■ はじめに
今回は、Terraform で AWS VPC を作成することについて まとめておく。
目次
【1】VPC 【2】Subnet 【3】Security Group
【1】VPC
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc
主な項目
Items | Explanations | Example |
---|---|---|
cidr_block | IPv4 CIDR Block | 172.20.0.0/16 |
assign_generated_ipv6_cidr_block | IPv6 CIDR Block | |
instance_tenancy | テナンシー | default(共有) or dedicated(ハードウェア専有インスタンス) |
enable_dns_support | DNS解決 | true/false |
enable_dns_hostnames | DNSホスト名 |
resource "aws_vpc" "demo_vpc" { cidr_block = "10.0.0.0/16" instance_tenancy = "default" enable_dns_support = true enable_dns_hostnames = true assign_generated_ipv6_cidr_block = false tags = merge(local.common_tags, {"Name" = "demo-vpc" }) }
【2】Subnet
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet
resource "aws_subnet" "demo_subnet" { vpc_id = aws_vpc.demo_vpc.id cidr_block = "10.0.1.0/24" tags = { Name = "demo_subnet" } }
【3】Security Group
* セキュリティグループ
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_egress_rule
resource "aws_security_group" "demo_sg" { name = "demo-sg" description = "This is a sample for security group" vpc_id = aws_vpc.demo_vpc.id tags = { Name = "demo-sg" } } # インバウンドルール (IPv4) resource "aws_vpc_security_group_ingress_rule" "demo_sg_ingress_rule" { security_group_id = aws_security_group.demo_sg.id cidr_ipv4 = aws_vpc.demo_vpc.cidr_block type = "ingress" from_port = 443 to_port = 443 ip_protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } # アウトバウンドルール (IPv4) resource "aws_vpc_security_group_egress_rule" "demo_sg_ingress_rule" { security_group_id = aws_security_group.demo_sg.id cidr_ipv4 = "0.0.0.0/0" type = "egress" from_port = 0 to_port = 0 ip_protocol = "-1" # semantically equivalent to all ports }
関連記事
Terraform ~ 環境構築編 ~
https://dk521123.hatenablog.com/entry/2023/04/05/000224
Terraform ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2024/05/29/201119
Terraform ~ 基本編 ~
https://dk521123.hatenablog.com/entry/2023/05/03/000000
Terraform ~ AWS EC2 ~
https://dk521123.hatenablog.com/entry/2023/05/21/003048
Amazon VPC ~ 基礎知識編 ~
https://dk521123.hatenablog.com/entry/2019/12/08/105415
Amazon VPC ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2021/01/24/000000