# cidr_block = "10.0.1.0/24" -# availability_zone = var.az1 -# map_public_ip_on_launch = true - -# tags = { -# Name = "${var.name}-public" -# } -# } - -# resource "aws_subnet" "private_subnet" { -# vpc_id = aws_vpc.lab_vpc.id -# cidr_block = "10.0.2.0/24" -# availability_zone = var.az2 - -# tags = { -# Name = "${var.name}-private" -# } -# } +resource "aws_vpc" "lab_vpc" { + cidr_block = var.cidr_block + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = var.name + } +} + +resource "aws_internet_gateway" "igw" { + vpc_id = aws_vpc.lab_vpc.id + + tags = { + Name = "${var.name}-igw" + } +} + +resource "aws_subnet" "public_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.1.0/24" + availability_zone = var.az1 + map_public_ip_on_launch = true + + tags = { + Name = "${var.name}-public" + } +} + +resource "aws_subnet" "private_subnet" { + vpc_id = aws_vpc.lab_vpc.id + cidr_block = "10.0.2.0/24" + availability_zone = var.az2 + + tags = { + Name = "${var.name}-private" + } +} resource "aws_vpc" "main" { diff --git a/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf index 38d1c5121..2abf8b124 100644 --- a/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf +++ b/AWS-Maor-Labs/105-lab/modules/vpc/variables.tf @@ -1,18 +1,18 @@ -# variable "cidr_block" { -# type = string -# } +variable "cidr_block" { + type = string +} -# variable "name" { -# type = string -# } +variable "name" { + type = string +} -# variable "az1" { -# type = string -# } +variable "az1" { + type = string +} -# variable "az2" { -# type = string -# } +variable "az2" { + type = string +} variable "vpc_cidr" {} diff --git a/AWS-Maor-Labs/105-lab/routes.tf b/AWS-Maor-Labs/105-lab/routes.tf index 5e7bbb29c..7d2905410 100644 --- a/AWS-Maor-Labs/105-lab/routes.tf +++ b/AWS-Maor-Labs/105-lab/routes.tf @@ -5,7 +5,7 @@ resource "aws_route_table" "public_rt" { route { cidr_block = "0.0.0.0/0" - gateway_id = module.vpc.igw_id + gateway_id = module.vpc.vpc_cidr } }