Skip to content

Latest commit

 

History

History

Infrastructure-only

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
network.tf
network.tf
 
 
outputs.tf
outputs.tf
 
 
terraform.tfvars.example
terraform.tfvars.example
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

Deploying Infrastructure-Only in AWS

Contents

Introduction

This solution uses a Terraform template to launch a new networking stack. It will create one VPC with three subnets: mgmt, external, internal. Use this Terraform template to create your AWS VPC infrastructure, and then head back to the BIG-IP AWS Terraform folder to get started!

Prerequisites

  • This template requires programmatic API credentials to deploy the Terraform AWS provider and build out all the neccessary AWS objects

Important Configuration Notes

  • Variables are configured in variables.tf
  • Sensitive variables like AWS SSH keys are configured in terraform.tfvars
  • Files
    • main.tf - resources for provider, versions
    • network.tf - resources for VPC, subnets, route tables, internet gateway, security groups

Installation Example

To run this Terraform template, perform the following steps:

  1. Clone the repo to your favorite location
  2. Update AWS credentials
    export AWS_ACCESS_KEY_ID=<your-access-keyId>
    export AWS_SECRET_ACCESS_KEY=<your-secret-key>
  1. Modify terraform.tfvars with the required information
    projectPrefix = "myDemo"
    resourceOwner = "myName"
    awsRegion     = "us-west-2"
    awsAz1        = "us-west-2a"
    awsAz2        = "us-west-2b"
  1. Initialize the directory
    terraform init
  1. Test the plan and validate errors
    terraform plan
  1. Finally, apply and deploy
    terraform apply
  1. When done with everything, don't forget to clean up!
    terraform destroy

Requirements

Name Version
terraform >= 1.2.0
aws >= 4.59.0

Providers

Name Version
aws 4.59.0
random 3.4.3

Modules

Name Source Version
vpc terraform-aws-modules/vpc/aws ~> 3.0

Resources

Name Type
aws_route_table_association.mgmtAz1 resource
aws_route_table_association.mgmtAz2 resource
aws_security_group.external resource
aws_security_group.internal resource
aws_security_group.mgmt resource
aws_subnet.mgmtAz1 resource
aws_subnet.mgmtAz2 resource
random_id.buildSuffix resource
aws_availability_zones.available data source

Inputs

Name Description Type Default Required
adminSrcAddr Allowed Admin source IP prefix string "0.0.0.0/0" no
awsAz1 Availability zone, will dynamically choose one if left empty string "us-west-2a" no
awsAz2 Availability zone, will dynamically choose one if left empty string "us-west-2b" no
awsRegion aws region string "us-west-2" no
ext_address_prefixes External subnet address prefixes list(any) 
[
  "10.1.10.0/24",
  "10.1.110.0/24"
]
 no
int_address_prefixes Internal subnet address prefixes list(any) 
[
  "10.1.20.0/24",
  "10.1.120.0/24"
]
 no
mgmt_address_prefixes Management subnet address prefixes list(any) 
[
  "10.1.1.0/24",
  "10.1.100.0/24"
]
 no
projectPrefix This value is inserted at the beginning of each AWS object (alpha-numeric, no special character) string "demo" no
resourceOwner This is a tag used for object creation. Example is last name. string null no
vpc_cidr CIDR IP Address range of the VPC string "10.1.0.0/16" no

Outputs

Name Description
extNsg ID of External security group
extSubnetAz1 ID of External subnet AZ1
extSubnetAz2 ID of External subnet AZ2
intNsg ID of Internal security group
intSubnetAz1 ID of Internal subnet AZ1
intSubnetAz2 ID of Internal subnet AZ2
mgmtNsg ID of Management security group
mgmtSubnetAz1 ID of Management subnet AZ1
mgmtSubnetAz2 ID of Management subnet AZ2
vpcId VPC ID