resource "aws_route_table" "rt-datasaker-iac" { tags = { "Name" = "rt-datasaker-iac" } vpc_id = aws_vpc.vpc-datasaker.id } resource "aws_route" "route-private-rt-datasaker-iac-0-0-0-0--0" { destination_cidr_block = "0.0.0.0/0" nat_gateway_id = aws_nat_gateway.natgw-datasaker.id route_table_id = aws_route_table.rt-datasaker-iac.id } resource "aws_subnet" "sbn-iac-a" { availability_zone = "ap-northeast-2a" cidr_block = "172.21.4.0/24" enable_resource_name_dns_a_record_on_launch = true private_dns_hostname_type_on_launch = "resource-name" tags = { "Name" = "sbn-iac-a.datasaker" "SubnetType" = "Private" "kubernetes.io/cluster/datasaker" = "owned" "kubernetes.io/role/elb" = "1" "kubernetes.io/role/internal-elb" = "1" } vpc_id = aws_vpc.vpc-datasaker.id } resource "aws_subnet" "sbn-iac-b" { availability_zone = "ap-northeast-2b" cidr_block = "172.21.5.0/24" enable_resource_name_dns_a_record_on_launch = true private_dns_hostname_type_on_launch = "resource-name" tags = { "Name" = "sbn-iac-b.datasaker" "SubnetType" = "Private" "kubernetes.io/cluster/datasaker" = "owned" "kubernetes.io/role/elb" = "1" "kubernetes.io/role/internal-elb" = "1" } vpc_id = aws_vpc.vpc-datasaker.id } resource "aws_subnet" "sbn-iac-c" { availability_zone = "ap-northeast-2c" cidr_block = "172.21.6.0/24" enable_resource_name_dns_a_record_on_launch = true private_dns_hostname_type_on_launch = "resource-name" tags = { "Name" = "sbn-iac-c.datasaker" "SubnetType" = "Private" "kubernetes.io/cluster/datasaker" = "owned" "kubernetes.io/role/elb" = "1" "kubernetes.io/role/internal-elb" = "1" } vpc_id = aws_vpc.vpc-datasaker.id } resource "aws_route_table_association" "rta-iac-a" { route_table_id = aws_route_table.rt-datasaker-iac.id subnet_id = aws_subnet.sbn-iac-a.id } resource "aws_route_table_association" "rta-iac-b" { route_table_id = aws_route_table.rt-datasaker-iac.id subnet_id = aws_subnet.sbn-iac-b.id } resource "aws_route_table_association" "rta-iac-c" { route_table_id = aws_route_table.rt-datasaker-iac.id subnet_id = aws_subnet.sbn-iac-c.id } resource "aws_security_group" "sg-iac-datasaker" { description = "Security group iac-datasaker" name = "secg-iac-datasaker" tags = { "Name" = "sg-iac-datasaker" } vpc_id = aws_vpc.vpc-datasaker.id } resource "aws_security_group_rule" "sgr-from-0-0-0-0--0-ingress-tcp-22to22-iac-datasaker-io" { cidr_blocks = ["0.0.0.0/0"] from_port = 22 protocol = "tcp" security_group_id = aws_security_group.sg-iac-datasaker.id to_port = 22 type = "ingress" } resource "aws_security_group_rule" "sgr-from-0-0-0-0--0-ingress-icmp-iac-datasaker-io" { cidr_blocks = ["0.0.0.0/0"] from_port = 8 protocol = "icmp" security_group_id = aws_security_group.sg-iac-datasaker.id to_port = 0 type = "ingress" } resource "aws_security_group_rule" "sgr-to-0-0-0-0--0-egress-icmp-iac-datasaker-io" { cidr_blocks = ["0.0.0.0/0"] from_port = 8 protocol = "icmp" security_group_id = aws_security_group.sg-iac-datasaker.id to_port = 8 type = "egress" } resource "aws_security_group_rule" "sgr-from-0-0-0-0--0-engress-tcp-all-iac-datasaker-io" { cidr_blocks = ["0.0.0.0/0"] from_port = 0 protocol = "tcp" security_group_id = aws_security_group.sg-iac-datasaker.id to_port = 65535 type = "egress" }