-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmain.tf
156 lines (117 loc) · 5.64 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# ---------------------------------------------------------------------------------------------------------------------
# DEPLOY AN IMPUTATION SERVER, A LOAD BALANCER, AND VPC IN AWS
# This is an example of how to use the imputation-server and imputation-lb modules to deploy an imputation server
# instance in AWS with an Application Load Balancer in front of it in a new VPC.
#
# !! WARNING !! This is only an example and should not be used for a production instance. Further hardening such as TLS,
# security settings, private subnets, custom public key pairs, and management infrastructure should be in place with this
# deployment.
# ---------------------------------------------------------------------------------------------------------------------
data "aws_region" "current" {}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE VPC
# ----------------------------------------------------------------------------------------------------------------------
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.5.3"
name = "imputation-example-vpc"
cidr = "10.120.0.0/16"
azs = ["${data.aws_region.current.name}a", "${data.aws_region.current.name}b"]
public_subnets = ["10.120.48.0/20", "10.120.64.0/20"]
enable_dns_hostnames = true
enable_dns_support = true
tags = {
Terraform = "true"
Project = "imputation-example"
}
}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE SECURITY GROUPS
# ----------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "lb_sg" {
name = "imputation-example-lb-sg"
description = "Security group for the front end Application Load Balancer"
vpc_id = module.vpc.vpc_id
tags = { Name = "imputation-example-lb" }
}
resource "aws_security_group" "emr_sg" {
name = "imputation-example-emr-sg"
description = "Security group for the Elastic Map Reduce master node"
vpc_id = module.vpc.vpc_id
revoke_rules_on_delete = true
tags = { Name = "imputation-example-emr" }
}
resource "aws_security_group" "emr_slave_sg" {
name = "imputation-example-emr-slave-sg"
description = "Security group for the Elastic Map Reduce master node"
vpc_id = module.vpc.vpc_id
revoke_rules_on_delete = true
tags = { Name = "imputation-example-emr-slave" }
}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE SECURITY GROUP RULES
# ----------------------------------------------------------------------------------------------------------------------
module "imputation-security-group-rules" {
source = "./modules/imputation-security-group-rules"
emr_security_group_id = aws_security_group.emr_sg.id
emr_slave_security_group_id = aws_security_group.emr_slave_sg.id
lb_security_group_id = aws_security_group.lb_sg.id
}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE IMPUTATION SERVER IAM ROLES
# ----------------------------------------------------------------------------------------------------------------------
module "imputation-iam" {
source = "./modules/imputation-iam"
name_prefix = "imputation-example"
tags = {
Terraform = "true"
Project = "imputation-example"
}
}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE IMPUTATION SERVER EMR CLUSTER
# ----------------------------------------------------------------------------------------------------------------------
locals {
ec2_subnet = element(module.vpc.public_subnets, 0)
}
module "imputation-server" {
source = "./modules/imputation-server"
name_prefix = "imputation-example"
vpc_id = module.vpc.vpc_id
ec2_subnet = local.ec2_subnet
ec2_role_arn = module.imputation-iam.ec2_role_arn
emr_role_name = module.imputation-iam.emr_role_name
emr_role_arn = module.imputation-iam.emr_role_arn
ec2_instance_profile_name = module.imputation-iam.ec2_instance_profile_name
ec2_autoscaling_role_name = module.imputation-iam.ec2_autoscaling_role_name
emr_managed_master_security_group = aws_security_group.emr_sg.id
emr_managed_slave_security_group = aws_security_group.emr_slave_sg.id
public_key = var.public_key
bootstrap_action = [{
name = "imputation-example-bootstrap"
path = var.bootstrap_script_path
args = var.bootstrap_script_args
}]
tags = {
Terraform = "true"
Project = "imputation-example"
}
}
# ----------------------------------------------------------------------------------------------------------------------
# CREATE EXAMPLE IMPUTATION LOAD BALANCER
# ----------------------------------------------------------------------------------------------------------------------
module "imputation-lb" {
source = "./modules/imputation-lb"
name_prefix = "imputation-example"
vpc_id = module.vpc.vpc_id
lb_security_group = aws_security_group.lb_sg.id
lb_subnets = module.vpc.public_subnets
master_node_id = module.imputation-server.master_node_id
# HTTPS should be used in production environment
# For this example we do not have a valid TLS cert created so we choose false
enable_https = false
tags = {
Terraform = "true"
Project = "imputation-example"
}
}