dick/but3-iac-dick
1
0
Fork 0
forked from pierront/but3-iac
Code Pull Requests Activity

modif main

Browse Source
This commit is contained in:
Adrien DICK
2025-12-03 16:53:20 +01:00
parent 1e6d1192c3
commit bb380bb780
1 changed files with 37 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
terraform/modules/network/main.tf
View File

@@ -3,84 +3,79 @@ resource "google_compute_network" "vpc" {
auto_create_subnetworks = false auto_create_subnetworks = false
} }
# Sous-réseau resource "google_compute_subnetwork" "frontend_network" {
resource "google_compute_subnetwork" "frontend" { name = "${var.project_name}-frontend-subnet"
name = "mon-frontend"
network = google_compute_network.vpc.id network = google_compute_network.vpc.id
ip_cidr_range = "10.0.1.0/24" ip_cidr_range = var.frontend_cidr
region = var.region region = var.region
} }
resource "google_compute_subnetwork" "backend" { resource "google_compute_subnetwork" "backend_network" {
name = "mon-backend" name = "${var.project_name}-backend-subnet"
network = google_compute_network.vpc.id network = google_compute_network.vpc.id
ip_cidr_range = "10.0.2.0/24" ip_cidr_range = var.backend_cidr
region = var.region region = var.region
} }
resource "google_compute_subnetwork" "database" { resource "google_compute_subnetwork" "database_network" {
name = "mon-database" name = "${var.project_name}-database-subnet"
network = google_compute_network.vpc.id network = google_compute_network.vpc.id
ip_cidr_range = "10.0.3.0/24" ip_cidr_range = var.database_cidr
region = var.region region = var.region
} }
resource "google_compute_firewall" "ssh_firewall" { resource "google_compute_firewall" "ssh_firewall" {
name = "mon_ssh" name = "${var.project_name}-ssh"
network = google_compute_network.vpc.id network = google_compute_network.vpc.name
direction = "INGRESS"
priority = 1000
target_tags = ["ssh"]
source_ranges = [var.ssh_source_ranges]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["22"] ports = ["22"]
} }
source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh"]
} }
resource "google_compute_firewall" "frontend_firewall" { resource "google_compute_firewall" "frontend_firewall" {
name = "allow-http" name = "${var.project_name}-frontend-http-https"
network = google_compute_network.vpc.id network = google_compute_network.vpc.name
direction = "INGRESS"
priority = 1000
target_tags = ["frontend"]
source_ranges = ["0.0.0.0/0"]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["80", "443"] ports = ["80", "443"]
} }
source_ranges = ["0.0.0.0/0"]
target_tags = ["frontend"]
} }
resource "google_compute_firewall" "backend_firewall" { resource "google_compute_firewall" "backend_firewall" {
name = "allow-http" name = "${var.project_name}-frontend-to-backend-8000"
network = google_compute_network.vpc.id network = google_compute_network.vpc.name
direction = "INGRESS"
priority = 1000
target_tags = ["backend"]
source_tags = ["frontend"]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["8000"] ports = ["8000"]
} }
source_ranges = ["frontend"]
target_tags = ["backend"]
} }
resource "google_compute_firewall" "database_firewall" { resource "google_compute_firewall" "database_firewall" {
name = "allow-http" name = "${var.project_name}-backend-to-database-3306"
network = google_compute_network.vpc.id network = google_compute_network.vpc.name
direction = "INGRESS"
priority = 1000
target_tags = ["database"]
source_tags = ["backend"]
allow { allow {
protocol = "tcp" protocol = "tcp"
ports = ["3306"] ports = ["3306"]
} }
source_ranges = ["backend"]
target_tags = ["database"]
} }