resource "aws_vpc" "default" { cidr_block = "10.0.0.0/16" enable_dns_hostnames = true tags { Name = "tf_test" } } resource "aws_subnet" "tf_test_subnet" { vpc_id = "${aws_vpc.default.id}" cidr_block = "10.0.0.0/24" map_public_ip_on_launch = true tags { Name = "tf_test_subnet" } } resource "aws_internet_gateway" "gw" { vpc_id = "${aws_vpc.default.id}" tags { Name = "tf_test_ig" } } resource "aws_route_table" "r" { vpc_id = "${aws_vpc.default.id}" route { cidr_block = "0.0.0.0/0" gateway_id = "${aws_internet_gateway.gw.id}" } tags { Name = "aws_route_table" } } resource "aws_route_table_association" "a" { subnet_id = "${aws_subnet.tf_test_subnet.id}" route_table_id = "${aws_route_table.r.id}" } # Our default security group to access # the instances over SSH and HTTP resource "aws_security_group" "default" { name = "ec2_sg" description = "Used in the terraform" vpc_id = "${aws_vpc.default.id}" # SSH access from anywhere ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } # HTTP access from elb_security_group only ingress { from_port = 80 to_port = 80 protocol = "tcp" security_groups = ["${aws_security_group.elb.id}"] } # outbound internet access egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } } # Our elb security group to access # the ELB over HTTP resource "aws_security_group" "elb" { name = "hello_elb_sg" description = "Used in the terraform" vpc_id = "${aws_vpc.default.id}" # HTTP access from anywhere ingress { from_port = 80 to_port = 80 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } # outbound internet access egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } # ensure the VPC has an Internet gateway or this step will fail depends_on = ["aws_internet_gateway.gw"] }