WOrking terraform

8ce2ccd0 · Kenneth · 81b23d04 · 8ce2ccd0 · 8ce2ccd0 · 8ce2ccd0
Commit 8ce2ccd0 authored 3 months ago by Kenneth
--- a/terraform_VPC/Kenneth_Hugo.tfplan
+++ b/terraform_VPC/Kenneth_Hugo.tfplan
--- a/terraform_VPC/main.tf
+++ b/terraform_VPC/main.tf
@@ -107,27 +107,7 @@ resource "aws_security_group_rule" "ssh_api_from_bastion" {
 ####################################
 # Subnets (A et B) - 2 AZ différentes
 ####################################
-resource "aws_subnet" "private_subnet_a" {
-  vpc_id                  = data.aws_vpc.this.id
-  cidr_block             = "10.0.35.0/24"  # 1er bloc
-  availability_zone      = data.aws_availability_zones.available.names[0]
-  map_public_ip_on_launch = false
-  tags = {
-    Name = upper("${var.identifiant}_${terraform.workspace}_PRIVATE_SUBNET_A")
-  }
-}
-resource "aws_subnet" "private_subnet_b" {
-  vpc_id                  = data.aws_vpc.this.id
-  cidr_block             = "10.0.36.0/24"  # 2e bloc
-  availability_zone      = data.aws_availability_zones.available.names[1]
-  map_public_ip_on_launch = true
-  tags = {
-    Name = upper("${var.identifiant}_${terraform.workspace}_PRIVATE_SUBNET_B")
-  }
-}
 ####################################
 # Security Groups
@@ -175,14 +155,33 @@ resource "aws_security_group" "sg_api" {
    # ON autorise la connexion vers le RDS 
  egress {
    description = "Allow traffic to RDS (5432)"
-    from_port   = 5432
+    from_port   = 5432 # 0
-    to_port     = 5432
+    to_port     = 5432 #0
-    protocol    = "tcp"
+    protocol    = "tcp" #-1
+    cidr_blocks = [data.aws_subnet.private-a.cidr_block]
+    /*data.aws.subnet.private_subnet_a.cidr_blocks*/
+  }
+  egress {
+    description = "Allow traffic to RDS (5432)"
+    from_port   = 80 # 0
+    to_port     = 80 #0
+    protocol    = "tcp" #-1
+    cidr_blocks = ["0.0.0.0/0"]
+    /*data.aws.subnet.private_subnet_a.cidr_blocks*/
+  }
+  egress {
+    description = "Allow traffic to RDS (5432)"
+    from_port   = 443 # 0
+    to_port     = 443 #0
+    protocol    = "tcp" #-1
    cidr_blocks = ["0.0.0.0/0"]
    /*data.aws.subnet.private_subnet_a.cidr_blocks*/
  }
  tags = {
    Name = upper("${var.identifiant}_${terraform.workspace}_SG_API")
  }
@@ -246,7 +245,7 @@ resource "aws_instance" "client" {
  key_name               = aws_key_pair.ec2.id
  # On la met, par exemple, dans le subnet A
-  subnet_id              = aws_subnet.private_subnet_a.id
+  subnet_id              = data.aws_subnet.private-a.id
  vpc_security_group_ids = [aws_security_group.sg_client.id]
  tags = {
@@ -261,7 +260,7 @@ resource "aws_instance" "api" {
    key_name               = aws_key_pair.ec2.id
  # On peut la mettre aussi dans le subnet A (ou B, au choix)
-  subnet_id              = aws_subnet.private_subnet_a.id
+  subnet_id              = data.aws_subnet.private-a.id
  vpc_security_group_ids = [aws_security_group.sg_api.id]
  tags = {
@@ -277,8 +276,8 @@ resource "aws_db_subnet_group" "this" {
  name       = lower("${var.identifiant}_${terraform.workspace}_rds_subnet_group")
  # RDS exige au moins 2 subnets dans 2 AZ différentes
  subnet_ids = [
-    aws_subnet.private_subnet_a.id,
+    data.aws_subnet.private-a.id,
-    aws_subnet.private_subnet_b.id
+    data.aws_subnet.private-b.id
  ]
  tags = {

--- a/terraform_VPC/terraform.tfstate.d/DEV/terraform.tfstate
+++ b/terraform_VPC/terraform.tfstate.d/DEV/terraform.tfstate
--- a/terraform_VPC/terraform.tfstate.d/DEV/terraform.tfstate.backup
+++ b/terraform_VPC/terraform.tfstate.d/DEV/terraform.tfstate.backup